W3cubDocs

/Ruby on Rails 7.0

module Arel

Constants

VERSION

Public Class Methods

sql(raw_sql) Show source
# File activerecord/lib/arel.rb, line 38
def self.sql(raw_sql)
  Arel::Nodes::SqlLiteral.new raw_sql
end

Wrap a known-safe SQL string for passing to query methods, e.g.

Post.order(Arel.sql("REPLACE(title, 'misc', 'zzzz') asc")).pluck(:id)

Great caution should be taken to avoid SQL injection vulnerabilities. This method should not be used with unsafe values such as request parameters or model attributes.

© 2004–2021 David Heinemeier Hansson
Licensed under the MIT License.