Technical
Sanitize Params

Home Page | All Pages | Recently Revised | Authors | Feeds | Export |

How to sanitize params (remove ” or ’ and protect from *&^$%# )


  def test_sanitize
    expected_hash = {:legal_entity => {
                            :nameFull => "Some Name",
                            :nameShort => "Some Short Name",
                            :adp => 123
                          }
                    }
    result_hash   = {:legal_entity => {
                                    :nameFull => 'Some "Name',
                                    :nameShort => 'Some" Short'' Name',
                                    :adp => 123
                                    }
                            }.sanitize_params(:legal_entity)

    assert_equal expected_hash,result_hash

  end

#Implementation
class Hash
 def sanitize_params(index)
    self[index.to_sym].each do |key,value|
     if !self[index.to_sym][key.to_sym].blank? && !self[index.to_sym][key.to_sym].numeric?
      self[index.to_sym][key.to_sym].to_s.gsub!("'","''") if !value.blank?
      self[index.to_sym][key.to_sym].to_s.gsub!('"',"") if !value.blank?
      self[index.to_sym][key.to_sym].to_s.strip! if !value.blank?
     end
    end
    self
  end
end
Created on June 10, 2007 21:08:07 by Gregory Bluvshteyn (24.186.106.132) (1227 characters / 0.0 pages)
Edit | Views: Print | Linked from: Home Page