search for: journalentry

Hello list, Probably a newbie question but couldn''t find the answer in the archives. I am using the login_engine Plugin to implement the login functionality. I have a JournalEntry model that interacts with the journal_entries table. I would like to link the journal entries to the user who entered it. Essentially, it is a one to many relationship between the model User(from login_engine) and my JournalEntry model. My database has a users table (resulting from a standard imp...

...has_many :foodallergies has_many :symptoms, :through => :foodallergies end class Symptom < ActiveRecord::Base has_many :foodallergies has_many :foods, :through => :foodallergies end class Foodallergy < ActiveRecord::Base belongs_to :foods belongs_to :symptoms end I have a JournalEntry model that stores foods and symptoms as comma-seperated strings. Upon record creation in the JournalEntry, I want to parse the foods and symptoms and create a many to many relationship between them. I do this like this in the create method in the JournalController def create params[:journal_...

If I call .create on the param structure, are the parameters being passed to the create method automatically sanitized for me? e.g. Journalentry.create(param[:journalentry]) Do I have to worry about any malicious scripting making its way into the creation of the record? Thanks. -- Posted via http://www.ruby-forum.com/. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Googl...

I have been working on a small app that started with some scaffolding. Some of my actions still have the structure where the id''s of things are passed on the url for gets. Whats the best way to avoid the security problems that this creates? I am sure that there are many pages written on this topic but I guess I have been searching for the wrong things. Thanks Gareth -- Posted via