An update to this post: Here, i'm trying to figure out which is the better approach or best practice to show only active categories records from the category table.
Also, i want to prevent any SQL injection. Do u think, using find_by_sql approach could protect the page from sql injection to view all categories? thanks, radha RailsFan Radha wrote: > > > Colin Law wrote: >> On 29 June 2010 03:19, RailsFan Radha <[email protected]> wrote: >>>> >>>> � def list >>> >>> �def self.find_active_categories >>> � � �find_by_sql("SELECT * from category >>> � � � � � where status = 'A') >>> � � �order by category_id ") >>> �end >> >> Don't use find_by_sql unless absolutely necessary. The above can be >> done by using the :conditions and :order options in find. Also as I >> suggested previously, I would use a named scope (with default_scope >> for the order if you will always sort by the same thing). >> >>> >>> And changed the controller, list action to call this new method. >>> >>> � def list >>> � � � @categories=Category.find_active_categories >>> � end >>> >>> And this seems to be working. >>> Let me know if i have missed any or please add any additional info which >>> this implies too. >> >> Do you always want to just show active categories on the index? If so >> then that concept is ok (subject to comments above). >> >> Colin > > > > Thanks for ur response Colin. (I have earlier posted a solution using > find_by_sql for this problem) > > > What is the bext practice in this case? (Yes, I always want to show the > active records only ). > Using find_by_sql or using a condition in the find :all ? ( I like SQLs, > but as far as the performance goes which approach is better? ) > > > Can someone throw light in this please? > > - thanks -- Posted via http://www.ruby-forum.com/. -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
