Method: ActiveRecord::ConnectionAdapters::DatabaseStatements#sanitize_limit
- Defined in:
- activerecord/lib/active_record/connection_adapters/abstract/database_statements.rb
#sanitize_limit(limit) ⇒ Object
Sanitizes the given LIMIT parameter in order to prevent SQL injection.
The limit
may be anything that can evaluate to a string via #to_s. It should look like an integer, or an Arel SQL literal.
Returns Integer and Arel::Nodes::SqlLiteral limits as is.
476 477 478 479 480 481 482 |
# File 'activerecord/lib/active_record/connection_adapters/abstract/database_statements.rb', line 476 def sanitize_limit(limit) if limit.is_a?(Integer) || limit.is_a?(Arel::Nodes::SqlLiteral) limit else Integer(limit) end end |