I’m using a postgres database and have run into problems where
attributes on a model are not sanitised correctly before being saved.
The following code:
comment = Comment.new( :item => item )
comment.comment = “dog’s breakfast”
Produces the following incorrect SQL in my logs:
SELECT id FROM comments WHERE (item_id = 38 and comment = ‘Dog’s
breakfast’ and subscriber_id = ‘90’)
As you can see the ’ in “Dog’s breakfast” is causing issues. How do I
ensure this is sanitised correctly?