Menu
Ruby newbie here. I'm trying to insert this string "Lady Arabella's Scandalo..." I'm using ruby-pg to do this. However I'm having erros because of the single quote, how can I sanitize this string and remove all html tags? Is there a built in function for this?
825
You can use escape_string to properly escape your single quotes:
db = PG.connect(...)
db.exec("insert into t (...) values ('#{db.escape_string(str)}', ...)")
or use prepare and exec_prepared to work with a prepared statement instead:
db.prepare('ins', 'insert into t (...) values ($1, ...)')
db.exec_prepared('ins', [str, ...])
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
