I've found there are some times where jumping straight to the database is
easier than going through ActiveRecord (for instance: odd calculations
being performed or large sets of data being returned that don't need to be
instantiated into AR models). I can't find an easy or accepted way to bind
variables in a custom SQL clause. sanitize_sql_array is protected, so you
would have to call it with send(), which just feels dirty.
ActiveRecord::Base.connection.quote() doesn't play well with dates.
Am I missing a function that let's me use placeholders like the
ActiveRecord where() with my plain SQL clauses?
If not, has this been a specific design to make sanitizing SQL fragments
difficult? Perhaps to discourage it? Or is it due to the different database
drivers?
Rails is usually straight forward and intuitive, I've just found with SQL
fragments I have to pull teeth to kinda get it to work.
--
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to
rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org
To view this discussion on the web visit
https://groups.google.com/d/msgid/rubyonrails-talk/b538b19c-6755-4fac-9bf2-77e3511bb818%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.