search for: uedvyssj3mupas55wn97og

I''m hand editing my .css and .rhtml files using SciTE and hitting refresh in my browser to see the results - its slow going. What tools are people using to author their .css and .rhtml files? Thanks, Neville _______________________________________________ Rails mailing list Rails-1W37MKcQCpIf0INCOvqR/iCwEArCW2h5@public.gmane.org

I''m seeing the following in the WEBbrick console output after every GET 192.168.0.108 - - [03/Mar/2005:15:35:19 AUS Eastern Daylight Time] "GET /favicon.ico HTTP/1.1" 200 60 - -> /favicon.ico What does /favicon.ico (which doesnt seem to exist in my source) do for Rails? _______________________________________________ Rails mailing list

In my app, a user logs in [via the login generator] and has access to details of his account, and transactions attached to his account. This is achieved in the standard rail manner by passing the account id or transaction id between the controller and the view. But what is to stop someone hacking the URL or view html to access another account id or transaction id ? eg /account/show/46 becomes

I''ve been using the login generator ''out of the box'' for simple authentication, and its been working fine. Now I want to extend it by simply adding ''type_id'' field which links to my ''user_types'' table, but I''m hitting: #<ActionController::SessionRestoreError: Session contained objects where the class definition

I''ve just been playing with ''render_partial'' and its great. Reusable, parametised, html components! I''m playing with navigation components, and my ''left nav bar'' is now parametised and driven by the action, yet shared over many actions, and isolated in its own "_left_menu.rhtml" So easy to use, awesome stuff. Neville

>> that should be "belongs_to :user_type" Bingo! -----Original Message----- From: rails-bounces-1W37MKcQCpIf0INCOvqR/iCwEArCW2h5@public.gmane.org [mailto:rails-bounces-1W37MKcQCpIf0INCOvqR/iCwEArCW2h5@public.gmane.org] On Behalf Of Jarkko Laine Sent: Wednesday, 9 March 2005 6:59 PM To: rails-1W37MKcQCpIf0INCOvqR/iCwEArCW2h5@public.gmane.org Subject: Re: [Rails] Confused about

I just checked out the latest sqlserver_adapter.rb from the SVN repository, and it seems to work fine. -----Original Message----- From: rails-bounces-1W37MKcQCpIf0INCOvqR/iCwEArCW2h5@public.gmane.org [mailto:rails-bounces-1W37MKcQCpIf0INCOvqR/iCwEArCW2h5@public.gmane.org] On Behalf Of Neville Burnell Sent: Thursday, 24 March 2005 2:25 PM To:

I''ve looked everywhere [except the right place], but I can''t find where to change WEBbrick from listening to port 3000 to port 80. Can anyone point me in the right direction. Thanks Neville _______________________________________________ Rails mailing list Rails-1W37MKcQCpIf0INCOvqR/iCwEArCW2h5@public.gmane.org http://lists.rubyonrails.org/mailman/listinfo/rails

> Have you tried it to make sure it actually works? Yep, it works. > What I would do in your situation is to modify the show action > on those controllers so that they don''t take the id from the URL> > but from the session. That way somebody accessing "/account/show" > or "/transaction/show" can only see their own details, and nobody

is to run my Rails app on lighttpd .... Unfortunately, I am tied to SQL Server, and the database connector requires ADO.rb which only runs on Win32. And lighttpd doesnt run on Win32. *sigh* _______________________________________________ Rails mailing list Rails-1W37MKcQCpIf0INCOvqR/iCwEArCW2h5@public.gmane.org http://lists.rubyonrails.org/mailman/listinfo/rails

> Because you mentioned "cookie-hacking": it is very easy to > take over a rails-session if you know the value of the > session-cookie. It is not possible to prevent that easily, > you can just make it harder by encrypting the whole session > (right from the beginning when the user enters the site, > and the cookie is created) by using https. https will encrypted