similar to: executive: "is rails secure?"

Hi all, I''m trying to get rails up on mssql for a friend, does anyone have experience? We''re working on a Windows XP box with MSSQL 2000 (no service pak), and both rails (1.1) and MSSQL are on the same box. I''m running into a bug (I think) where activerecord is using this syntax: SELECT TOP 1 * FROM users WHERE (users.user = ''jbgnuumnbu'')

Bad rails day for Matt- In a migration, for a habtm: create_table :teams_users do |t| t.column :team_id, :integer t.column :user_id, :integer end Ok, fine. In a controller (well really a migration script): @user.teams << Team.find( 3 ) And the SQL pumped at my server is: INSERT INTO teams_users (`team_id`, `id`, `user_id`) VALUES (3, 3, 34) Which

So this new STI :through thing is still not clear to me. I have a project now where I''m using this: class List < ActiveRecord::Base belongs_to :user end class StaticList < List has_and_belongs_to_many :items end In the script/console: >> StaticList.create NameError: uninitialized constant StaticList What? ok, fine. So a List.create would be in

Yeah I''m getting major problems as well. I don''t know what the issue is but I''m thinking of going back to 1.0 I would really like to hear if you figure this out, kind of an important part of Rails for us. -Paul -------------- next part -------------- An HTML attachment was scrubbed... URL:

Hi everyone, This seems so basic, and yet I can''t quite figure it out. Say I have some code in an .rhtml document: <%= if @session[:user_id] link_to somethingA else link_to somethingB link_to somethingC end -%> Only the link to somethingC will show in the second case. I understand that the last thing returned from that else block is that last line. In php i could just add

Hi, I noticed that LLVM had signed up as a mentoring organization for Google's summer of code. LLVM looks like an exciting project that overlaps some of my interests. I would be interested in developing an additional front end for a language it does not currently support (I'm open to what language). I do not know much about what this entails in regards to what LLVM requires from its

Why does rails keep installing cookies on users machines, even if I am not ussing th session variable for anything? How do I stop this? Thanks, Scott -- Easily help charity when you shop: www.GiveTeam.org I''m a member of the Give Team, are you?

Heres my Ruby on Rails webbrowser: https://palary.org Sorry, but I just couldn''t resist. Cheers, Scott

Haven''t been able to find a good enough answer on whether using sanitize() is enough to really protect me from XSS attacks I basically have a blog page that I want to allow people to display comments on but would like to allow html tags to be posted on the comments, these could html tags like the imageshack img tags, youtube player, photobucket img tags etc any other approaches or

I''m trying to get the value of a form field (input type="text" id="name">) from a controller via the params hash, but this isn''t working. I thought params[:name] would return this. The textbox is not part of the model. Does anyone know how to do this?? Thanks! -- Posted via http://www.ruby-forum.com/.

Hi, As I understand, the GC of Ruby can take only max. 8 meg of memory. So I wonder if there is some reason behide this or it is simply a hardecode feature???? and if I want to increase the memeory, how should I do this??? Thanks you very much!!!! Saiho The mind is its own place, and in itself. Can make a Heaven of Hell, a Hell of Heaven. http://www.geocities.com/sayoyo/

So I got my rails app to connect to the SQLServer via ODBC, and I can model/scaffold, yada yada.. but when I need to exec a stored proc using sql_server.rb I get undefined local variable or method `connection'' how can that be, if I can connect for everthing else? thanks -- Posted via http://www.ruby-forum.com/.

Is there a way to print out an instance variable (@something) so you can see: 1: what it contains 2: how it''s mapped together ?? -- Posted via http://www.ruby-forum.com/.

The input values could be something like this: 01-Dec-2006 01-December-2006 1-June-2006 Is there an easy to way to get the three variables populated dd, mmm and yyyy for any of the above input values? I tried to look at regex but couldn'' anything simple. Thanks -------------- next part -------------- An HTML attachment was scrubbed... URL:

Anybody know of any Rails-using web sites that really capture the essence of the nebulous Web 2.Oh from which ideas, instruction, and inspiration can be drawn? BTW, what exactly IS Web 2.0? Joe -- Posted via http://www.ruby-forum.com/.

html has tidy. is there anything that would format ruby source? i looked around, but googling on ''ruby format'' is maybe not so useful. i''d love to get something that would batch an entire app/ directory... (which i realize, suggests *.rhtml as well.) thanks! -- David Humphreys dave@dbhumphreys.com

Can I call partials from html files in public? Is this wise? I''ve got a bunch of html files and I''d like to let them have access to pieces of Rails, but I''d like to manage them through Contribute or some such. I *could* wiki them up, but that seems like a lot of work for pages that don''t get updated that often (yearly or so). Thanks in advance! - Dave --

Getting the front end for Fortran finished is definitely something I would be interested in working on. I will draft up a little proposal and send it out to this list. -Scott On 3/19/07, Kenneth Hoste <kenneth.hoste at ugent.be> wrote: > Hi Scott, > > On 18 Mar 2007, at 04:22, Scott Fortmann-Roe wrote: > > > Hi, > > > > I noticed that LLVM had signed up as a

Hi, I''m new to this whole Rails thing but like what I see. Anyways probably stupid question: I was wondering if anyone knew where I could get a list of RadRails key bindings and shortcuts, I can''t seem to find it anywhere in the application or on the ''net. Thanks a lot, Scott

Hi! I wanna take a stab at implementing better XSS prevention for Rails. This time for real =) I''m wondering what would be the better way, clean everything up with tidy first and then do the rest with regexp or regexp all the way? Anybody done this before? Thanks! Ciao! Florian