[英]Searching through array integer column with rails
in my app I have table users that have the following column: 在我的应用程序中,我具有具有以下列的表用户:
t.integer "administrations", array: true
and I have code that looks like this: 我有看起来像这样的代码:
User.where("administrations::int[] = ARRAY[#{administration_ids.join(',') }]::int[]")
but it is vulnerable for sql injection. 但是它容易受到sql注入的攻击。 I was trying to rewrite those to something like that:
我试图将它们重写为类似的内容:
User.where("administrations::int[] = ?", "ARRAY[#{administration_ids.join(',') }]::int[]")
but this not works... 但这行不通...
It returns: 它返回:
PG::InvalidTextRepresentation: ERROR: array value must start with "{" or dimension information
would 将
User.where("administrations::int[] = ARRAY[?]::int[]", administration_ids.join(','))
work? 工作?
也像这样的工作:
User.where(administrations: '{15,26,62,89,121}')
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.