From d14a5defeb0c9f2972f90d83cb625beed8105d76 Mon Sep 17 00:00:00 2001
From: Ryuta Kamizono <kamipo@gmail.com>
Date: Sun, 31 Jul 2016 13:26:14 +0900
Subject: Remove internal `sanitize` method

Currently internal `sanitize`/`quote_value` method is only used for `quoted_id`.
Simply it is enough to use `connection.quote` public API instead.
---
 activerecord/lib/active_record/sanitization.rb | 9 +--------
 activerecord/test/cases/finder_test.rb         | 5 -----
 2 files changed, 1 insertion(+), 13 deletions(-)

(limited to 'activerecord')

diff --git a/activerecord/lib/active_record/sanitization.rb b/activerecord/lib/active_record/sanitization.rb
index f007e9e733..f090c8ffd1 100644
--- a/activerecord/lib/active_record/sanitization.rb
+++ b/activerecord/lib/active_record/sanitization.rb
@@ -5,13 +5,6 @@ module ActiveRecord
     extend ActiveSupport::Concern
 
     module ClassMethods
-      # Used to sanitize objects before they're used in an SQL SELECT statement.
-      # Delegates to {connection.quote}[rdoc-ref:ConnectionAdapters::Quoting#quote].
-      def sanitize(object) # :nodoc:
-        connection.quote(object)
-      end
-      alias_method :quote_value, :sanitize
-
       protected
 
       # Accepts an array or string of SQL conditions and sanitizes
@@ -216,7 +209,7 @@ module ActiveRecord
 
     # TODO: Deprecate this
     def quoted_id # :nodoc:
-      self.class.quote_value(@attributes[self.class.primary_key].value_for_database)
+      self.class.connection.quote(@attributes[self.class.primary_key].value_for_database)
     end
   end
 end
diff --git a/activerecord/test/cases/finder_test.rb b/activerecord/test/cases/finder_test.rb
index 6eaaa30cd0..80fed50dbe 100644
--- a/activerecord/test/cases/finder_test.rb
+++ b/activerecord/test/cases/finder_test.rb
@@ -877,11 +877,6 @@ class FinderTest < ActiveRecord::TestCase
     assert_kind_of Time, Topic.where(["id = :id", { id: 1 }]).first.written_on
   end
 
-  def test_string_sanitation
-    assert_not_equal "'something ' 1=1'", ActiveRecord::Base.sanitize("something ' 1=1")
-    assert_equal "'something; select table'", ActiveRecord::Base.sanitize("something; select table")
-  end
-
   def test_count_by_sql
     assert_equal(0, Entrant.count_by_sql("SELECT COUNT(*) FROM entrants WHERE id > 3"))
     assert_equal(1, Entrant.count_by_sql(["SELECT COUNT(*) FROM entrants WHERE id > ?", 2]))
-- 
cgit v1.2.3