Sign in through GitHub

Please read for an updated status on RailsCasts:

Learn more or hide this

Mohammad El-Abid's Profile

GitHub User: TheEmpty

Comments by Mohammad El-Abid

Avatar

No, it's calling those methods on the request object (the one that has request.path, request.remote_ip, etc).

Avatar
def self.generate_csv(fields, records, options = {})
  CSV.generate(options) do |csv|
    csv << fields.collect(&:humanize)
    records.each do |record|
      csv << record.attributes.values_at(*fields)
    end
  end
end

generate_csv([:id, :username], members, options[:csv])

Avatar

Agreed. I hear so much about Chef and want to use it, but can't find any good resources.

Avatar

Take a look at what rbenv doesn't do in comparison to RVM in the Readme: https://github.com/sstephenson/rbenv

rbenv is trying to be more, specific, as to what it does and not interfere with other existing software. (Apparently RVM rewrites functions like 'cd').

Avatar

Yeah, after seeing DHH's example I had some fun spending a few minutes making a little "plugin" for that[1].
We already use the as option[2] in our code though so I haven't had the chance to really work on that yet.

[1] = https://gist.github.com/2014589
[2] = http://guides.rubyonrails.org/security.html#countermeasures

Avatar

Generally you use Capistrano to copy it over. For Heroku you would use their config variables: http://devcenter.heroku.com/articles/config-vars

heroku config:add STRIPE_TOKEN=123

if Rails.env.to_s == "production"
  Stripe.api_key = ENV['STRIPE_TOKEN']
else
  Stripe.api_key = "public test key"
end

@tybro0103 mentioned you only need secure it when you're doing open source code. However I personally don't want my fellow developers to be able to refund payments, cancel my customers, or charge my customers copious amounts. Keep it secret, keep it safe.

Avatar

I'm using Stripe to put together a SaaS application. We create a customer (Stripe) and link it to the user (our app). We handle the upgrading, trials, and charging. Just charge expiring customers in our crontab.

Stripe::Charge.create(
    :amount => 1500, # $15.00 this time
    :currency => "usd",
    :customer => current_user.stripe_customer_token
)
Avatar

+1 for testing and +1 for future episodes on PayPal recurring subscriptions!

Avatar

As a web developer, I know some clients love cutting corners and don't secure things like they should. I mean, look at Sony and their recent PSN issues. So I only checkout from PayPal except on sites like Amazon. I've never heard of PayPal servers getting hacked.

Avatar

Based on the source code for this episode (I have yet to watch it), you made a typo, should read: auth = env['omniauth.identity']

Avatar

Well there is has_secure_password, not an engine, but does most of the repeatable code. Generally the way I want my controllers and views to behave is dependent on the application. Also it adds more overhead and technical debt to the development and probably won't stack up against OmniAuth or Devise. (Haven't used others)

Avatar
  # Subdomain / client application
  constraints(:subdomain => /.+/) do
    root :to => 'blog#show'
  end
  
  # No subdomain / root application
  constraints(:subdomain => /^(|www)$/) do
    resources :blogs
  end
Avatar

How come you didn't do something like this? Was there any reason?

ruby
def markdown(text, options = nil)
  options ||= [:hard_wrap, :filter_html, :autolink, :no_intraemphasis, :fenced_code, :gh_blockcode]
  syntax_highlighter(Redcarpet.new(text, *options).to_html).html_safe
end
Avatar

the way BCrypt is, is really cool. Here is a password_digest: $2a$10$QIFk4ytMIzE03/njtSMFmedzhTyv8DVMMtWjqnFeW9FcQpBEf.u0.

I believe 2a or $2a is the salt, $10 means 10 encryptions/stretches and the rest after the next $ (or included) is the resultant hash.

Avatar

I don't like them since they take longer, sure it's by uncountable times, but it's really not too much for me to add the extra code. Also I do this:

class User # ...
  def find_by_email(email)
    where(['LOWER(email) = LOWER(?)', email]).first
  end
end
Avatar

a lot of people want people to register to see content, that way they can send mass e-mails, say that have x users, etc. If you want to have manual activation it's not that hard, just add an extra field such as add_column :users, :activated, :boolean, :default => false, :null => false and then have an admin panel and set user.activated = true on your users.

Avatar

I remember that I've done something similar before but used flash.now.success and got an error that success was undefined, is it only selected names or was it something else I did wrong? (It was so long ago and it's a pain to create a controller to test them XD)

Avatar

*has_secure_password ;P
Yeah, I don't know why they aren't accepting pull requests that allow you to rename what column it goes into.

Avatar

I've been doing this forever so I kind of feel like it's a waste, but hopefully people that don't use gravatar will now be convinced to use or or introduced to it.