If, in your view, you are expecting params[:name] to be a string, but
actually rails has parsed it into {"."=>"1234"} (or something more
malicious), then currently
<%= sanitize(params[:name]) %> blows up because the hash does not respond
the expected methods from the sanitize call.
I could put
The security fix announcement today sent to the rubyonrails-security
group implied that Rails 2.3 is no longer supported. Is that the
case? Did I miss an announcement somewhere? Is there a list of
supported releases somewhere? (What was I supposed to be paying
attention to?) Thanks,
--Paul
-
On Mar 21, 4:46 pm, Frederick Cheung
wrote:
> On Mar 21, 8:05 pm, "Paul E. G. Lynch" wrote:
>
> That said, activerecord doesn't link to any native libraries. If you
> use the mysql adapter, that pulls in the mysql gem, which does
> obviously load the mysql libra
license).
--Paul
On Mar 21, 3:18 pm, Bryan Crossland wrote:
> On Mon, Mar 21, 2011 at 1:48 PM, Paul E. G. Lynch wrote:
>
> > MySQL's license is GPL. ActiveRecord, which (I presume) uses MySQL's
> > client libraries, is under the MIT license. How does Acti
MySQL's license is GPL. ActiveRecord, which (I presume) uses MySQL's
client libraries, is under the MIT license. How does ActiveRecord
avoid being GPL?
--
You received this message because you are subscribed to the Google Groups "Ruby
on Rails: Talk" group.
To post to this group, send email to
I was about to use the exception_notification plugin, and then I
realized that the information it sends out could include user data (as
a part of the exception message) which in my application is something
we need to be careful about. I think that for my needs, an ideal
notification system would s
You can also just add another public method to the controller. For
instance, instead of using StoryController.update for updating the
comments, you could use something like StoryController.add_comment.
On Mar 5, 4:07 pm, Colin Law wrote:
> On 5 March 2010 20:33, Neil Bye wrote:
>
> > I have a '
Thanks for the reply. I'm not sure about how many objects, but for
page (on which we are showing way, way too much information) we do
about 5000 SQL queries, a few of which might pull back 100 records or
so. I think a lot of those calls could be collapsed with eager
loading. But, lets say there
Couldn't you pass that back in your page's view template?
On Feb 23, 1:31 pm, Erwin wrote:
> I am not very fluent in JS, so I don't see how to transfer the rails
> app current locale ..
>
> I have a JS script able to detect the default browser language ..
> running fine
>
> I can also modify the
I was hoping that the Rails' QueryCache might cache the ActiveRecord
objects it creates and not just the SQL result set, but some
experimentation shows that this is not the case. For example:
>> ActiveRecord::Base.cache do
?> u = User.find(:first)
>> u.name="z"
>> u = User.find(:first)
>> e
Can someone point me to some good documentation for writing
integration tests using IntegrationTest? What documentation I have
found seems to be outdated, referring to methods that are either
deprecated or altogether relocated.
Are people actually using IntegrationTest, or is everyone using
somet
I just upgraded from Rails 2.2.2 to Rails 2.3.2, and found that
running rake db:migrate fails now in production mode, unless I add "--
require 'config/environment'" between "rake" and "db:migrate". The
error complains that model classes referenced in our migrations are
not defined. In developmen
I was searching around to see how other people handle the issue of
updating a production database during a release of new version of an
application, and all I could find is that (according to one post) it
was typically done via migrations.
Migrations have a problem, though. After a while, the co
I would like to prevent rename_column from working in certain
circumstances, so I was trying to redefine rename_column. However, it
seems that the adapter's definition loads afterward and wipes out what
I put in. I have successfully overridden add_column, so I am
confident that I have the defini
If two people go to the same rails application (same directory) and
both run "rake db:migrate" to update the database with a set of
migrations (the same ones) at the same time, is it likely that bad
things will happen to the data, or will db:migrate do something to
prevent the same migration from
15 matches
Mail list logo