Okay this is better: @location_products = @location.location_products.find(:all, :conditions => ["product_id in (select id from products where name like ?)","%" + params[:search] + "%"]) unless params[:search].nil?
On Feb 8, 5:44 pm, Brian Corbin <[email protected]> wrote: > Ack that's no good as it introduces a SQL injection attack vector :( > > On Feb 8, 5:35 pm, Brian Corbin <[email protected]> wrote: > > > > > I think I have search working by doing this: > > �...@location_products = @location.location_products unless ! > > params[:search].nil? > > �...@location_products = > > @location.location_products.find(:all, :conditions => "product_id in > > (select id from products where name like '%" + params[:search] + > > "%')") unless params[:search].nil? > > > Working on sort now... > > > On Feb 8, 4:21 pm, Brian Corbin <[email protected]> wrote: > > > > My apologies for yet another thread on table-plus, but I didn't see > > > the answer for this particular problem. I'm trying to enable sorting > > > and searching for a table-plus tag on the show controller of my > > > Location model. The goal is to be able to view the Products stored at > > > a Location > > > > In locations\show.dryml: > > > <table-plus with="&@location_products" fields="product.name, > > > product.code, current, minimum, restock_to"> > > > > In controllers\locations_controller.rb: > > > def show > > > �...@location = find_instance > > > �...@location_products = > > > �[email protected]_products.apply_scopes(:search => > > > [params[:search], ???What goes here??? ], > > > :order_by => parse_sort_param(??? > > > What goes here???, :current, :minimum, :restock_to)) > > > > end > > > > So the question is how do I allow searching and sorting on > > > product.name and/or product.code? > > > > Here are the relationships (pseudo-code): > > > Location has_many :products, :through => :location_products, > > > has_many :location_products > > > Product has_many :location_products, has_many :locations, :through > > > => :location_products, :accessible => true > > > location_products belongs_to :location, belongs_to :product > > > > Thanks in advance! -- You received this message because you are subscribed to the Google Groups "Hobo Users" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/hobousers?hl=en.
