I am writing a raw query and need to escape a variable that the user
modify. Similar to :conditions => ["whatever = ?", var]. What function
does this use behind the scenes?
Depending on what you want:
ActiveRecord::Base#sanitize_sql (which turns ["whatever = ?", var]
into "whatever = 'var'"