Description
Backport #sanitize_sql_like method from Rails 4 for Rails 3.
Sanitizes a string so that it is safe to use within an SQL LIKE statement.
This method uses escape_character to escape all occurrences of “", ”_“ and ”%“
SanitizeSqlLike alternatives and similar gems
Based on the "ORM/ODM Extensions" category.
Alternatively, view SanitizeSqlLike alternatives based on common mentions on social networks and blogs.
-
-
ActsAsTaggableOn
A tagging plugin for Rails applications that allows for custom tagging along dynamic contexts. -
ActiveRecord Import
A library for bulk insertion of data into your database using ActiveRecord. -
Audited
Audited (formerly acts_as_audited) is an ORM extension that logs all changes to your Rails models. -
-
Apartment
Database multi-tenancy for Rack (and Rails) applications -
PublicActivity
Easy activity tracking for models - similar to Github's Public Activity -
Awesome Nested Set
An awesome replacement for acts_as_nested_set and better_nested_set. -
Closure Tree
Easily and efficiently make your ActiveRecord models support hierarchies -
Enumerize
Enumerated attributes with I18n and ActiveRecord/Mongoid support -
Ruby JSON Schema Validator
Ruby JSON Schema Validator -
-
ActiveRecord Reputation System
An Active Record Reputation System for Rails -
-
Acts As Tennant
Easy multi-tenancy for Rails in a shared database setup. -
ActsAsParanoid
ActiveRecord plugin allowing you to hide and restore records without actually deleting them. -
dry-validation
Validation library with type-safe schemas and rules -
-
acts_as_follower
A Gem to add Follow functionality for models -
ActiveRecordExtended
Adds additional postgres functionality to an ActiveRecord / Rails application -
ranked-model
An acts_as_sortable/acts_as_list replacement built for Rails 4, 5 and 6 -
Acts As Commentable
The ActiveRecord acts_as_commentable plugin -
Rails PG Extras
Rails PostgreSQL database performance insights. Locks, index usage, buffer cache hit ratios, vacuum stats and more. -
Acts As Commentable with Threading
Similar to acts_as_commentable; however, utilizes awesome_nested_set to provide threaded comments -
activerecord-multi-tenant
Rails/ActiveRecord support for distributed multi-tenant databases like Postgres+Citus -
StoreModel
Work with JSON-backed attributes as ActiveRecord-ish models -
Unread
Handle unread records and mark them as read with Ruby on Rails -
ActsAsTree
ActsAsTree -- Extends ActiveRecord to add simple support for organizing items into parent–children relationships. -
mongoid-history
Multi-user non-linear history tracking, auditing, undo, redo for mongoid. -
ArLazyPreload
Lazy loading associations for the ActiveRecord models -
activerecord_json_validator
🔩 ActiveRecord::JSONValidator makes it easy to validate JSON attributes against a JSON schema. -
ActiveImporter
Define importers that load tabular data from spreadsheets or CSV files into any ActiveRecord-like ORM. -
arel-helpers
Useful tools to help construct database queries with ActiveRecord and Arel. -
-
Mongoid Tree
A tree structure for Mongoid documents using the materialized path pattern -
ActiveValidators
Collection of ActiveModel/ActiveRecord validators -
PermenantRecords
Rails Plugin - soft-delete your ActiveRecord records. It's like an explicit version of ActsAsParanoid -
ActiveRecord::Turntable
ActiveRecord Sharding Plugin -
data_miner
Download, unpack from a ZIP/TAR/GZ/BZ2 archive, parse, correct, convert units and import Google Spreadsheets, XLS, ODS, XML, CSV, HTML, etc. into your ActiveRecord models. Uses RemoteTable gem internally. -
mini_record
ActiveRecord meets DataMapper, with MiniRecord you are be able to write schema inside your models. -
Espinita
Audit activerecord models like a boss (and works with rails 4!)
Collect and Analyze Billions of Data Points in Real Time
* Code Quality Rankings and insights are calculated and provided by Lumnify.
They vary from L1 to L5 with "L5" being the highest.
Do you think we are missing an alternative of SanitizeSqlLike or a related project?
|
Updating dependencies is time-consuming.
sponsored
blog.mergify.com
|
Popular Comparisons
-
SanitizeSqlLikevsApartment
-
SanitizeSqlLikevsranked-model
-
SanitizeSqlLikevsRuby JSON Schema Validator
-
SanitizeSqlLikevsrails_or
-
SanitizeSqlLikevsGoldiloader
|
Static code analysis for 29 languages.
sponsored
www.sonarqube.org
|
README
SanitizeSqlLike
Backport #sanitize_sql_like method from Rails 4 for Rails 3.
Sanitizes a string so that it is safe to use within an SQL LIKE statement.
This method uses escape_character to escape all occurrences of “", ”_“ and ”%“
Installation
Add this line to your application's Gemfile:
gem 'sanitize_sql_like'
And then execute:
$ bundle
Or install it yourself as:
$ gem install sanitize_sql_like
Usage
Prevent SQL injection using LIKE operator in SQL query:
# Bad
User.where("nickname LIKE ?", "%#{params[:nickname]}%")
# Good
User.where("nickname LIKE ?", "%#{User.send(:sanitize_sql_like, params[:nickname])}%")
Development
After checking out the repo, run bin/setup to install dependencies. Then, run rake test to run the tests. You can also run bin/console for an interactive prompt that will allow you to experiment.
To install this gem onto your local machine, run bundle exec rake install. To release a new version, update the version number in version.rb, and then run bundle exec rake release, which will create a git tag for the version, push git commits and tags, and push the .gem file to rubygems.org.
Contributing
Bug reports and pull requests are welcome on GitHub at https://github.com/khiav223577/sanitize_sql_like. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the Contributor Covenant code of conduct.
License
The gem is available as open source under the terms of the MIT License.
*Note that all licence references and agreements mentioned in the SanitizeSqlLike README section above
are relevant to that project's source code only.