Any idea why I cant pass parameter value for the find_by_sql query ? simple example below wont work: loginid = "demo" sql = ''SELECT * FROM users where ownerid = "loginid"'' @imitems = Imitem.find_by_sql(sql); but if I change query to this it works: sql = ''SELECT * FROM users where ownerid = "demo"'' --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
On 6 May 2008, at 13:38, KTU wrote:> > Any idea why I cant pass parameter value for the find_by_sql query ? > simple example below wont work: > > loginid = "demo" > > sql = ''SELECT * FROM users where ownerid = "loginid"''Read up on your ruby. How''s ruby to know that loginid refers to a variable rather than just the string loginid. #{} and connection.quote are your friend. But before you do that, why on earth are you using find_by_sql? ImItem.find :all, :conditions => {:ownerid => loginid} is easier to understand and you have less chance of shooting yourself in the foot. Fred> > > @imitems = Imitem.find_by_sql(sql); > > but if I change query to this it works: > > sql = ''SELECT * FROM users where ownerid = "demo"'' > >--~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
Im using it since I have very complex query. I just put here simple
example. And yes I tried "#{loginid}" but it wont pass the variable.
On May 6, 3:56 pm, Frederick Cheung
<frederick.che...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
wrote:> On 6 May 2008, at 13:38, KTU wrote:
>
>
>
> > Any idea why I cant pass parameter value for the find_by_sql query ?
> > simple example below wont work:
>
> > loginid = "demo"
>
> > sql = ''SELECT * FROM users where ownerid =
"loginid"''
>
> Read up on your ruby. How''s ruby to know that loginid refers to a
> variable rather than just the string loginid.
> #{} and connection.quote are your friend.
> But before you do that, why on earth are you using find_by_sql?
> ImItem.find :all, :conditions => {:ownerid => loginid}
> is easier to understand and you have less chance of shooting yourself
> in the foot.
>
> Fred
>
>
>
> > @imitems = Imitem.find_by_sql(sql);
>
> > but if I change query to this it works:
>
> > sql = ''SELECT * FROM users where ownerid =
"demo"''
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk-unsubscribe@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en
-~----------~----~----~----~------~----~------~--~---
On 6 May 2008, at 14:28, KTU wrote:> > Im using it since I have very complex query. I just put here simple > example. And yes I tried "#{loginid}" but it wont pass the variable. >Because your string is using single quotes. Single quotes don''t interpolate. Fred> On May 6, 3:56 pm, Frederick Cheung <frederick.che...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> > wrote: >> On 6 May 2008, at 13:38, KTU wrote: >> >> >> >>> Any idea why I cant pass parameter value for the find_by_sql query ? >>> simple example below wont work: >> >>> loginid = "demo" >> >>> sql = ''SELECT * FROM users where ownerid = "loginid"'' >> >> Read up on your ruby. How''s ruby to know that loginid refers to a >> variable rather than just the string loginid. >> #{} and connection.quote are your friend. >> But before you do that, why on earth are you using find_by_sql? >> ImItem.find :all, :conditions => {:ownerid => loginid} >> is easier to understand and you have less chance of shooting yourself >> in the foot. >> >> Fred >> >> >> >>> @imitems = Imitem.find_by_sql(sql); >> >>> but if I change query to this it works: >> >>> sql = ''SELECT * FROM users where ownerid = "demo"'' > >--~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
You''re not using parameterized SQL. Try:
@imitems = Imitem.find_by_sql(''select * from users where ownerid =
?'',
loginid)
HTH,
-Roy
-----Original Message-----
From: rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
[mailto:rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org] On Behalf Of
KTU
Sent: Tuesday, May 06, 2008 5:38 AM
To: Ruby on Rails: Talk
Subject: [Rails] find_by_sql and passing parameter value
Any idea why I cant pass parameter value for the find_by_sql query ?
simple example below wont work:
loginid = "demo"
sql = ''SELECT * FROM users where ownerid =
"loginid"''
@imitems = Imitem.find_by_sql(sql);
but if I change query to this it works:
sql = ''SELECT * FROM users where ownerid = "demo"''
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk-unsubscribe@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en
-~----------~----~----~----~------~----~------~--~---