Base.connection.execute with params

11175 · January 7, 2008, 4:33pm

Hi,

I am trying to implement Base.connection.execute using a passed parameter from the calling view:-

In my controller I have the following code:-

def addnewsoa2 ActiveRecord::Base.connection.execute "INSERT INTO `soas` (`program_id`,`control_id`,`scope`,`detail`) VALUES (?,1,'Y','t.b.a.')", @params['proggy'] end

This fails with a sql syntax error but I cant see where I am going wrong. The equivalent code in raw sql is okay. (i.e. "INSERT INTO `soas` (`program_id`,`control_id`,`scope`,`detail`) VALUES (13,1,'Y','t.b.a.')"

I think it's the way I am using the passed parameter but would greatly appreciate any offered assistance.

Thanks

Martyn Elmy-Liddiard

Frederick_Cheung · January 7, 2008, 4:50pm

Hi,

I am trying to implement Base.connection.execute using a passed parameter from the calling view:-

In my controller I have the following code:-

def addnewsoa2 ActiveRecord::Base.connection.execute "INSERT INTO `soas` (`program_id`,`control_id`,`scope`,`detail`) VALUES (?, 1,'Y','t.b.a.')", @params['proggy'] end

Why are you using execute? Execute is much lower level than you need,
and doesn't understand parameters etc... It just chucks a string at
the database adapter so you have to construct the entire bit of sql
yourself. Why use this and not Soa.create(params) ?

Fred

11175 · January 8, 2008, 9:34am

Frederick Cheung wrote:

Topic		Replies	Views
how can i execute a sql sentence rubyonrails-talk	0	125	December 29, 2006
Escaping SQL when using connection.execute? rubyonrails-talk	3	189	August 4, 2008
run sql query ? rubyonrails-talk	0	75	December 13, 2007
ActiveRecord::Base rubyonrails-talk	0	82	March 6, 2009
Sanitize SQL? rubyonrails-talk	2	185	August 27, 2008

Base.connection.execute with params

Related topics

More Resources