Forum: Ruby on Rails Search

Announcement (2017-05-07): www.ruby-forum.com is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see rubyonrails.org/community and ruby-lang.org/en/community for other Rails- und Ruby-related community platforms.
6983e7aaea82078286d067a9d4e688d4?d=identicon&s=25 Daynthan Kabilan (Guest)
on 2013-12-24 07:47
(Received via mailing list)
Hi all,

how to avoid single quote in our rails search

Example

in my users table  user_name=ram'kumar

my search query

params[:name]=ramkumar

@ans=Users.where("user_name=?",params[:name])

how can i get the value?

any one give me a solution


Thankyou.
9570b2f45e7de7a24d8f3bf4b2517192?d=identicon&s=25 Rob Biedenharn (Guest)
on 2013-12-24 08:09
(Received via mailing list)
On 2013-Dec-24, at 01:45 , Daynthan Kabilan <dayanthan86@gmail.com>
wrote:

> params[:name]=ramkumar
>
> @ans=Users.where("user_name=?",params[:name])

@ans = User.where(user_name: params[:name])

and let the ActiveRecord gem sanitize the parameters

If you're not using the latest version of Rails, you'll need to give
more specifics before you can get better help.

-Rob
This topic is locked and can not be replied to.