Description
Backport #sanitize_sql_like method from Rails 4 for Rails 3.
Sanitizes a string so that it is safe to use within an SQL LIKE statement.
This method uses escape_character to escape all occurrences of “", ”_“ and ”%“
SanitizeSqlLike alternatives and similar gems
Based on the "ORM/ODM Extensions" category.
Alternatively, view SanitizeSqlLike alternatives based on common mentions on social networks and blogs.
-
-
ActsAsTaggableOn
A tagging plugin for Rails applications that allows for custom tagging along dynamic contexts. -
Audited
Audited (formerly acts_as_audited) is an ORM extension that logs all changes to your Rails models. -
-
-
-
-
-
-
-
-
-
-
-
ActsAsParanoid
ActiveRecord plugin allowing you to hide and restore records without actually deleting them. -
-
Rails PG Extras
Rails PostgreSQL database performance insights. Locks, index usage, buffer cache hit ratios, vacuum stats and more. -
Acts As Commentable with Threading
Similar to acts_as_commentable; however, utilizes awesome_nested_set to provide threaded comments -
activerecord-multi-tenant
Rails/ActiveRecord support for distributed multi-tenant databases like Postgres+Citus -
ActsAsTree
ActsAsTree -- Extends ActiveRecord to add simple support for organizing items into parent–children relationships. -
-
activerecord_json_validator
🔩 ActiveRecord::JSONValidator makes it easy to validate JSON attributes against a JSON schema. -
ActiveImporter
Define importers that load tabular data from spreadsheets or CSV files into any ActiveRecord-like ORM. -
-
PermenantRecords
Rails Plugin - soft-delete your ActiveRecord records. It's like an explicit version of ActsAsParanoid -
-
data_miner
Download, unpack from a ZIP/TAR/GZ/BZ2 archive, parse, correct, convert units and import Google Spreadsheets, XLS, ODS, XML, CSV, HTML, etc. into your ActiveRecord models. Uses RemoteTable gem internally. -
mini_record
ActiveRecord meets DataMapper, with MiniRecord you are be able to write schema inside your models.
WorkOS - The modern identity platform for B2B SaaS
* Code Quality Rankings and insights are calculated and provided by Lumnify.
They vary from L1 to L5 with "L5" being the highest.
Do you think we are missing an alternative of SanitizeSqlLike or a related project?
README
SanitizeSqlLike
Backport #sanitize_sql_like method from Rails 4 for Rails 3.
Sanitizes a string so that it is safe to use within an SQL LIKE statement.
This method uses escape_character to escape all occurrences of “", ”_“ and ”%“
Installation
Add this line to your application's Gemfile:
gem 'sanitize_sql_like'
And then execute:
$ bundle
Or install it yourself as:
$ gem install sanitize_sql_like
Usage
Prevent SQL injection using LIKE operator in SQL query:
# Bad
User.where("nickname LIKE ?", "%#{params[:nickname]}%")
# Good
User.where("nickname LIKE ?", "%#{User.send(:sanitize_sql_like, params[:nickname])}%")
Development
After checking out the repo, run bin/setup to install dependencies. Then, run rake test to run the tests. You can also run bin/console for an interactive prompt that will allow you to experiment.
To install this gem onto your local machine, run bundle exec rake install. To release a new version, update the version number in version.rb, and then run bundle exec rake release, which will create a git tag for the version, push git commits and tags, and push the .gem file to rubygems.org.
Contributing
Bug reports and pull requests are welcome on GitHub at https://github.com/khiav223577/sanitize_sql_like. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the Contributor Covenant code of conduct.
License
The gem is available as open source under the terms of the MIT License.
*Note that all licence references and agreements mentioned in the SanitizeSqlLike README section above
are relevant to that project's source code only.