Search

ruby on rails pitfalls

Loading...

Flash Player 9 (or above) is needed to view presentations.
We have detected that you do not have it on your computer. To install it, go here.

0 comments

Post a comment

    Post a comment
    Embed Video
    Edit your comment Cancel

    Notes on slide 1





    action controller 相关的问题
    Anything you place in the flash will be exposed to the very next action and then cleared out.

    Anything you place in the flash will be exposed to the very next action and then cleared out.


    action view相关

    在一些有特殊容错特性的浏览器中,比如IE 6.0
    不完整的tag会被拼成一个完整的tag.

    not safe sanitizer:HTML::FullSanitizer
    safe sanitizer:HTML::WhiteListSanitizer

    controller + view
    代码来源于Agile Web Development With Rails














    active record相关


    when there’s no table lock

    when there’s no table lock

    when there’s no table lock

    when there’s no table lock

    when there’s no table lock

    when there’s no table lock






    如果conditions是组合而成的,要注意是否有组合内容为空的情况.组合内容为空,conditions不能为空.否则,可能得到完全相反的结果.






    otherwise, something strange could happen




    3 Favorites

    ruby on rails pitfalls - Presentation Transcript

    1. Ruby on Rails Pitfall Or just stupid mistakes we made Robin Lu IN-SRC Studio robinlu@in-src.com RubyConfChina2009
    2. IN-SRC Studio • http://www.in-src.com • Team behind Caibangzi.com • Full stack Ruby On Rails Development • Projects from Pepboys,Vitality, Healthwise...
    3. ‘and’ or ‘&&’ What does this mean? result = func(arg) and render(:text => result)
    4. ‘and’ or ‘&&’ What does this mean? result = func(arg) and render(:text => result) Why not this? result = func(arg) && render(:text => result)
    5. ‘and’ or ‘&&’ What does this mean? result = func(arg) and render(:text => result) Why not this? result = func(arg) && render(:text => result) Be aware of the operator precedence
    6. strip_tags Display user input text without tags What we did:
    7. strip_tags When text = ‘<img title=\"http://example.com/x.js?\" src=\"#\"’ the page becomes: <p> <img title=\"http://example.com/x.js?\" src=\"#\" </p>
    8. strip_tags strip_tags is not safe by itself h strip_tags(text)
    9. cache class Blog1Controller < ApplicationController def list unless read_fragment(:action => 'list') @articles = Article.find_recent Controller end end end <% cache do %> <ul> <% for article in @articles -%> <li><p><%= h(article.body) %></p></li> list.html.erb <% end -%> </ul> <% end %>
    10. cache Result: sometime got crash due to uninitialized @articles
    11. cache article list
    12. cache article list check cache
    13. cache article list check cache list
    14. cache article list check cache list render
    15. cache article list article new check cache list render
    16. cache article list article new check cache list expire cache render
    17. cache article list article new check cache list expire cache render
    18. cache article list article new check cache list expire cache render check cache
    19. cache article list article new check cache list expire cache render check cache crashed by non-init @articles
    20. cache Solutions? • defensive: handle the exception • postpone init of @articles • update caches instead of expiring them none of them is perfect
    21. whiny nil
    22. whiny nil Check nil? everywhere?
    23. whiny nil config.whiny_nil = true
    24. validate_uniqueness_of
    25. validate_uniqueness_of We always get errors like this: A ActiveRecord::StatementInvalid occurred in fund#add_watch_fund:  Mysql::Error: Duplicate entry '1234-271' for key 2: INSERT INTO `watch_funds` (`account_id`, `position`, `fund_id`, `created_at`) VALUES(1234, 19, 271, '2009-05-06 19:13:50')
    26. validate_uniqueness_of Process A Process B
    27. validate_uniqueness_of Process A Process B unique?
    28. validate_uniqueness_of Process A Process B unique? select ....
    29. validate_uniqueness_of Process A Process B unique? select .... unique?
    30. validate_uniqueness_of Process A Process B unique? select .... unique? Insert
    31. validate_uniqueness_of Process A Process B unique? select .... unique? Insert Insert
    32. validate_uniqueness_of Process A Process B unique? select .... unique? Insert Insert crash!
    33. validate_uniqueness_of validate_uniqueness_of may not guarantee the uniqueness use your own lock if the uniqueness is critical to you.
    34. conditions Background: • category has many subcategories • subcategory has many posts • post belongs to subcategory we need to select all posts in a category.
    35. conditions What we did: named_scope :in_category, lambda { |cat| conditions = [cat.subcategories.map {|subcat| 'posts.subcategory_id = ?' }.join(\" OR \")] cat.subcategories.each {|subcat| conditions << subcat.id } {:conditions => conditions} }
    36. conditions Result: we get all posts when a category has no subcategories
    37. conditions When category has no subcategory named_scope :in_category, lambda { |cat| conditions = [cat.subcategories.map {|subcat| 'posts.subcategory_id = ?' }.join(\" OR \")] cat.subcategories.each {|subcat| conditions << subcat.id } {:conditions => conditions} }
    38. conditions When you compose conditions, be aware that sometime nothing to compose means the conditions should match nothing, not the conditions should be empty.
    39. before_create set a flag if the author of the post is an admin What we did:
    40. before_create Result: Only post by admin can be saved
    41. before_create All these callbacks are Filters Be careful not to break the filter chain by what you return from the filters!
    42. after_create send a mail whenever a new record is created What we did:
    43. after_create Result: sometime the record save failed but we still get mail notification
    44. after_create before_create begin ... create ... commit after_create all in one transaction all the steps between this should be transactional
    45. after_create What are non-transactional actions? • send a mail • delete a file • expire a cache
    46. after_create • try not put non-transaction actions into transactions. • after_commit • in controller
    47. Thanks!

    + Robbin FanRobbin Fan, 6 months ago

    custom

    694 views, 3 favs, 0 embeds more stats

    published by Robin Lu, Founder of caibangzi.com

    More info about this document

    © All Rights Reserved

    Go to text version

    • Total Views 694
      • 694 on SlideShare
      • 0 from embeds
    • Comments 0
    • Favorites 3
    • Downloads 18
    Most viewed embeds

    more

    All embeds

    less

    Flagged as inappropriate Flag as inappropriate
    Flag as inappropriate

    Select your reason for flagging this presentation as inappropriate. If needed, use the feedback form to let us know more details.

    Cancel
    File a copyright complaint
    Having problems? Go to our helpdesk?

    Categories

    Tags

    -->
    Search
    RSS Feed
    What's new?

    © 2009 SlideShare Inc. All Rights Reserved