I have this model
class Post < ActiveRecord::Base
attr_accessible :content, :title, :user_id
belongs_to :user
def self.text_search(query)
if query.present?
rank = <<-RANK
ts_rank(to_tsvector(title), plainto_tsquery(#{sanitize(query)})) +
ts_rank(to_tsvector(content), plainto_tsquery(#{sanitize(query)}))
RANK
where("to_tsvector('english', title) @@ :q or
to_tsvector('english', content) @@ :q", q: sanitize(query)).order("#{rank} desc")
else
scoped
end
end
end
and I have this method call
Post.text_search("Where is the safest place")
Question: why is it that it that the query does not escape the double quotes when being called in SQL? As shown here:
Post Load (2.4ms) SELECT "posts".* FROM "posts" WHERE (to_tsvector('english', title) @@ '''Where is the safest place''' or
to_tsvector('english', content) @@ '''Where is the safest place''') ORDER BY ts_rank(to_tsvector(title), plainto_tsquery('Where is the safest place')) +
ts_rank(to_tsvector(content), plainto_tsquery('Where is the safest place'))