How to preserve quotes in a Rails form submission?
Question
How does one preserve the original quotes? The quotes are required when submitting a quoted search string, for example.
- Search form example1: ruby "new york"
- Search from example2: "new york"
Resulting params[:q]:
- for example1: "ruby \\"new york\\""
- for example2: "new york"
Note that Rails throws away quotes if the entire string is quoted, as in example2. But in example1, the quotes are preserved since they are interspersed within the string. I need example2 to preserve the quotes so I see params[:q] as "\\"new york\\"".
2 answers
solution1
0 2010-07-14 05:14:48
Are you talking about sql injectioning you want to search using "test me" and not "\\"test me"\\" .
Use following to search
@users = User.find(:all, :conditions=>["(username like :text)",{:text=>"%#{params[:search_text]}%"}])
solution2
0 ACCPTED 2011-05-26 12:44:10
这是一个已修复很久的Rails错误。
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.