fousa tag

Sanitize order clause in ActiveRecord query

After some testing we came (me and JB) to the conclusion that it was not possible to inject hazardous SQL into the order statement. But if you don't want any injection at all you can still use this. I'm trying to dig a little deeper into this! This tutorial concerns Rails 2.x, I'll have to check whether I have to do this for Rails 3.x! I d...