On Mon, Aug 18, 2008 at 1:26 PM, Matt Wynne <[EMAIL PROTECTED]> wrote:
> def get_where_clause > > clause = [] > > clause << "city_id = [EMAIL PROTECTED]" if @city_id > clause << "name like '[EMAIL PROTECTED]'" if @name > I think you've still got SQL injection problems here. ///ark
_______________________________________________ rspec-users mailing list rspec-users@rubyforge.org http://rubyforge.org/mailman/listinfo/rspec-users
