-
watch on iTunes
-
follow on Twitter
-
follow on Facebook
-
subscribe to RSS feed
watch on iTunes
follow on Twitter
follow on Facebook
subscribe to RSS feed
Hello Ryan, Great Work =)
For the ones asking:
To format the console use the Hirb gem.
http://github.com/cldwalker/hirb
If your having problems installing from got on windows use the http-readonly url rather than the git one.
I had problems with the prawnto gem not loading, so it might be worth checking what you've got in your environment.rb for the config.plugins if you don't have :all you'll need to remember to add :prawnto
It's Ryan, not Rian of course, sorry for the typo....
@Jeff: That's an alternative, but as Rian Bates points out in episode #27, if you put sanitized html into your database, you'll never be able to use it in another way than displaying it again as html. But then again, if that's all you want, I guess it's a good alternative.
Estas son las cosas que probablemente nunca, sin darse cuenta de este espectáculo. gracias
Had to add :locals => { :flash => flash } to the render partial as it was barfing whiny nils if I didn't.
@Brian: html_safe? is not determined by looking at the string content, but is set by invoking the html_safe method on the string.
So why did "foo".html_safe? return false?
This wasn't clear to me. The string didn't contain anything harmful.
Thanks Ryan!
Moin moin! Wirklich schöne Seite die ihr da habt.Bin schon ein paar mal auf eurer Seite gewesen und jetzt hab ich mir gedacht, ich schreib euch mal was nettes ins Gästebuch. Also echt toll was ihr hier gemacht habt. Macht weiter so. Ich würde ich mich über einen Gegenbesuch auf meiner Webseite "Urlaub auf Sylt oder an der Ostsee" sehr freuen.
This highlights something that has always bothered me about the h method in views. I'm glad to see that it's been made default so that it can safely be forgotten, but in my opinion the proper place the sanitize the field is in the model before_save, not in the view. Imagine a post with 100 comments. I can sanitize the fields of all 100 comments every time the view is rendered, or I can sanitize each field once when it's saved. Even if the h method takes a very small fraction of a second, in aggregate sanitizing once in the model should make a notable difference in performance.
I've been meaning to write a benchmark to measure the difference in response time for an app that sanitizes the fields that need sanitizing once versus every time the view is rendered, maybe it's time I finally do it.
Great screencast as usual, really well made.
I would point out only one thing:
In the video it is shown session :session_key => '_railcasts_session_id' in the ApplicationController. In Rails 2.3 or later it will give a warning:
DEPRECATION WARNING: Disabling sessions for a single controller has been deprecated. Sessions are now lazy loaded. So if you don't access them, consider them off. You can still modify the session cookie options with request.session_options.. (called from /app/controllers/application_controller.rb:11)
It's safe to remove that line. Nowadays it is not necessary to explicitly load the session. If you really want to, you can do it with request.session_options.
But that cast was made way back in 2007, so it is not an error. Great job.
Hi Ryan!
>> NICE CAST! <<
But I have problems with validations. If I catch a form error, the error messages appears but all added questions (e.g. this code) disappear. How can I solve this problem?
Thx
Hey!
Big congrats on your three years of great podcasts! I've followed you from around episode 10 or something, and I'm allway looking forward to your work.
Keep up the good work, it is so much appreciated!
Thanks again, and congrats with your 3rd 'birthday'.
Question: in #136 about jQuery you showed how to escape_javascript().
Does that become obsolete in a silimar way as escaping html with h() in Rails 3?
I get the same "Please enter a complete billing address", somebody found a solution? may be there is nothing bo ship :S
class Happy::Anniversary < Momentous::Event
has_many :thanks, :through => :dom
...
has_many :best_wishes, :through => :dom
...
belongs_to :ryan_bates
private
def self.message
"Thank you for being so instrumental in my
adoption of Ruby and Rails - and please keep
up the great work. I'm looking forward to
another 3 years!"
end
end
iGEL: I think you didn't understand what I said I was talking about link_to bug and some reported bugs related to xss that are now solved
i recognize that this episode is a little old but since it's the #2 result for "403 passenger" i'd like to leave a note here. i've been pulling my hair out for hours trying to get passenger + nginx to give me my application instead of 403 forbidden. i thought it was a file system permissions problem but it wasn't. try this: http://pastie.org/860433
I'm just wondering.. how would it look like when you want to notify the user if the task was done successful or not? I miss a link between the jobs table and my table. Clearly, i could do something like that myself but I'm wondering if someone has an elegant solution.
Santiago: That works in Rails 2.3.5 already. I've used that plugin for a new app already, so it will be easier to migrate to rails 3.
Tried it on Rails 3, there is no link_to_function in Rails 3, can anyone offer me a Rails 3 version of this solution?
