I am using Rails 5.2 and passing a date parameter. To simplify my example, look at the below sql query, it is similar but simplified as it is too complex to be used with active record methods, so I need to run the raw sql..
sql = 'Select * FROM mytable WHERE created_at > #{@start_date_time}'
1) How do I sanitize the parameters as I pass them into a string or the execute command.
2) What format should my date be in? I tried '2018-01-01 00:00:00.000' and '2018-01-01' and both error.
CODE:
sql =count_query(@start_date_time, sender_type, sender_id)
records_array = ActiveRecord::Base.connection.execute(sql)
ERROR
ActiveRecord::StatementInvalid (PG::UndefinedFunction:
ERROR: operator does not exist: timestamp without time zone > integer)
LINE 11: WHERE created_at > 2018-01-01
WHERE created_at > '2018-01-01' 应该可以工作
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.