Method: ActiveRecord::Sanitization::ClassMethods#sanitize_sql_like

Defined in:: activerecord/lib/active_record/sanitization.rb

#sanitize_sql_like(string, escape_character = "\\") ⇒ `Object`

Sanitizes a string so that it is safe to use within an SQL LIKE statement. This method uses escape_character to escape all occurrences of itself, “_” and “%”.

sanitize_sql_like("100% true!")
# => "100\\% true!"

sanitize_sql_like("snake_cased_string")
# => "snake\\_cased\\_string"

sanitize_sql_like("100% true!", "!")
# => "100!% true!!"

sanitize_sql_like("snake_cased_string", "!")
# => "snake!_cased!_string"

# File 'activerecord/lib/active_record/sanitization.rb', line 132

def sanitize_sql_like(string, escape_character = "\\")
  if string.include?(escape_character) && escape_character != "%" && escape_character != "_"
    string = string.gsub(escape_character, '\0\0')
  end

  string.gsub(/(?=[%_])/, escape_character)
end

Method: ActiveRecord::Sanitization::ClassMethods#sanitize_sql_like

#sanitize_sql_like(string, escape_character = "\\") ⇒ Object

#sanitize_sql_like(string, escape_character = "\\") ⇒ `Object`