Forum: Ruby on Rails Search

6983e7aaea82078286d067a9d4e688d4?d=identicon&s=25 Daynthan Kabilan (Guest)
on 2013-12-24 07:47
(Received via mailing list)
Hi all,

how to avoid single quote in our rails search

Example

in my users table  user_name=ram'kumar

my search query

params[:name]=ramkumar

@ans=Users.where("user_name=?",params[:name])

how can i get the value?

any one give me a solution


Thankyou.
9570b2f45e7de7a24d8f3bf4b2517192?d=identicon&s=25 Rob Biedenharn (Guest)
on 2013-12-24 08:09
(Received via mailing list)
On 2013-Dec-24, at 01:45 , Daynthan Kabilan <dayanthan86@gmail.com>
wrote:

> params[:name]=ramkumar
>
> @ans=Users.where("user_name=?",params[:name])

@ans = User.where(user_name: params[:name])

and let the ActiveRecord gem sanitize the parameters

If you're not using the latest version of Rails, you'll need to give
more specifics before you can get better help.

-Rob
Please log in before posting. Registration is free and takes only a minute.
Existing account

NEW: Do you have a Google/GoogleMail, Yahoo or Facebook account? No registration required!
Log in with Google account | Log in with Yahoo account | Log in with Facebook account
No account? Register here.