aboutsummaryrefslogtreecommitdiffstats
path: root/activerecord/lib
diff options
context:
space:
mode:
authorKen Collins <ken@metaskills.net>2011-02-09 11:07:25 -0500
committerAaron Patterson <aaron.patterson@gmail.com>2011-02-09 08:33:40 -0800
commit56fb3b1594d97fa00dd8d8d95f1d5bf7c30380ee (patch)
tree81235df49ce56539cafa5df4a704293806696437 /activerecord/lib
parentc6b4ef082f80255c1e3ec6e4feb1d199ed1e7efa (diff)
downloadrails-56fb3b1594d97fa00dd8d8d95f1d5bf7c30380ee.tar.gz
rails-56fb3b1594d97fa00dd8d8d95f1d5bf7c30380ee.tar.bz2
rails-56fb3b1594d97fa00dd8d8d95f1d5bf7c30380ee.zip
Allow limit values to accept an ARel SQL literal.
Diffstat (limited to 'activerecord/lib')
-rw-r--r--activerecord/lib/active_record/connection_adapters/abstract/database_statements.rb10
1 files changed, 7 insertions, 3 deletions
diff --git a/activerecord/lib/active_record/connection_adapters/abstract/database_statements.rb b/activerecord/lib/active_record/connection_adapters/abstract/database_statements.rb
index 5f30b972f5..7e3f58a411 100644
--- a/activerecord/lib/active_record/connection_adapters/abstract/database_statements.rb
+++ b/activerecord/lib/active_record/connection_adapters/abstract/database_statements.rb
@@ -278,13 +278,17 @@ module ActiveRecord
# Sanitizes the given LIMIT parameter in order to prevent SQL injection.
#
- # +limit+ may be anything that can evaluate to a string via #to_s. It
- # should look like an integer, or a comma-delimited list of integers.
+ # The +limit+ may be anything that can evaluate to a string via #to_s. It
+ # should look like an integer, or a comma-delimited list of integers, or
+ # an Arel SQL literal.
#
+ # Returns Integer and Arel::Nodes::SqlLiteral limits as is.
# Returns the sanitized limit parameter, either as an integer, or as a
# string which contains a comma-delimited list of integers.
def sanitize_limit(limit)
- if limit.to_s =~ /,/
+ if limit.is_a?(Integer) || limit.is_a?(Arel::Nodes::SqlLiteral)
+ limit
+ elsif limit.to_s =~ /,/
Arel.sql limit.to_s.split(',').map{ |i| Integer(i) }.join(',')
else
Integer(limit)
generated by cgit v1.2.3 (git 2.25.1) at 2025-04-17 00:12:15 +0000