sanitize_sql_like 0.0.1 → 1.0.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (4) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +9 -0
  3. data/lib/sanitize_sql_like/version.rb +1 -1
  4. metadata +1 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: dc1a68476b05df66b5f79c41ce1d6e7e28fc3b04
4
- data.tar.gz: 2bd38712c9358c1b5faa3b9b8d03817c0d9244fa
3
+ metadata.gz: d3fd8539403bc302758e3b635e47e51f48832fbb
4
+ data.tar.gz: f19a63473d0b51374786ce1c34441c795068f2d3
5
5
  SHA512:
6
- metadata.gz: f5ebf9e5687989fe89610d6505b5bed7eae86dac07e08c2cdef7b96a1b39d855a0f7a15f935f69da24e5acbe9055d71651b471c071cee6b9b1db34dadc8700f0
7
- data.tar.gz: c347635c6858e063f9c41f1dde28e982b34e6c03cd68d120ed8ca8ec79400eb00548126c7895f625a566400b803b91d903677268f2586ef01b7f53f4a7f45e3b
6
+ metadata.gz: cf892e16268a73d8976e58e86c4362ae3bdfb733006a4457d6a593a6ce791b0f4678cffbb1690e8295cb7e12c9b6f4649aa19a0c709d8e4568fa60d47ddd6710
7
+ data.tar.gz: a37a98fb99065b0c0b8c9fcc7b48df3a3d43b8bf006d57700683ad92cf86e0f9e5504b6e3da5c6ada9798973d76f460ed5123e33aad8565f9d0ddbd18e952da6
data/README.md CHANGED
@@ -30,6 +30,15 @@ Or install it yourself as:
30
30
 
31
31
  ## Usage
32
32
 
33
+ Prevent SQL injection using LIKE operator in SQL query:
34
+ ```rb
35
+ # Bad
36
+ User.where("nickname LIKE ?", "%#{params[:nickname]}%")
37
+
38
+ # Good
39
+ User.where("nickname LIKE ?", "%#{User.send(:sanitize_sql_like, params[:nickname])}%")
40
+ ```
41
+
33
42
 
34
43
 
35
44
 
data/lib/sanitize_sql_like/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module SanitizeSqlLike
2
- VERSION = "0.0.1"
2
+ VERSION = "1.0.0"
3
3
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: sanitize_sql_like
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.1
4
+ version: 1.0.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - khiav reoy