rails里面的sql语句- Arel.sql()


order("upvotes - downvotes DESC")

Failure/Error: order("upvotes - downvotes DESC")
     
     ActiveRecord::UnknownAttributeReference:
       Dangerous query method (method whose arguments are used as raw SQL) called with non-attribute argument(s): "upvotes - downvotes DESC".This method should not be called with user-provided values, such as request parameters or model attributes.
Known-safe values can be passed by wrapping them in Arel.sql().

用Arel.sql封装起来传.


order(Arel.sql("upvotes - downvotes DESC"))

jobs.order(Arel.sql("COALESCE(deadline_date, due_date)"))

阅读量: 82
发布于:
修改于: