1
0
Fork 0
mirror of https://github.com/rails/rails.git synced 2022-11-09 12:12:34 -05:00

Added documentation about named bind variables

git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@1020 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
This commit is contained in:
David Heinemeier Hansson 2005-03-27 12:04:07 +00:00
parent dfadbfd3dc
commit 5cd38ca25d

View file

@ -91,6 +91,15 @@ module ActiveRecord #:nodoc:
# on the other hand, will sanitize the <tt>user_name</tt> and +password+ before inserting them in the query, which will ensure that
# an attacker can't escape the query and fake the login (or worse).
#
# When using multiple parameters in the conditions, it can easily become hard to read exactly what the fourth or fifth
# question mark is supposed to represent. In those cases, you can resort to named bind variables instead. That's done by replacing
# the question marks with symbols and supplying a hash with values for the matching symbol keys:
#
# Company.find_first([
# "id = :id AND name = :name AND division = :division AND created_at > :accounting_date",
# { :id => 3, :name => "37signals", :division => "First", :accounting_date => '2005-01-01' }
# ])
#
# == Overwriting default accessors
#
# All column values are automatically available through basic accessors on the Active Record object, but some times you
@ -288,6 +297,7 @@ module ActiveRecord #:nodoc:
# Person.find(1, :conditions => "associate_id = 5"
# Person.find(1, 2, 6, :conditions => "status = 'active'"
# Person.find([7, 17], :conditions => ["sanitize_me = ?", "bare'quote"]
# Person.find(25, :conditions => ["name = :name AND age = :age", { :name => "Mary", :age => 22 }]
#
# +RecordNotFound+ is raised if no record can be found.
def find(*args)