#25 SQL Injection

One of the most common security problems for dynamic sites is SQL Injection. Thankfully Rails does everything it can in solving this issue, but you still need to be aware of it.

#25 SQL Injection

One of the most common security problems for dynamic sites is SQL Injection. Thankfully Rails does everything it can in solving this issue, but you still need to be aware of it.

#24 The Stack Trace

The stack trace can be a very useful tool when it comes to debugging. Learn the ins and outs of how the stack trace works in this episode. Note: I am using an older version of the Rails bundle here so it might be a little different than yours. The command in the newer version is called Install Plugin and requires you to type textmate_footnotes in the search.

#24 The Stack Trace

The stack trace can be a very useful tool when it comes to debugging. Learn the ins and outs of how the stack trace works in this episode. Note: I am using an older version of the Rails bundle here so it might be a little different than yours. The command in the newer version is called Install Plugin and requires you to type textmate_footnotes in the search.

Zed Shaw – Ruby on Rails Podcast

The author of Mongrel talks about its development and condemns HTTP while offering to save the internet with hate.
Also mentioned:

Zed Shaw – Ruby on Rails Podcast

The author of Mongrel talks about its development and condemns HTTP while offering to save the internet with hate.
Also mentioned:

#23 Counter Cache Column

If you need to display the record count for a has_many association, you can improve performance by caching that number in a column.

#23 Counter Cache Column

If you need to display the record count for a has_many association, you can improve performance by caching that number in a column.

#22 Eager Loading

One way to improve performance is to cut down on the number of SQL queries. You can do this through eager loading. Learn all about it in this episode!

#22 Eager Loading

One way to improve performance is to cut down on the number of SQL queries. You can do this through eager loading. Learn all about it in this episode!

TextMate filetype detection for script/runner Rails scripts

So you’re building some righteous automation for your killer web 2.0 app, placing scripts in RAILS_ROOT/script that you can call from cron for nightly maintenance, etc. To bootstrap your rails environment, you decide to use the shebang feature of script/runner, available since changeset 5189. When you start to edit the script in TextMate (you are using TextMate, aren’t you?) there is no syntax highlighting to be found! It’s all plain text with no colors, and none of your ever-so-helpful keyboard macros work! Frightful. Well, take a deep breath, because together, we’re going to get the filetype detection magic working for you.

Before we get started, it’s helpful to know how filetype detection works. TextMate does a couple of different types of filetype detection — the first is based off of the extension, so if you named your script with a .rb extension, you are probably wondering what in the world I’m rambling about. Dude. It just works.

However, if you followed the rails convention for scripts, and did not use an extension with your filename, keep reading. The second type of detection works by scanning the so called “shebang” line at the top of the script which tells the shell (and in this case TextMate) which interpreter to use to evaluate your script — this is how we will tell TextMate that script/runner really means ruby.

First of all, you’ll need to fire up the Bundle Editor and select “Languages” from the drop-down filter. Expand the “Rails” node, and then select the “Ruby on Rails” language. On the right side, you should see the definition being used by TextMate to detect the Ruby on Rails scope. If you have not modified your bundle, you’ll probably see that it is using a fileTypes to look for .rxml files. This is where we want to insert the following line:

@ firstLineMatch = ‘^#!.*(script/runner)’;@

Here’s a screenshot of what it should look like when you are done:

Now go back to your script and enjoy all the colorized, scope-aware editing goodness that is TextMate!

#21 Super Simple Authentication

The final piece of the administration puzzle: authentication. There are many different approaches which is why I saved this step for last. This episode will cover a few techniques including the simple solution used for this site.

#21 Super Simple Authentication

The final piece of the administration puzzle: authentication. There are many different approaches which is why I saved this step for last. This episode will cover a few techniques including the simple solution used for this site.

#20 Restricting Access

In this second part of the series on administration, you will learn how to lock down the site to keep the public from accessing the administration features.

#20 Restricting Access

In this second part of the series on administration, you will learn how to lock down the site to keep the public from accessing the administration features.

#19 Where Administration Goes

This is the first part of a three part series on building an administration system. Many developers choose to separate it completely from the public side of the site by placing it into an admin subdirectory. This episode will show you an alternative and often better solution.

#19 Where Administration Goes

This is the first part of a three part series on building an administration system. Many developers choose to separate it completely from the public side of the site by placing it into an admin subdirectory. This episode will show you an alternative and often better solution.

#18 Looping Through Flash

Displaying flash messages in the layout can be a pain at times. In this episode you will learn an easy way to display any kind of flash message by looping through the hash.

#18 Looping Through Flash

Displaying flash messages in the layout can be a pain at times. In this episode you will learn an easy way to display any kind of flash message by looping through the hash.

Updated Rake Command Completion

Here’s another update to a previous post.

  1. A bug was fixed that caused the first task to be omitted from the task list.
  2. A new feature was added to allow rake not to be the first command on the command line.  Now you get completion for both rakes in the following command: rake db:migrate VERSION=0 && rake db:migrate
  3. Another feature for quicker rake command completion development, <sarcasm>a feature everyone has been waiting for</sarcasm>.  This feature just adds the rake completion script itself to the cache dependency list, so the cache will be refreshed while you are playing with the command completion script.  This should make tweaking the script much easier in the future.

As always, enjoy.