Talking head
RailsConf 2016

This presentation, by Jessica Rudder, is licensed under a Creative Commons Attribution ShareAlike 3.0

If you've struggled through writing complex queries in raw SQL, ActiveRecord methods are a helpful breath of fresh air. If you're not careful though, those methods could potentially leave your site open to a nasty SQL Injection attack. We'll take a look at the most common ActiveRecord methods (and some of the lesser known ones!) with one question in mind....will it inject? If it's vulnerable to a SQL injection attack, we'll cover how to structure your query to keep your data secure.

Rated: Everyone
Viewed 497 times