Skip to content

Instantly share code, notes, and snippets.

@eliotsykes

eliotsykes/sanitize_sql_array_examples.md

Last active December 16, 2016 09:11
Show Gist options
  • Save eliotsykes/9f86e825b4d3431306d7d48947f94f42 to your computer and use it in GitHub Desktop.
Save eliotsykes/9f86e825b4d3431306d7d48947f94f42 to your computer and use it in GitHub Desktop.
Download ZIP
sanitize_sql_array examples
Raw
sanitize_sql_array_examples.md

Apps and engines searched can be found at https://github.com/eliotsykes/real-world-rails

$ ag 'sanitize_sql_array'
apps/canvas-lms/app/models/attachment.rb
1169:        clauses << sanitize_sql_array(["(attachments.content_type=?)", type])

apps/canvas-lms/app/models/enrollment/query_builder.rb
141:      ActiveRecord::Base.send :sanitize_sql_array, [sql, *args]

apps/canvas-lms/app/models/user.rb
1833:            joins(self.class.send(:sanitize_sql_array, [<<-SQL, opts[:start_at], 'submitter', self.id, self.id])).

apps/canvas-lms/config/initializers/active_record.rb
318:    sanitize_sql_array ["(" + cols.join(" OR ") + ")", *([value] * cols.size)]
334:    sanitize_sql_array ["(#{like_condition(cols, '?', false)})", value]

apps/canvas-lms/lib/data_fixup/fix_ungraded_counts_include_quiz_essays.rb
4:      Assignment.connection.execute(Assignment.send(:sanitize_sql_array, [<<-SQL, ids]))

apps/canvas-lms/lib/data_fixup/recompute_unread_conversations_count.rb
5:      User.connection.execute(User.send(:sanitize_sql_array, [<<-SQL, ids]))

apps/canvas-lms/lib/data_fixup/reset_ungraded_counts.rb
4:      Assignment.connection.execute(Assignment.send(:sanitize_sql_array, [<<-SQL, ids]))

apps/cartodb/app/queries/carto/grantable_query_builder.rb
20:    query = ActiveRecord::Base.send(:sanitize_sql_array, paged_query_array(page, per_page, order))
25:    query = ActiveRecord::Base.send(:sanitize_sql_array, count_query_array)

apps/discourse/app/models/topic.rb
453:    similar = Topic.select(sanitize_sql_array(["topics.*, similarity(topics.title, :title) + similarity(topics.title, :raw) AS similarity, p.cooked as blurb", title: title, raw: raw]))

apps/discourse/lib/freedom_patches/active_record_base.rb
6:    sql = ActiveRecord::Base.send(:sanitize_sql_array, args)
15:    ActiveRecord::Base.send(:sanitize_sql_array, sql_array)

apps/discourse/lib/freedom_patches/schema_migration_details.rb
33:      sql = ActiveRecord::Base.send(:sanitize_sql_array, [sql, {

apps/discourse/lib/sql_builder.rb
62:      @klass.find_by_sql(ActiveRecord::Base.send(:sanitize_sql_array, [sql, @args]))

apps/feedbin/app/controllers/api/v2/entry_counts_controller.rb
23:        query = ActiveRecord::Base.send(:sanitize_sql_array, [query, start_date, end_date, start_date, feed_ids])

apps/feedbin/app/models/feed_stat.rb
11:      query = ActiveRecord::Base.send(:sanitize_sql_array, [stats_query, start_date, end_date, start_date, feed_id])
26:    max_query = ActiveRecord::Base.send(:sanitize_sql_array, [max_query, feed_ids, start_date])

apps/feedbin/app/models/user.rb
323:    query = ActiveRecord::Base.send(:sanitize_sql_array, [query, self.id, subscriptions.pluck(:feed_id)])

apps/huginn/db/migrate/20131223032112_switch_to_json_serialization.rb
66:          sanitized_update_sql = ActiveRecord::Base.send :sanitize_sql_array, [update_sql, *yaml_fields, id]

apps/hummingbird/app/models/user.rb
97:      sanitize_sql_array([

apps/hummingbird/lib/story_query.rb
31:    sql = ActiveRecord::Base.send(:sanitize_sql_array, [

