On Mar 16, 6:15 pm, J Smith dark.pa...@gmail.com wrote:
I know this sort of feature has the potential to be abused and lead to
SQL injection attacks, so as a sanity check, I figured I'd check to
see if this sort of feature would be useful or if I'm as crazy as I
may potentially be for bringing
I would agree to using Arel.sql too. I had a patch in recently that made sure
that #limit would allow a that value to be passed thru to Arel untouched. I
think more relation methods should do this. Just recently I had a user on the
sqlserver adapter list wanting to pass a complex sql literal
On Thu, Mar 17, 2011 at 5:52 AM, Ernie Miller er...@metautonomo.us wrote:
The Arel.sql factory method already enables the easy creation of
SqlLiterals without monkeypatching String. Seems to me that this
method doesn't really give us anything much more convenient than that,
for the times when
On Thu, Mar 17, 2011 at 01:05:42PM -0400, J Smith wrote:
On Thu, Mar 17, 2011 at 5:52 AM, Ernie Miller er...@metautonomo.us wrote:
The Arel.sql factory method already enables the easy creation of
SqlLiterals without monkeypatching String. Seems to me that this
method doesn't really give
And please post a followup here. I'll contribute a patch too for #order if that
does not already.
- Ken
On Mar 17, 2011, at 4:24 PM, Aaron Patterson wrote:
How would I use Arel.sql relative to the example from earlier, i.e.
from the ActiveRecord attributes standpoint? This still seems to