I personally feel that this should go in the model in a 'search' method. You also need to santitize your terms. I use something like this (untested):
class Book < ActiveRecord::Base def self.search(terms) terms = terms.split(" ") conditions = ["", {}] term_count = 0 terms.each do |term| conditions[1][:"word_#{term_count}"] = "%#{term}%" conditions[0] << "(my_column LIKE :word_#{term_count}) AND "
term_count += 1 end
conditions[0].gsub!(/ AND$/) find(:all, :conditions => conditions) end end
Your action can then look like this:
def search @results = Book.search(params[:terms]) end
As mentioned above, this is untested code. It's purely from memory to demonstrate the concepts to consider and you'll probably want to tidy it up. The main points are: Use Rails's built in condition handlers so that you get santitized SQL and keep your controllers thin - you never know when you'll need to search your data outside of the web controllers.
Hope that helps,
Steve