Methods
- quote
- quote_column_name
- quote_string
- quote_table_name
- quote_table_name_for_assignment
- quoted_date
- quoted_false
- quoted_true
- type_cast
- unquoted_false
- unquoted_true
Instance Public methods
quote(value)
Quotes the column value to help prevent SQL injection attacks.
📝 Source code
# File activerecord/lib/active_record/connection_adapters/abstract/quoting.rb, line 11
def quote(value)
if value.is_a?(Base)
ActiveSupport::Deprecation.warn(<<~MSG)
Passing an Active Record object to `quote` directly is deprecated
and will be no longer quoted as id value in Rails 7.0.
MSG
value = value.id_for_database
end
_quote(value)
endquote_column_name(column_name)
Quotes the column name. Defaults to no quoting.
📝 Source code
# File activerecord/lib/active_record/connection_adapters/abstract/quoting.rb, line 66
def quote_column_name(column_name)
column_name.to_s
endquote_string(s)
Quotes a string, escaping any ' (single quote) and \ (backslash) characters.
📝 Source code
# File activerecord/lib/active_record/connection_adapters/abstract/quoting.rb, line 61
def quote_string(s)
s.gsub('\\', '\&\&').gsub("'", "''") # ' (for ruby-mode)
endquote_table_name(table_name)
Quotes the table name. Defaults to column name quoting.
📝 Source code
# File activerecord/lib/active_record/connection_adapters/abstract/quoting.rb, line 71
def quote_table_name(table_name)
quote_column_name(table_name)
endquote_table_name_for_assignment(table, attr)
Override to return the quoted table name for assignment. Defaults to table quoting.
This works for mysql2 where table.column can be used to resolve ambiguity.
We override this in the sqlite3 and postgresql adapters to use only the column name (as per syntax requirements).
📝 Source code
# File activerecord/lib/active_record/connection_adapters/abstract/quoting.rb, line 83
def quote_table_name_for_assignment(table, attr)
quote_table_name("#{table}.#{attr}")
endquoted_date(value)
Quote date/time values for use in SQL input. Includes microseconds if the value is a Time responding to usec.
📝 Source code
# File activerecord/lib/active_record/connection_adapters/abstract/quoting.rb, line 114
def quoted_date(value)
if value.acts_like?(:time)
if ActiveRecord::Base.default_timezone == :utc
value = value.getutc if value.respond_to?(:getutc) && !value.utc?
else
value = value.getlocal if value.respond_to?(:getlocal)
end
end
result = value.to_s(:db)
if value.respond_to?(:usec) && value.usec > 0
result << "." << sprintf("%06d", value.usec)
else
result
end
endquoted_false()
📝 Source code
# File activerecord/lib/active_record/connection_adapters/abstract/quoting.rb, line 104
def quoted_false
"FALSE"
endquoted_true()
📝 Source code
# File activerecord/lib/active_record/connection_adapters/abstract/quoting.rb, line 96
def quoted_true
"TRUE"
endtype_cast(value, column = nil)
Cast a value to a type that the database understands. For example, SQLite does not understand dates, so this method will convert a Date to a String.
📝 Source code
# File activerecord/lib/active_record/connection_adapters/abstract/quoting.rb, line 26
def type_cast(value, column = nil)
if value.is_a?(Base)
ActiveSupport::Deprecation.warn(<<~MSG)
Passing an Active Record object to `type_cast` directly is deprecated
and will be no longer type casted as id value in Rails 7.0.
MSG
value = value.id_for_database
end
if column
ActiveSupport::Deprecation.warn(<<~MSG)
Passing a column to `type_cast` is deprecated and will be removed in Rails 7.0.
MSG
type = lookup_cast_type_from_column(column)
value = type.serialize(value)
end
_type_cast(value)
endunquoted_false()
📝 Source code
# File activerecord/lib/active_record/connection_adapters/abstract/quoting.rb, line 108
def unquoted_false
false
endunquoted_true()
📝 Source code
# File activerecord/lib/active_record/connection_adapters/abstract/quoting.rb, line 100
def unquoted_true
true
end