Any idea why I cant pass parameter value for the find_by_sql query ? simple example below wont work: loginid = "demo" sql = ''SELECT * FROM users where ownerid = "loginid"'' @imitems = Imitem.find_by_sql(sql); but if I change query to this it works: sql = ''SELECT * FROM users where ownerid = "demo"'' --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
On 6 May 2008, at 13:38, KTU wrote:> > Any idea why I cant pass parameter value for the find_by_sql query ? > simple example below wont work: > > loginid = "demo" > > sql = ''SELECT * FROM users where ownerid = "loginid"''Read up on your ruby. How''s ruby to know that loginid refers to a variable rather than just the string loginid. #{} and connection.quote are your friend. But before you do that, why on earth are you using find_by_sql? ImItem.find :all, :conditions => {:ownerid => loginid} is easier to understand and you have less chance of shooting yourself in the foot. Fred> > > @imitems = Imitem.find_by_sql(sql); > > but if I change query to this it works: > > sql = ''SELECT * FROM users where ownerid = "demo"'' > >--~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
Im using it since I have very complex query. I just put here simple example. And yes I tried "#{loginid}" but it wont pass the variable. On May 6, 3:56 pm, Frederick Cheung <frederick.che...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:> On 6 May 2008, at 13:38, KTU wrote: > > > > > Any idea why I cant pass parameter value for the find_by_sql query ? > > simple example below wont work: > > > loginid = "demo" > > > sql = ''SELECT * FROM users where ownerid = "loginid"'' > > Read up on your ruby. How''s ruby to know that loginid refers to a > variable rather than just the string loginid. > #{} and connection.quote are your friend. > But before you do that, why on earth are you using find_by_sql? > ImItem.find :all, :conditions => {:ownerid => loginid} > is easier to understand and you have less chance of shooting yourself > in the foot. > > Fred > > > > > @imitems = Imitem.find_by_sql(sql); > > > but if I change query to this it works: > > > sql = ''SELECT * FROM users where ownerid = "demo"''--~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
On 6 May 2008, at 14:28, KTU wrote:> > Im using it since I have very complex query. I just put here simple > example. And yes I tried "#{loginid}" but it wont pass the variable. >Because your string is using single quotes. Single quotes don''t interpolate. Fred> On May 6, 3:56 pm, Frederick Cheung <frederick.che...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> > wrote: >> On 6 May 2008, at 13:38, KTU wrote: >> >> >> >>> Any idea why I cant pass parameter value for the find_by_sql query ? >>> simple example below wont work: >> >>> loginid = "demo" >> >>> sql = ''SELECT * FROM users where ownerid = "loginid"'' >> >> Read up on your ruby. How''s ruby to know that loginid refers to a >> variable rather than just the string loginid. >> #{} and connection.quote are your friend. >> But before you do that, why on earth are you using find_by_sql? >> ImItem.find :all, :conditions => {:ownerid => loginid} >> is easier to understand and you have less chance of shooting yourself >> in the foot. >> >> Fred >> >> >> >>> @imitems = Imitem.find_by_sql(sql); >> >>> but if I change query to this it works: >> >>> sql = ''SELECT * FROM users where ownerid = "demo"'' > >--~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
You''re not using parameterized SQL. Try: @imitems = Imitem.find_by_sql(''select * from users where ownerid = ?'', loginid) HTH, -Roy -----Original Message----- From: rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org [mailto:rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org] On Behalf Of KTU Sent: Tuesday, May 06, 2008 5:38 AM To: Ruby on Rails: Talk Subject: [Rails] find_by_sql and passing parameter value Any idea why I cant pass parameter value for the find_by_sql query ? simple example below wont work: loginid = "demo" sql = ''SELECT * FROM users where ownerid = "loginid"'' @imitems = Imitem.find_by_sql(sql); but if I change query to this it works: sql = ''SELECT * FROM users where ownerid = "demo"'' --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---