apps/jobsworth/app/controllers/feeds_controller.rb
71:          sql = ActiveRecord::Base.send(:sanitize_sql_array, (["tasks.project_id IN (?) #{filter} AND tasks.completed_at IS NULL AND (tasks.hide_until IS NULL OR tasks.hide_until < ?)", pids, user.tz.now.utc.to_s(:db)]))
74:          sql = ActiveRecord::Base.send(:sanitize_sql_array, (["tasks.completed_at IS NULL #{filter} AND (tasks.hide_until IS NULL OR tasks.hide_until < ?)", user.tz.now.utc.to_s(:db)]))

apps/jobsworth/app/models/search.rb
45:      sanitized = ActiveRecord::Base.send(:sanitize_sql_array, full_conditions)

apps/jobsworth/app/models/task_filter.rb
281:    res = TaskFilter.send(:sanitize_sql_array, [sql] + params)
384:    sql = TaskFilter.send(:sanitize_sql_array, [sql] + params)
409:      #return TaskFilter.send(:sanitize_sql_array, ["if(isnull(tasks.estimate_date), (milestones.due_at < ? and milestones.due_at > ?),(tasks.estimate_date < ? and tasks.estimate_date > ?))", Time.at(calendar_params[:end].to_i), Time.at(calendar_params[:start].to_i), Time.at(calendar_params[:end].to_i), Time.at(calendar_params[:start].to_i)])
410:      return TaskFilter.send(:sanitize_sql_array, [

apps/jobsworth/test/unit/task_filter_test.rb
121:      expected = TaskRecord.send(:sanitize_sql_array, [sql] + params)
164:      expected = TaskFilter.send(:sanitize_sql_array, [expected, true])
173:      expected = TaskFilter.send(:sanitize_sql_array, ['task_users.id is null'])

apps/mission-of-mercy/app/reports/post_clinic.rb
353:    count = Patient.connection.select_value(Patient.send(:sanitize_sql_array,

apps/open-build-service/src/api/config/initializers/escape_sql.rb
3:    self.send(:sanitize_sql_array, array)

apps/openproject/app/models/project.rb
870:    sanitize_sql_array condition

apps/peatio/app/models/account_version.rb
49:    values       = ActiveRecord::Base.send :sanitize_sql_array, values_array

apps/rubygems/app/models/gem_dependent.rb
39:    sanitize_sql = ActiveRecord::Base.send(:sanitize_sql_array, sql_query(gem_name))

apps/rubygems/app/models/gem_info.rb
55:    sanitize_sql = ActiveRecord::Base.send(:sanitize_sql_array, query)

apps/rubygems/lib/tasks/compact_index.rake
7:    sanitize_sql = ActiveRecord::Base.send(:sanitize_sql_array, query)
104:    sanitize_sql = ActiveRecord::Base.send(:sanitize_sql_array, query)

apps/solidus/core/db/migrate/20140723214541_copy_product_slugs_to_slug_history.rb
7:  SELECT slug, id, '#{Spree::Product}', #{ActiveRecord::Base.send(:sanitize_sql_array, ['?', Time.current])}

apps/spree/core/db/migrate/20140723214541_copy_product_slugs_to_slug_history.rb
8:  SELECT slug, id, '#{Spree::Product.to_s}', #{ApplicationRecord.send(:sanitize_sql_array, ['?', Time.current])} 

engines/blazer/lib/blazer/adapters/sql_adapter.rb
44:        result = data_source.run_statement(connection_model.send(:sanitize_sql_array, ["SELECT table_name FROM information_schema.tables WHERE table_schema IN (?) ORDER BY table_name", schemas]))
49:        result = data_source.run_statement(connection_model.send(:sanitize_sql_array, ["SELECT table_schema, table_name, column_name, data_type, ordinal_position FROM information_schema.columns WHERE table_schema IN (?) ORDER BY 1, 2", schemas]))

engines/blazer/lib/blazer/result.rb
29:            result = data_source.run_statement(ActiveRecord::Base.send(:sanitize_sql_array, [query.sub("{value}", "(?)"), values]))

engines/pghero/lib/pghero/methods/basic.rb
40:        values = Hash[select_all(connection_model.send(:sanitize_sql_array, ["SELECT name, setting, unit FROM pg_settings WHERE name IN (?)", names])).sort_by { |row| names.index(row["name"]) }.map { |row| [row["name"], friendly_value(row["setting"], row["unit"])] }]
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment