docs: use Arel.sql examples that require Arel.sql

2021-08-06 16:58:38 -05:00 · 2021-08-06 16:58:38 -05:00 · 18c0c568da
parent 4a23cb3415
commit 18c0c568da
2 changed files with 3 additions and 3 deletions
--- a/activerecord/lib/active_record/errors.rb
+++ b/activerecord/lib/active_record/errors.rb
@ -470,12 +470,12 @@ module ActiveRecord
  #
  # For example, the following code would raise this exception:
  #
-  #   Post.order("length(title)").first
+  #   Post.order("REPLACE(title, 'misc', 'zzzz') asc").pluck(:id)
  #
  # The desired result can be accomplished by wrapping the known-safe string
  # in Arel.sql:
  #
-  #   Post.order(Arel.sql("length(title)")).first
+  #   Post.order(Arel.sql("REPLACE(title, 'misc', 'zzzz') asc")).pluck(:id)
  #
  # Again, such a workaround should *not* be used when passing user-provided
  # values, such as request parameters or model attributes to query methods.
--- a/activerecord/lib/arel.rb
+++ b/activerecord/lib/arel.rb
@ -29,7 +29,7 @@ module Arel

  # Wrap a known-safe SQL string for passing to query methods, e.g.
  #
-  #   Post.order(Arel.sql("length(title)")).last
+  #   Post.order(Arel.sql("REPLACE(title, 'misc', 'zzzz') asc")).pluck(:id)
  #
  # Great caution should be taken to avoid SQL injection vulnerabilities.
  # This method should not be used with unsafe values such as request