Thanks in Advance
Many thanks ryan... Keep it up...
Thanks so much, Ryan. Excellent screencasts.
Gotta express my frustration, though. It's absurd that this is so complex. This is probably Rails' most egregious inadequacy.
Why am I spending all morning learning plumbing that should be trivial. I don't mean to be a schmo, but we could do this in one minute in WebObjects in 1997.
many thanks Ryan for three years of great railscasts!
Thank you, Nicolás Hock!
In Rails 2.3.4
builder.check_box :_destroy
should be
builder.check_box :_delete
cheers Ryan! thanks for three years of excellent screencasts!
Congratulations on the Railscasts 3-year anniversary! Thanks for continuing to create great Rails examples for our community.
Chris
Happy ani!
Couple questions:
1) I assume the sanitize method still exists for selectively passing tags and attributes?
2) Does content_tag automatically apply html_safe? Would be pretty cumbersome otherwise.
Congratulations on the 3 year anniversary! Not only do you make Mondays something to look forward to, but you've provided immeasurable value to the Rails community, helping newbies and not so newbies pick up and be able to use the latest, coolest Rails technologies.
Thank you very much for all you've done, and continue to do!
Steve
Ryan, with Rails 2-3-stable from git is not easy to be vulnerable anymore.
That's going to be released sooner with Rails 2.3.6
Take a look at
http://github.com/rails/rails/commit/9ca6df83f606a0fb8be3815328111d0cdaa7c65b
and
http://github.com/rails/rails_xss
What if i have radio_buttons on a page for each fields_for the :name param is the same and I can check just 1 value for all fields_for, how can i fix this?
Wow. Well done!
Thank you very much.
Ben
Thanks Ryan, I am really loving this series of screencasts dedicated to the new rails 3 features.
Congratulations on never missing a beat in 3 years of doing this podcast! Your hard work is appreciated. Looks like rails 3 is coming up nicely. I cant wait till its out of beta.
@Ryan No need for MongoDB screencasts. If you want updates on mongomapper you can read www.railstips.org
And there's always MongoID too =P
Brilliant, thanks for all your efforts with the weekly railscasts.
Awesome thanks again! We need screencast on mongodb and rails 3!
Veryy Good
Yep. When I added the pre-building 3 roles to my New action, :roles worked. Sorry, I'm a newb! Thanks for the Railscasts, Ryan--they're a great tool.
Okay, I figured it out, but it doesn't make any sense to me.
In my code, an actor has many roles, so I wrote <%= f.fields_for :roles do |builder| %> and that didn't work.
Changing it to <%= f.fields_for :role %> works. Maybe this is because at the beginning a New Actor has no roles? Is 0 singular?
It works, so I guess I don't care, but I'd sure like to know why, if anyone gets a minute. Thanks.
thnak Sie besten in Bildung
scope :recent, lambda { |*args| {where("created_at > ?",args.first) } }
is this correct?
any ideas as will_paginate and rails3 is breaking
Pluggins are always what make a website work
thank you for the great help and greetings from me
This is going to sound kind of dumb--I'm sure I just have a missing bracket or something--but when I follow along, I can't get anything at all to render after the fields_for call.
In the following example code, TEST 1 shows up, but TEST 2 and TEST 3 do not--and neither does the partial. The next thing is the submit button.
I would appreciate any help!
Here is my code:
<p>
<%= f.label :birthdate %><br />
<%= f.date_select :birthdate %>
</p>
<p>
TEST 1
<% f.fields_for :roles do |builder| %>
TEST 2
<%= render "_role_fields", :f => builder %>
TEST 3
<% end %>
</p>
<p><%= f.submit 'Create Actor' %></p>
<% end %>
Hi Ryan,
Based on the information you provided, I am trying to implement paypal IPN and save the donors (non-profit website) information to my database. To accomplish this- after paypal sends IPN(tranx is complete) I am saving the params (some of them) to the db. But the fact is that paypal sends IPN multiple times and every time it saves the params to the database making duplicate entries. Is there any way to control this?
Like said in comment #11 I had done quite the same before inspired by this stack overflow thread. Thanks Ryan for bringing this up with 2 levels of nesting. Here is a unobstrusive jQuery version of the screencast : http://github.com/thb/surveysays
FYI: send_later will not work when calling it on an ActionMailer class, when using the collectiveidea version of delayed_job. If you want to call something like UserMailer.send_later ... you can use Tobi's original version of the gem: http://github.com/tobi/delayed_job
This likely changed since last year when Ryan did this screencast.
PS: Thanks Ryan for the awesome work you do!
I get the following error when I try to use add fields:
undefined method `klass' for nil:NilClass
what seems to be the problem ?
In case someone else has the same problem - I can get away with installing gems in radrails