Improve the security and performance of DB2 Ruby on Rails applications using parameterized queries
The new ActiveRecord adapter for DB2
From the developerWorks archives
Date archived: January 11, 2017 | First published: January 21, 2010
With the increasing interest in Ruby on Rails from companies in the enterprise world, some observers have posed questions about its suitability when it comes to the demanding requirements in this arena. One issue that some have called attention to is that ActiveRecord, Rails' Object-Relational Mapper (ORM), doesn't use prepared statements—or at least it didn't until now. With the latest release of DB2® on Rails, parameterized queries are automatically available and bring with them important performance and security benefits to Rails applications.
This content is no longer being updated or maintained. The full article is provided "as is" in a PDF file. Given the rapid evolution of technology, some steps and illustrations may have changed.