Displaying 2 results from an estimated 2 matches for "sort_dir".
Did you mean:
sort_db
2008 Aug 23
1
Route segment ":controller" cannot be optional because it precedes a required segment.
Hi,
With this route...
map.namespace :admin do |admin|
admin.sort ''/:controller/sort/:sort_by/:sort_dir'', :action => ''sort''
end
...I get this message...
Route segment ":controller" cannot be optional because it precedes a
required segment. This segment will be required.
The route works as expected, but the warning is worrying. Any ideas?
Thanks,
Dave
--~-...
2007 Oct 15
6
SQL injection with :order, :limit, :group
I know how to avoid SQL injection attacks when you use :conditions
User.find :first, :conditions => ["login=?", params[:username]]
but how about with :order, :limit or :group?
# uh-oh...spaghetti-oh
User.find :first, :order => "login; delete from users; select * from users"
Pat
--~--~---------~--~----~------------~-------~--~----~
You received this message because you