Hi all,
Here's the situation: I'm writing a Rails app that connect to a SQL Server DB via the ODBC adapter. As an outside, non-negotiable requirement, and writes to the DB must be performed using stored procedures. (I know, I know... it sucks).
When constructing the query string, how do I go about escaping the parameters I want to insert.
My first thought was Rail's parameterization of query strings: Model.connection.execute ["EXECUTE dumb_sp '?','?','?'", a, b, c] No luck, execute doesn't accept that, it will only accept a string.
Am I stuck with gsubbing all those strings or is there away to compile the array form to a query that I could use?
Thanks,
Andrew