0
ACTIVERECORD                               Rails 3Saturday, March 5, 2011
MVCSaturday, March 5, 2011
RAILS CONSOLE   >> ActiveRecord::Base.logger = Logger.new(STDOUT)Saturday, March 5, 2011
RAILS CONSOLE   >> ActiveRecord::Base.logger = Logger.new(STDOUT)   >> Person.first     SQL (1.0ms) SELECT name    FROM sql...
RAILS CONSOLE   >> ActiveRecord::Base.logger = Logger.new(STDOUT)   >> Person.first     SQL (1.0ms) SELECT name    FROM sql...
RAILS CONSOLE   >> ActiveRecord::Base.logger = Logger.new(STDOUT)   >> Person.first     SQL (1.0ms) SELECT name    FROM sql...
DYNAMIC GETTERS AND                   SETTERS  >> bret = Person.new  >> bret.first_name = "Bret"  >> bret.last_name = "Smit...
MORE ACTIVE RECORD         • save to database as needed         • automatically handle update/insert         • dynamic que...
SQL INJECTIONSaturday, March 5, 2011
SAFE FROM SQL INJECTION  class User < ActiveRecord::Base      def self.authenticate_unsafely(user_name, password)       fin...
Upcoming SlideShare
Loading in...5
×

Active Record

850

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
850
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
8
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Transcript of "Active Record"

  1. 1. ACTIVERECORD Rails 3Saturday, March 5, 2011
  2. 2. MVCSaturday, March 5, 2011
  3. 3. RAILS CONSOLE >> ActiveRecord::Base.logger = Logger.new(STDOUT)Saturday, March 5, 2011
  4. 4. RAILS CONSOLE >> ActiveRecord::Base.logger = Logger.new(STDOUT) >> Person.first SQL (1.0ms) SELECT name FROM sqlite_master WHERE type = table AND NOT name = sqlite_sequence Person Load (1.0ms) SELECT "people".* FROM "people" LIMIT 1 => #<Person id: 2, first_name: "Wilma", last_name: "Flinstone", created_at: "2010-10-19 19:59:36", updated_at: "2010-10-19 19:59:36">Saturday, March 5, 2011
  5. 5. RAILS CONSOLE >> ActiveRecord::Base.logger = Logger.new(STDOUT) >> Person.first SQL (1.0ms) SELECT name FROM sqlite_master WHERE type = table AND NOT name = sqlite_sequence Person Load (1.0ms) SELECT "people".* FROM "people" LIMIT 1 => #<Person id: 2, first_name: "Wilma", last_name: "Flinstone", created_at: "2010-10-19 19:59:36", updated_at: "2010-10-19 19:59:36"> find "people" table nameSaturday, March 5, 2011
  6. 6. RAILS CONSOLE >> ActiveRecord::Base.logger = Logger.new(STDOUT) >> Person.first SQL (1.0ms) SELECT name FROM sqlite_master WHERE type = table AND NOT name = sqlite_sequence Person Load (1.0ms) SELECT "people".* FROM "people" LIMIT 1 => #<Person id: 2, first_name: "Wilma", last_name: "Flinstone", created_at: "2010-10-19 19:59:36", updated_at: "2010-10-19 19:59:36"> find first row in "people table"Saturday, March 5, 2011
  7. 7. DYNAMIC GETTERS AND SETTERS >> bret = Person.new >> bret.first_name = "Bret" >> bret.last_name = "Smith" >> bret.first_name "Bret" >> bret.xxx NoMethodErrorSaturday, March 5, 2011
  8. 8. MORE ACTIVE RECORD • save to database as needed • automatically handle update/insert • dynamic queriesSaturday, March 5, 2011
  9. 9. SQL INJECTIONSaturday, March 5, 2011
  10. 10. SAFE FROM SQL INJECTION class User < ActiveRecord::Base def self.authenticate_unsafely(user_name, password) find(:first, :conditions => "user_name = #{user_name} AND password = #{password}") end def self.authenticate_safely(user_name, password) find(:first, :conditions => [ "user_name = ? AND password = ?", user_name, password ]) end def self.authenticate_safely_simply(user_name, password) find(:first, :conditions => { :user_name => user_name, :password => password }) endSaturday, March 5, 2011
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×