abdullah/til
1
0
Fork 0
mirror of https://github.com/jbranchaud/til synced 2026-01-02 22:58:01 +00:00
Code Issues Projects Releases Wiki Activity

Add Bind Parameters To ActiveRecord SQL Query as a rails til

Browse Source
This commit is contained in:
jbranchaud
2020-08-07 14:05:12 -05:00
parent 4ad2ce84d3
commit 7c882cbeba
2 changed files with 40 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
README.md
View File

@@ -9,7 +9,7 @@ and pairing with smart people at Hashrocket.
For a steady stream of TILs, [sign up for my newsletter](https://tinyletter.com/jbranchaud).
_943 TILs and counting..._
_944 TILs and counting..._
---
@@ -562,6 +562,7 @@ _943 TILs and counting..._
- [Attribute Getter without the Recursion](rails/attribute-getter-without-the-recursion.md)
- [Attribute Was](rails/attribute-was.md)
- [Autosave False On ActiveRecord Associations](rails/autosave-false-on-activerecord-associations.md)
- [Bind Parameters To ActiveRecord SQL Query](rails/bind-parameters-to-activerecord-sql-query.md)
- [Build A Hash Of Model Attributes](rails/build-a-hash-of-model-attributes.md)
- [Capybara Page Status Code](rails/capybara-page-status-code.md)
- [Cast Common Boolean-Like Values To Booleans](rails/cast-common-boolean-like-values-to-booleans.md)

38
rails/bind-parameters-to-activerecord-sql-query.md Normal file
View File

@@ -0,0 +1,38 @@
# Bind Parameters To ActiveRecord SQL Query
Many of the connection query methods that come with `ActiveRecord` accept an
optional `binds` parameter. This can be used to safely inject parameters into
the query.
Here's a SQL query we could use with one of these methods:
```ruby
sql = <<-SQL
select
coalesce(places.latitude, 41.8781) latitude,
coalesce(places.longitude, -87.6298) longitude
from places
join appointments
on places.id = apointments.places_id
where appointments.id = $1
and status = $2
SQL
```
Notice the `$1` and `$2`, those are what will be bound to the two parameters
included as `binds`.
```ruby
connection = ActiveRecord::Base.connection
binds = [[nil, appt_id], [nil, input_status]]
coords = connection.select_one(sql, nil, binds)
coords
#=> { "latitude": 41.8781, "longitude": -87.6298 }
```
Notice the `binds` is an array of tuples. It's the second value in each tuple
that gets bound the corresponding binding indicator in the sql. The syntax is a
bit awkward since it is a lower-level API, however once you know it, you can
manage.