Hi, i''m using postgres and rails, and i''ve some fields, like first name, last name, etc, i''ve set it with the migration to a maximum of 50 chars, and i''ve limited in the view the possibility to insert more than 50 chars... have i also to add a validates_length_of in the model for all of these fields? Which problems may i have to don''t put it? -- Posted via http://www.ruby-forum.com/. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
> Hi, i''m using postgres and rails, and i''ve some fields, like first name, > last name, etc, i''ve set it with the migration to a maximum of 50 chars, > and i''ve limited in the view the possibility to insert more than 50 > chars... have i also to add a validates_length_of in the model for all > of these fields? Which problems may i have to don''t put it?Any chance you''ll ever manage that data outside of your views? Perhaps in a custom script, or via ./script/console? It certainly doesn''t hurt to do it there as well... --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
Hi Mike, mike wrote:> Hi, i''m using postgres and rails, and i''ve some fields, like first name, > last name, etc, i''ve set it with the migration to a maximum of 50 chars, > and i''ve limited in the view the possibility to insert more than 50 > chars... have i also to add a validates_length_of in the model for all > of these fields? Which problems may i have to don''t put it?I''ve been told that if I don''t validate in my model, my application is potentially open to non-browser based attacks, both on the app and on the database. hth, Bill --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
Bill Walton wrote:> > I''ve been told that if I don''t validate in my model, my application is > potentially open to non-browser based attacks, both on the app and on > the > database. > > hth, > Billok, i think i''ll put it on all of them :) -- Posted via http://www.ruby-forum.com/. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---