Commit d1c45294 authored by Alex Kalderimis's avatar Alex Kalderimis

Remove need for SQL injection

parent e01dd08e
...@@ -69,8 +69,11 @@ module RelativePositioning ...@@ -69,8 +69,11 @@ module RelativePositioning
end end
def nextify(relation, gt = true) def nextify(relation, gt = true)
op = gt ? '>' : '<' if gt
relation.where("relative_position #{op} ?", object.relative_position) relation.where("relative_position > ?", relative_position)
else
relation.where("relative_position < ?", relative_position)
end
end end
def relative_siblings(relation = scoped_items) def relative_siblings(relation = scoped_items)
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment