Skip to content

Instantly share code, notes, and snippets.

@jmcbri
jmcbri / example_controller.rb
Created March 8, 2017 10:55 — forked from TheKidCoder/example_controller.rb
Rails - Sanitize Ordering Params
class ExampleController
include OrderingHelpers
def index
@clients = Clients.order(sanitized_ordering).where(user_id: current_user.id)
end
end
Fresh app results:
dcid_2 $ rails c
Loading development environment (Rails 4.0.2)
irb(main):001:0> user = User.new(name: "", email: "mhartl@example.com")
=> #<User id: nil, name: "", email: "mhartl@example.com", citizen_number: nil, password: nil, created_at: nil, updated_at: nil>
irb(main):002:0> user.valid?
=> true
irb(main):003:0> user.name
=> ""
irb(main):004:0> user.name="Bob"
~/rails/apps/dcid $ rails c --sandbox
Loading development environment in sandbox (Rails 4.0.2)
Any modifications you make will be rolled back on exit
irb(main):001:0> user = User.new(name: "", email: "mhartl@example.com")
=> #<User id: nil, name: nil, email: nil, citizen_number: nil, created_at: nil, updated_at: nil, password_digest: nil>
irb(main):002:0> user.email
=> "mhartl@example.com"
irb(main):003:0> user.name
=> ""
irb(main):004:0> user.name="Bob"