新手问题 ActiveRecord 的 qurey 里，哈希形式的参数如何实现 LIKE 检索？

tangramor · October 28, 2013 · Last by luikore replied at October 28, 2013 · 1759 hits

如何在支持 LIKE 检索的情况下避免 SQL 注入攻击？

luikore #1 October 28, 2013

where("field like '?%'", value)

You need to Sign in before reply, if you don't have an account, please Sign up first.