PHP "stripclashes" equivalent in Ruby/Rails?

What are you trying to accomplish with stripslashes? (I.e., what are you trying to use stripslashes for?) There may be a better way to accomplish what you're trying to do. The reason I ask is that I've often seen stripslashes used when interpolating into an SQL query string, which is a great way to set yourself up for SQL injection. A safe way to do the same thing is using bind variables. For (a simple, better-accomplished-via-a-straight-up-find) example:

sql = "SELECT * FROM foo WHERE foo_id = :foo_id"
id = 3
Foo.find_by_sql([sql, {:foo_id => id}])

If you're not interpolating into an SQL query string please ignore the above. I still think there's a better way to do whatever you're trying to accomplish with stripslashes. What are you trying to do?

Hoping to help,

Michael Glaesemann
grzm seespotcode net

Michael Glaesemann wrote:

PHP "stripcslashes" function in Ruby/Rails?

What are you trying to accomplish with stripslashes? (I.e., what are

Note he said "stripcslashes" not "stripslashes". Different function.

Eric

Good eye :slight_smile: I missed that. Thanks, Eric. Request for application still stands, however.

Michael Glaesemann
grzm seespotcode net