This project is archived and is in readonly mode.
:having conditions need sanitizing
Reported by Will Bryant | March 6th, 2009 @ 10:16 PM | in 2.x
The recently-introduced :having support isn't sanitizing the conditions, so whereas:
:having => 'sum(credit_limit) > 50'
works,
:having => ['sum(credit_limit) > ?', 50]
This is a bit of a hole since HAVING is almost always used with values, which will as often as not come in dynamically. The attached patch sanitizes them as for :conditions.
Comments and changes to this ticket
-
Repository March 6th, 2009 @ 10:30 PM
- State changed from “new” to “resolved”
(from [7fb7b48a1f771e50896a82d749a70922a18afae7]) Allow :having conditions to be sanitized like regular :condition. [#2158 state:resolved]
Signed-off-by: Pratik Naik pratiknaik@gmail.com http://github.com/rails/rails/co...
Create your profile
Help contribute to this project by taking a few moments to create your personal profile. Create your profile »
<h2 style="font-size: 14px">Tickets have moved to Github</h2>
The new ticket tracker is available at <a href="https://github.com/rails/rails/issues">https://github.com/rails/rails/issues</a>
People watching this ticket
- Nobody is watching this ticket.
Attachments
Referenced by
-
2158
:having conditions need sanitizing
(from [7fb7b48a1f771e50896a82d749a70922a18afae7]) Allow :...