Ruby: Escaping special characters in a string

Question

I am trying to write a method that is the same as mysqli_real_escape_string in PHP. It takes a string and escapes any \'dangerous\' characters. I have looked fo

Answer 1

Take a look at escape_string / quote method in Mysql class here

Answer 2

Your pattern isn't defined correctly in your example. This is as close as I can get to your desired output.

Output

"\\\"My\\\" \\'name\\' \\*is\\* \\-john\\- \\.doe\\. \\/ok?\\/ C:\\\\Drive"

It's going to take some tweaking on your part to get it 100% but at least you can see your pattern in action now.

  def self.escape_characters_in_string(string)
    pattern = /(\'|\"|\.|\*|\/|\-|\\)/
    string.gsub(pattern){|match|"\\"  + match} # <-- Trying to take the currently found match and add a \ before it I have no idea how to do that).
  end

Answer 3

This should get you started:

print %("'*-.).gsub(/["'*.-]/){ |s| '\\' + s }
\"\'\*\-\.

Answer 4

Take a look at the ActiveRecord sanitization methods: http://api.rubyonrails.org/classes/ActiveRecord/Base.html#method-c-sanitize_sql_array

Answer 5

I have changed above function like this:

  def self.escape_characters_in_string(string)
    pattern = /(\'|\"|\.|\*|\/|\-|\\|\)|\$|\+|\(|\^|\?|\!|\~|\`)/
    string.gsub(pattern){|match|"\\"  + match}
  end

This is working great for regex