You could also write it like this:
Category.find(:first, :conditions=> ["name LIKE :name AND parent_id
= :parent_id", {:name => self.name, :parent_id => self.parent_id}]
That should properly quote the SQL to avoid injections.
On Sep 7, 8:12 am, Salil Gaikwad <[email protected]>
wrote:
> Colin Law wrote:
> > 2009/9/7 Salil Gaikwad <[email protected]>:
> >> (name='salil's' and parent_id= 21) LIMIT 1
> > What does the code that generated this sql look like?
>
> > Colin
>
> Actuallt i used following code in my Model
> Category.find(:first, :conditions=>["name= #{self.name} and parent_id=
> 21"])
> it gives error Then i change it as follows
>
> Category.find(:first, :conditions=>["name= ? and "+query, self.name ])
>
> and it works like a magic.
> --
> Posted viahttp://www.ruby-forum.com/.
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "Ruby
on Rails: Talk" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en
-~----------~----~----~----~------~----~------~--~---
