Module: ActiveRecord::ConnectionAdapters::Quoting

Defined in:
lib/active_record/connection_adapters/sqlserver_adapter.rb

Overview

If value is a string and destination column is binary, don’t quote the string for MS SQL

Instance Method Summary collapse

Instance Method Details

#quote(value, column = nil) ⇒ Object

Quotes the column value to help prevent SQL injection attacks.



826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
 
# File 'lib/active_record/connection_adapters/sqlserver_adapter.rb', line 826

def quote(value, column = nil)
  # records are quoted as their primary key
  return value.quoted_id if value.respond_to?(:quoted_id)
  #        puts "Type: #{column.type}  Name: #{column.name}" if column
  case value
  when String, ActiveSupport::Multibyte::Chars
    value = value.to_s
    if column && column.type == :binary && column.class.respond_to?(:string_to_binary) 
      column.class.string_to_binary(value) 
    elsif column && [:integer, :float].include?(column.type)
      value = column.type == :integer ? value.to_i : value.to_f
      value.to_s
    else
      "'#{quote_string(value)}'" # ' (for ruby-mode)
    end
  when NilClass                 then "NULL"
  when TrueClass                then (column && column.type == :integer ? '1' : quoted_true)
  when FalseClass               then (column && column.type == :integer ? '0' : quoted_false)
  when Float, Fixnum, Bignum    then value.to_s
    # BigDecimals need to be output in a non-normalized form and quoted.
  when BigDecimal               then value.to_s('F')
  when Date                     then "'#{value.to_s}'"
  when Time, DateTime           then "'#{quoted_date(value)}'"
  else                          "'#{quote_string(value.to_yaml)}'"
  end
end