Module: ActiveRecord::ConnectionAdapters::Quoting
| Relationships & Source Files | |
| Extension / Inclusion / Inheritance Descendants | |
|
Included In:
| |
| Defined in: | activerecord/lib/active_record/connection_adapters/abstract/quoting.rb |
Instance Method Summary
-
#quote(value)
Quotes the column value to help prevent SQL injection attacks.
-
#quote_column_name(column_name)
Quotes the column name.
-
#quote_string(s)
Quotes a string, escaping any ‘ (single quote) and \ (backslash) characters.
-
#quote_table_name(table_name)
Quotes the table name.
-
#quote_table_name_for_assignment(table, attr)
Override to return the quoted table name for assignment.
-
#quoted_date(value)
Quote date/time values for use in SQL input.
- #quoted_false
- #quoted_true
-
#type_cast(value, column = nil)
Cast a
valueto a type that the database understands. - #unquoted_false
- #unquoted_true
Instance Method Details
#quote(value)
Quotes the column value to help prevent SQL injection attacks.
# File 'activerecord/lib/active_record/connection_adapters/abstract/quoting.rb', line 11
def quote(value) value = id_value_for_database(value) if value.is_a?(Base) if value.respond_to?(:value_for_database) value = value.value_for_database end _quote(value) end
#quote_column_name(column_name)
Quotes the column name. Defaults to no quoting.
# File 'activerecord/lib/active_record/connection_adapters/abstract/quoting.rb', line 67
def quote_column_name(column_name) column_name.to_s end
#quote_string(s)
Quotes a string, escaping any ‘ (single quote) and \ (backslash) characters.
# File 'activerecord/lib/active_record/connection_adapters/abstract/quoting.rb', line 62
def quote_string(s) s.gsub('\\'.freeze, '\&\&'.freeze).gsub("'".freeze, "''".freeze) # ' (for ruby-mode) end
#quote_table_name(table_name)
Quotes the table name. Defaults to column name quoting.
# File 'activerecord/lib/active_record/connection_adapters/abstract/quoting.rb', line 72
def quote_table_name(table_name) quote_column_name(table_name) end
#quote_table_name_for_assignment(table, attr)
Override to return the quoted table name for assignment. Defaults to table quoting.
This works for mysql2 where table.column can be used to resolve ambiguity.
We override this in the sqlite3 and postgresql adapters to use only the column name (as per syntax requirements).
# File 'activerecord/lib/active_record/connection_adapters/abstract/quoting.rb', line 84
def quote_table_name_for_assignment(table, attr) quote_table_name("#{table}.#{attr}") end
#quoted_date(value)
Quote date/time values for use in SQL input. Includes microseconds if the value is a ::Time responding to usec.
# File 'activerecord/lib/active_record/connection_adapters/abstract/quoting.rb', line 115
def quoted_date(value) if value.acts_like?(:time) zone_conversion_method = ActiveRecord::Base.default_timezone == :utc ? :getutc : :getlocal if value.respond_to?(zone_conversion_method) value = value.send(zone_conversion_method) end end result = value.to_s(:db) if value.respond_to?(:usec) && value.usec > 0 "#{result}.#{sprintf("%06d", value.usec)}" else result end end
#quoted_false
[ GitHub ]# File 'activerecord/lib/active_record/connection_adapters/abstract/quoting.rb', line 105
def quoted_false "FALSE".freeze end
#quoted_true
[ GitHub ]# File 'activerecord/lib/active_record/connection_adapters/abstract/quoting.rb', line 97
def quoted_true "TRUE".freeze end
#type_cast(value, column = nil)
# File 'activerecord/lib/active_record/connection_adapters/abstract/quoting.rb', line 24
def type_cast(value, column = nil) value = id_value_for_database(value) if value.is_a?(Base) if column value = type_cast_from_column(column, value) end _type_cast(value) rescue TypeError to_type = column ? " to #{column.type}" : "" raise TypeError, "can't cast #{value.class}#{to_type}" end
#unquoted_false
[ GitHub ]# File 'activerecord/lib/active_record/connection_adapters/abstract/quoting.rb', line 109
def unquoted_false false end
#unquoted_true
[ GitHub ]# File 'activerecord/lib/active_record/connection_adapters/abstract/quoting.rb', line 101
def unquoted_true true end