# File activerecord/lib/arel.rb, line 38 def self.sql(raw_sql) Arel::Nodes::SqlLiteral.new raw_sql end
Wrap a known-safe SQL string for passing to query methods, e.g.
Post.order(Arel.sql("REPLACE(title, 'misc', 'zzzz') asc")).pluck(:id)
Great caution should be taken to avoid SQL injection vulnerabilities. This method should not be used with unsafe values such as request parameters or model attributes.
© 2004–2021 David Heinemeier Hansson
Licensed under the MIT License.