I have an assignment and I need to be able to run a query inputted by
the user (no matter what the query). Also I need to display the result
cleanly with the field names if the query was a select query. So far I
have
@result = ActiveRecord::Base.connection.execute(params[:query])
and in my view I have
<% for result in @result %>
<%= result %>
<% end %>
but this returns all the the data as a single line. Please help!
On May 16, 6:17 am, “[email protected]” [email protected] wrote:
I have an assignment and I need to be able to run a query inputted by
the user (no matter what the query). Also I need to display the result
cleanly with the field names if the query was a select query. So far I
have
@result = ActiveRecord::Base.connection.execute(params[:query])
Use connection.select_all and hope that the user doesn’t try and
delete your database.
Fred