I have a query I am mapping to a Struct that takes two parameters. What is
the proper method for escaping the parameters to avoid sql injection issues
with sqlite3, when using ActiveRecord::Base.connection.select_all? I have
tried using ? but that does not seem to work at all I get an empty array.
Simply sticking the variable into the string with #{} yields the expected
results.
--
You received this message because you are subscribed to the Google Groups "Ruby
on Rails: Talk" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en.
