【发布时间】:2018-05-18 07:08:57
【问题描述】:
我想使用 Rails 活动记录执行原始 SQL 查询,但我的查询需要一个参数,我找不到正确的方法将该参数安全地传递到查询字符串中。查询如下
def self.get_branches_by_workspace_name(workspace_name)
branches = ActiveRecord::Base.connection.execute("
select
address,
phone,
email,
services
from branches as b, workspaces as w
where b.workspace_id = w.id and w.name= :workspace_name", workspace_name).to_a
return branches
end
我想传递一个名为“workspace_name”的参数。有什么帮助吗?
【问题讨论】:
标签: sql ruby-on-rails ruby postgresql activerecord