Methods
- quote
- quote_column_name
- quote_string
- quote_table_name
- quote_table_name_for_assignment
- quoted_date
- quoted_false
- quoted_true
- type_cast
- unquoted_false
- unquoted_true
Instance Public methods
quote(value)
Quotes the column value to help prevent SQL injection attacks.
Source:
# File activerecord/lib/active_record/connection_adapters/abstract/quoting.rb, line 11
def quote(value)
value = id_value_for_database(value) if value.is_a?(Base)
if value.respond_to?(:value_for_database)
value = value.value_for_database
end
_quote(value)
endquote_column_name(column_name)
Quotes the column name. Defaults to no quoting.
Source:
# File activerecord/lib/active_record/connection_adapters/abstract/quoting.rb, line 67
def quote_column_name(column_name)
column_name.to_s
endquote_string(s)
Quotes a string, escaping any ' (single quote) and \ (backslash) characters.
Source:
# File activerecord/lib/active_record/connection_adapters/abstract/quoting.rb, line 62
def quote_string(s)
s.gsub('\\'.freeze, '\&\&'.freeze).gsub("'".freeze, "''".freeze) # ' (for ruby-mode)
endquote_table_name(table_name)
Quotes the table name. Defaults to column name quoting.
Source:
# File activerecord/lib/active_record/connection_adapters/abstract/quoting.rb, line 72
def quote_table_name(table_name)
quote_column_name(table_name)
endquote_table_name_for_assignment(table, attr)
Override to return the quoted table name for assignment. Defaults to table quoting.
This works for mysql2 where table.column can be used to resolve ambiguity.
We override this in the sqlite3 and postgresql adapters to use only the column name (as per syntax requirements).
Source:
# File activerecord/lib/active_record/connection_adapters/abstract/quoting.rb, line 84
def quote_table_name_for_assignment(table, attr)
quote_table_name("#{table}.#{attr}")
endquoted_date(value)
Quote date/time values for use in SQL input. Includes microseconds if the value is a Time responding to usec.
Source:
# File activerecord/lib/active_record/connection_adapters/abstract/quoting.rb, line 115
def quoted_date(value)
if value.acts_like?(:time)
zone_conversion_method = ActiveRecord::Base.default_timezone == :utc ? :getutc : :getlocal
if value.respond_to?(zone_conversion_method)
value = value.send(zone_conversion_method)
end
end
result = value.to_s(:db)
if value.respond_to?(:usec) && value.usec > 0
"#{result}.#{sprintf("%06d", value.usec)}"
else
result
end
endquoted_false()
Source:
# File activerecord/lib/active_record/connection_adapters/abstract/quoting.rb, line 105
def quoted_false
"FALSE".freeze
endquoted_true()
Source:
# File activerecord/lib/active_record/connection_adapters/abstract/quoting.rb, line 97
def quoted_true
"TRUE".freeze
endtype_cast(value, column = nil)
Cast a value to a type that the database understands. For example, SQLite does not understand dates, so this method will convert a Date to a String.
Source:
# File activerecord/lib/active_record/connection_adapters/abstract/quoting.rb, line 24
def type_cast(value, column = nil)
value = id_value_for_database(value) if value.is_a?(Base)
if column
value = type_cast_from_column(column, value)
end
_type_cast(value)
rescue TypeError
to_type = column ? " to #{column.type}" : ""
raise TypeError, "can't cast #{value.class}#{to_type}"
endunquoted_false()
Source:
# File activerecord/lib/active_record/connection_adapters/abstract/quoting.rb, line 109
def unquoted_false
false
endunquoted_true()
Source:
# File activerecord/lib/active_record/connection_adapters/abstract/quoting.rb, line 101
def unquoted_true
true
end