From 56fb3b1594d97fa00dd8d8d95f1d5bf7c30380ee Mon Sep 17 00:00:00 2001
From: Ken Collins <ken@metaskills.net>
Date: Wed, 9 Feb 2011 11:07:25 -0500
Subject: Allow limit values to accept an ARel SQL literal.

---
 .../connection_adapters/abstract/database_statements.rb        | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

(limited to 'activerecord/lib/active_record')

diff --git a/activerecord/lib/active_record/connection_adapters/abstract/database_statements.rb b/activerecord/lib/active_record/connection_adapters/abstract/database_statements.rb
index 5f30b972f5..7e3f58a411 100644
--- a/activerecord/lib/active_record/connection_adapters/abstract/database_statements.rb
+++ b/activerecord/lib/active_record/connection_adapters/abstract/database_statements.rb
@@ -278,13 +278,17 @@ module ActiveRecord
 
       # Sanitizes the given LIMIT parameter in order to prevent SQL injection.
       #
-      # +limit+ may be anything that can evaluate to a string via #to_s. It
-      # should look like an integer, or a comma-delimited list of integers.
+      # The +limit+ may be anything that can evaluate to a string via #to_s. It
+      # should look like an integer, or a comma-delimited list of integers, or 
+      # an Arel SQL literal.
       #
+      # Returns Integer and Arel::Nodes::SqlLiteral limits as is. 
       # Returns the sanitized limit parameter, either as an integer, or as a
       # string which contains a comma-delimited list of integers.
       def sanitize_limit(limit)
-        if limit.to_s =~ /,/
+        if limit.is_a?(Integer) || limit.is_a?(Arel::Nodes::SqlLiteral)
+          limit
+        elsif limit.to_s =~ /,/
           Arel.sql limit.to_s.split(',').map{ |i| Integer(i) }.join(',')
         else
           Integer(limit)
-- 
cgit v1.2.3