All geek questions in one place

Ruby-pg sanitize data before pasting

Ruby is new here. I am trying to insert this line "Lady Arabella Scandalo ..." I am using ruby-pg for this. However, I have erros due to a single quote, how can I sanitize this line and remove all html tags? Is there a built-in function for this?

+6
source share
1 answer

You can use escape_string to correctly avoid single quotes:

 db = PG.connect(...) db.exec("insert into t (...) values ('#{db.escape_string(str)}', ...)")

or use prepare and exec_prepared to work with a prepared statement:

 db.prepare('ins', 'insert into t (...) values ($1, ...)') db.exec_prepared('ins', [str, ...])
+20
source

Source: https://habr.com/ru/post/916811/

More articles:


All Articles