I have read the section on header injections as described here: http://guides.rubyonrails.org/security.html. But I can't seem to walk through a step by step example of this in my head. Could someone walk me through an example of how exploiting the referer header could cause issues in an application? ...
How would I go about creating a polymorphic has_and_belongs_to_many relationship with Rails/ActiveRecord? Most of the examples I see involve creating a belongs_to relationship which limits my polymorphic-side to being related to only one parent: Table: Task Table: Tasks_Targets Table: CustomerStore Table: SoftwareSystem Both Custom...
Up until now I've been deploying Rails apps to our Apache/Passenger setup using a simple Rake task that I wrote. I haven't tried to mess around with Capistrano or Vlad the Deployer. However, now more developers are coming on board, and I'm interesting in arranging things so that the deployment process runs the tests first and won't depl...
Hello people! I would like to send a small amount of email from my app through Gmail. Now, the SMTP settings will be determined at runtime (ie: from the db), can this be done? --- edit --- I can set the ActionMailer subclass (named Notifier) smtp settings in one of the class' methods. This way I can set the username and password for...
Hi guys! What is the best OS for Ruby on Rails deploying? I've seen a lots of articles about Rails+Ubuntu, but what about FreeBSD? Are there any comparison tests for FreeBSD and Ubuntu. Which OS is the best in performance sense? Thanks. ...
I want to do store the parameters from a form in a model. Since I don't want the model to use any database, it does not inherit from ActiveRecord::Base. I'm thinking it should look something like this: # in view: <% form_for :question, :url => {:action => "ask"} do |f| %> <%= f.text_field(:q) %> <%= submit_tag %> <% end %> # in con...
Are there any visitor statistics solutions for Ruby on Rails? I'm talking something like Google Analytics, but without passing data through a third party. I'd like to track such parameters as visitor count, visit depth, bounce rate, referer (by host or by GET parameter), etc. ...
One of the main reason many developers choose Ruby-On-Rails is its promise of increased productivity. As many people in the rails community claim "It is the fastest way of going from and idea to implementation". I have seen anecdotal references to Rails vs. java OR Rails vs. PHP coomparision claiming Rails applications to be 3-5 times...
Is it possible to save the output of a block of Rails code into a variable so I can output it in a number of places later on inside a view? I realise layouts etc have yield, but I want to do this in a view (I'm generating a mail-merge-esque thing that has calculated elements that are the same in each letter) ...
Here's my route configuration: map.resources :services do |services| services.resources :capabilities do |capabilities| capabilities.resources :http_headers end end Here's my "rake routes" output: laran:trunk laran$ rake routes (in /Users/laran/workspace/kibo/mega/server/trunk) accounts GET /accou...
I am trying to set expectations on a mocked ActiveRecord model. I have created the following example, which should pass based on the documentation I can find. it "should pass given the correct expectations" do payment = mock_model(Payment) payment.should_receive(:membership_id).with(12) payment.membership_id = 12 end It is faili...
I have a Rails application with numbered migrations 001_..., 002_..., etc. I have several plugins A,B,C with their own migrations 001_.., 002_... etc. How to remove the particular plugin B and clean the schema (making B plugin migrations down) ...
I have two models in a has_many relationship such that Log has_many Items. Rails then nicely sets up things like: some_log.items which returns all of the associated items to some_log. If I wanted to order these items based on a different field in the Items model is there a way to do this through a similar construct, or does one have to ...
I have a keychain object. keychain has_many credentials. I'm trying to write the view code to add a new credential to a keychain. This is the code I have: <% form_for(@keychain) do |f| %> <tr> <td><%= f.select "credentials[]", current_account.services.collect{ |s| [s.friendly_name, s.id] } %><...
Hypothetically, I have a Room model that belongs to a Building model. Buildings has a has_many relationship with categories. I'm trying to figure out how to index the Room model so that a search for category_id = 1 will return any room, in any building that happens to have that category assigned to it. Again, a building can have multi...
--preface: ignore if you want. I'm new to rails, and working on a project that will require user authentication. I found this tutorial and have been trying to go through it and understand what's happening. Of course, it's not exactly what I need as-is, so I've been modifying as I go along. The tutorial is also out of date in some areas, ...
Hey all, I'm using deprec with password-protected svn. I need to use a different login/pass for svn than for logging into the server. The deprec way to do that is :svn_username, as far as I can tell, but it doesn't seem to be working. deprec (2.0.13), capistrano (2.5.8). Snip of deploy.rb / bash: http://pastie.org/pastes/545876 Than...
What is the advantage to putting you javascript for your rails app into a .js.erb file instead of just throwing it in your application.js file? I have a create button for businesses so should I put the code into a create.js.erb file or put it into my application.js using: $("#business_submit").click(function() {} All that aside is tha...
If I declare local variables in a partial and then render the partial from another erb template, will the latter also have accces to those local variables? ...
Hi, I have found that I often have to implement some sort of a scheduler in the applications I develop. The applications can range from simple maintenance tasks to fairly complex. So far my approach has been to set up cron jobs that essentially do batch processing of queued commands. For example, I have cron invoking a script (I am wor...