diff options
author | Rhenium <rhenium@rhe.jp> | 2014-03-10 19:11:08 +0900 |
---|---|---|
committer | Rhenium <rhenium@rhe.jp> | 2014-03-10 19:11:08 +0900 |
commit | e56c678cae491ff594795829d2d98e854a460d26 (patch) | |
tree | 066f72f4e9812d38288ca1f564817252be2656eb /app/controllers/users_controller.rb | |
parent | 7f35e6c11be4555523e7155dd44ba546365958bf (diff) | |
download | aclog-e56c678cae491ff594795829d2d98e854a460d26.tar.gz |
fix users#user_jump_suggest: escape % and _, not delete
Diffstat (limited to 'app/controllers/users_controller.rb')
-rw-r--r-- | app/controllers/users_controller.rb | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb index 9a45d1d..01f27db 100644 --- a/app/controllers/users_controller.rb +++ b/app/controllers/users_controller.rb @@ -18,7 +18,8 @@ class UsersController < ApplicationController end def user_jump_suggest - users = User.where("screen_name LIKE ?", "#{params[:head].to_s.delete("%_")}%").order(screen_name: :asc).limit(10) + q = params[:head].to_s.gsub(/(_|%)/) {|x| "\\" + x } + users = User.where("screen_name LIKE ?", "#{q}%").order(screen_name: :asc).limit(10) filtered = users.map {|user| { name: user.name, screen_name: user.screen_name, profile_image_url: user.profile_image_url_mini } } render json: filtered end |