Search

Hi all,

how to avoid single quote in our rails search

Example

in my users table user_name=ram’kumar

my search query

params[:name]=ramkumar

@ans=Users.where(“user_name=?”,params[:name])

how can i get the value?

any one give me a solution

Thankyou.

Hi all,

how to avoid single quote in our rails search

Example

in my users table user_name=ram’kumar

my search query

params[:name]=ramkumar

@ans=Users.where(“user_name=?”,params[:name])

@ans = User.where(user_name: params[:name])

and let the ActiveRecord gem sanitize the parameters

If you’re not using the latest version of Rails, you’ll need to give more specifics before you can get better help.

-Rob