From 1ffd5ec91069167043c8ecd0d949098f566d88eb Mon Sep 17 00:00:00 2001
From: Joost Baaij <joost@spacebabies.nl>
Date: Tue, 8 Nov 2011 16:27:15 +0100
Subject: Replace example with SQL placeholder syntax. This works just fine, is
 less code, and reduces the risk of someone implementing a SQL injection
 vulnerability.

---
 railties/guides/source/association_basics.textile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'railties/guides/source')

diff --git a/railties/guides/source/association_basics.textile b/railties/guides/source/association_basics.textile
index 6829eb8ef4..451653655f 100644
--- a/railties/guides/source/association_basics.textile
+++ b/railties/guides/source/association_basics.textile
@@ -1234,7 +1234,7 @@ If you need to evaluate conditions dynamically at runtime, use a proc:
 <ruby>
 class Customer < ActiveRecord::Base
   has_many :latest_orders, :class_name => "Order",
-    :conditions => proc { "orders.created_at > #{10.hours.ago.to_s(:db).inspect}" }
+    :conditions => proc { ["orders.created_at > ?, 10.hours.ago] }
 end
 </ruby>
 
-- 
cgit v1.2.3