Undefined method #sanitize for ActiveRecord::Base

Question

I just upgraded to Rails 5.1.1 and am receiving this error.

NoMethodError (undefined method `sanitize' for ActiveRecord::Base:Class):

The stack traces back to this code

like_search_term = ActiveRecord::Base::sanitize("%#{escaped_search_term}%")

Has this method been removed or changed in the new Rails upgrade?

It seems that it does not work in model, but it did work in view, I tried it with Rails 4.2 — simo, Jan 09 '18 at 05:09
You can check this answer it worked for me https://stackoverflow.com/a/6077253/1770571 — Salma Gomaa, Jan 16 '19 at 12:49

score 15 · Accepted Answer · answered Jun 15 '17 at 19:09

15

Yes, indeed, it appears to be removed.

Sanitize was never part of the public API of the framework. As we didn't need it in the framework anymore, we removed. The recommended ways to sanitize raw SQL for use in execute statements were the public API for that http://api.rubyonrails.org/classes/ActiveRecord/Sanitization/ClassMethods.html

answered Jun 15 '17 at 19:09

Sergio Tulentsev

226,338
43
373
367

5

Thanks for the info. I ended up going with 'ActiveRecord::Base.connection.quote' as a drop-in replacement. That fixed my test suite. Anyone know of a better practice? – William Holt Jun 15 '17 at 22:54
1

However when I try query_string = ActiveRecord::Sanitization.sanitize_sql(params[:q]) I am getting NoMethodError: undefined method `sanitize_sql' for ActiveRecord::Sanitization:Module – Surya Dec 11 '18 at 09:52
Maybe I understood the question wrong, but ActiveRecord::Base.sanitize(params[:q]) is still working fine without any error. – Surya Dec 11 '18 at 09:53
@Surya: in what rails version? – Sergio Tulentsev Dec 11 '18 at 09:56
rails version: 5.0.1 – Surya Dec 11 '18 at 09:57
@Surya: it was removed later. – Sergio Tulentsev Dec 11 '18 at 09:57
1

Then perhaps sanitize_sql were introduced in the later versions too. Thanks – Surya Dec 11 '18 at 09:58
The solution at the first link solved the problem for me: https://github.com/rails/rails/issues/28947#issuecomment-310733481 – therealrodk Jul 19 '22 at 15:45

score 0 · Answer 2 · answered Sep 13 '22 at 18:51

0

You can still use the sanitization methods if you use them within context of the model. For example, you can add this to your model:

def self.where_ilike(search_terms)
  where('search_tokens ILIKE ?', "%#{sanitize_sql_like(search_terms)}%")
end

answered Sep 13 '22 at 18:51

Jason L.

1,125
11
19

Undefined method #sanitize for ActiveRecord::Base

2 Answers2

Linked