Uploaded on

 

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
785
On Slideshare
0
From Embeds
0
Number of Embeds
0

Actions

Shares
Downloads
7
Comments
0
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. ACTIVERECORD Rails 3Saturday, March 5, 2011
  • 2. MVCSaturday, March 5, 2011
  • 3. RAILS CONSOLE >> ActiveRecord::Base.logger = Logger.new(STDOUT)Saturday, March 5, 2011
  • 4. RAILS CONSOLE >> ActiveRecord::Base.logger = Logger.new(STDOUT) >> Person.first SQL (1.0ms) SELECT name FROM sqlite_master WHERE type = table AND NOT name = sqlite_sequence Person Load (1.0ms) SELECT "people".* FROM "people" LIMIT 1 => #<Person id: 2, first_name: "Wilma", last_name: "Flinstone", created_at: "2010-10-19 19:59:36", updated_at: "2010-10-19 19:59:36">Saturday, March 5, 2011
  • 5. RAILS CONSOLE >> ActiveRecord::Base.logger = Logger.new(STDOUT) >> Person.first SQL (1.0ms) SELECT name FROM sqlite_master WHERE type = table AND NOT name = sqlite_sequence Person Load (1.0ms) SELECT "people".* FROM "people" LIMIT 1 => #<Person id: 2, first_name: "Wilma", last_name: "Flinstone", created_at: "2010-10-19 19:59:36", updated_at: "2010-10-19 19:59:36"> find "people" table nameSaturday, March 5, 2011
  • 6. RAILS CONSOLE >> ActiveRecord::Base.logger = Logger.new(STDOUT) >> Person.first SQL (1.0ms) SELECT name FROM sqlite_master WHERE type = table AND NOT name = sqlite_sequence Person Load (1.0ms) SELECT "people".* FROM "people" LIMIT 1 => #<Person id: 2, first_name: "Wilma", last_name: "Flinstone", created_at: "2010-10-19 19:59:36", updated_at: "2010-10-19 19:59:36"> find first row in "people table"Saturday, March 5, 2011
  • 7. DYNAMIC GETTERS AND SETTERS >> bret = Person.new >> bret.first_name = "Bret" >> bret.last_name = "Smith" >> bret.first_name "Bret" >> bret.xxx NoMethodErrorSaturday, March 5, 2011
  • 8. MORE ACTIVE RECORD • save to database as needed • automatically handle update/insert • dynamic queriesSaturday, March 5, 2011
  • 9. SQL INJECTIONSaturday, March 5, 2011
  • 10. SAFE FROM SQL INJECTION class User < ActiveRecord::Base def self.authenticate_unsafely(user_name, password) find(:first, :conditions => "user_name = #{user_name} AND password = #{password}") end def self.authenticate_safely(user_name, password) find(:first, :conditions => [ "user_name = ? AND password = ?", user_name, password ]) end def self.authenticate_safely_simply(user_name, password) find(:first, :conditions => { :user_name => user_name, :password => password }) endSaturday, March 5, 2011