Category: Programming


Making Configuration Files with YAML: Revised

Filed under: Programming by Tim Knight — 3 Comments
January 2, 2009

So back in July 2007 I posted a blog on making configuration files with YAML, and I’ve been noticing a lot of readership on the old article. Because it seems that a lot of people are reading it I felt it was important to show how I apply this nowadays.

First I put my config.yml file within the /config/ directory within my Rails application. It looks something like this:

development: &non_production_settings
  :google_analytics:
    :api_key: "[Enter Google ID]"
  :site:
    :title: "[Title]"
    :address: "http://localhost:3000/"

test:
  <<: *non_production_settings

production:
  :google_analytics:
    :api_key: "[Enter Google ID]"
  :site:
    :title: "[Title]"
    :address: "[Address]"

Then, I create a new file called load_config.rb within the /config/initializers directory. You can name the file whatever you want – that’s just what I call it. This is where the actually YAML loading is going to happen – and this is what it looks like:

raw_config = File.read(RAILS_ROOT + "/config/config.yml")
APP_CONFIG = YAML.load(raw_config)[RAILS_ENV]

Now any time I want to all one of these variables I just call it like:

<%= APP_CONFIG[:site][:title] %>
Tags: , , ,
Comment

Optimizing the RedCloth Helper

Filed under: Programming by Tim Knight — Leave a comment
December 1, 2008

In my previous post I posted several small Rails tips, one of which was a cleaner RedCloth helper. Unfortunately, this helper requires that the textile is parsed each time the page is loaded, and that can get nasty. So it our item is a text field called details, just add a details_html field to your model… then create a private conversion method that you call using a before_filter.

Something like:

before_filter :convert_details

def convert_details
  return if self.details.nil?
  self.details_html = RedCloth.new(self.details).to_html
end 

Then just display details_html in your view instead. This way the textile only gets converted when you save and make changes to it.

Tags: ,
Comment

Rails Tip Roundup

Filed under: Programming by Tim Knight — 5 Comments
October 11, 2008

I’ve been working on a few new projects lately and wanted to share a few little tips I’ve started doing.

Conditional Buttons for Shared Forms

Something that I like to do is use a shared form for both my edit and new views. Doing this however means I need to be friendly to the user interface and make sure the submit button is properly instructional. So for example if I have a Customer model with an instance variable @customer my button would look like this:

<%= f.submit((@customer.new_record? ? "Create" : "Update") + " Customer") %>

With this I’m checking to see if the @customer instance variable belongs to a new record and if so it’s outputs Create, otherwise it’s an Update button.

Cleaner RedCloth Helper

There is the built-in textile helper that comes with Rails, it’s carage return rendering is a bit lame so most people typically upgrade their RedCloth gem and using something like:

<%= RedCloth.new("My copy that requires formatting").to_html =>

I prefer to instead create an application level helper for redcloth (some people might instead overwrite the textile helper here, but I find that can be confusing to some people looking at your code for the first time). My helper looks like this:

def redcloth(str)
   RedCloth.new(str).to_html
end

So now when I want to redcloth something I just call:

<%= redcloth("My copy that requires formatting") %>

Simple Little Permalink

When I have a simple object that I want to create more user-friendly URLs for, I’ll create a basic permalink. In the instance of the same Customer model from tip 1 above, I like to use the customer name as the permalink. To do this of course the name has to be unique so make sure you are validating it’s uniquiness above all. Then I create a permalink column in the database table and write something like this in my model.

def name=(value)
  write_attribute :name, value
  write_attribute :permalink, value.gsub(/\s/, "-").gsub(/[^\w-]/, '').downcase
end

def to_param
  permalink
end

This uses the value of the name that is entered, clears it of puncuation, replaces spaces with hyphens and drops the casing. The first line makes sure it still remembers it needs to write the value itself to the name column in the model.

Now it’s still important that you confirm that the permalink is unique too, but I’ll let you do that on your own.

So that’s it – I hope you guys find it useful.

Tags: ,
Comment

Rolling with Rails 2.0RC1

Filed under: Programming by Tim Knight — Leave a comment
November 28, 2007

I’ve never been a fan of using rake to download EdgeRails. To me it never seemed to make sense that you would make a Rails project generated by one version and then download the Edge version into the plugins directory. So with that in mind I’m going to tell you how I roll out EdgeRails projects and in turn show you how to download Rails 2.0RC1 and generate a project with it.

Before I get into it though, I’m expecting that you have a development environment already running. I expect that you already have rake, ruby, rails, svn, and all that other stuff installed. If you don’t, please see one of the thousand Internet posts on how to do that or the many chapters in books that cover it. Okay, now that we are on the same page – let’s get moving.Let’s open up your command line terminal. Go into wherever you create your projects in Rails and make a new directory for your new project:

mkdir -p new_project/vendor

The -p variable creates both the new_project directory and the vendor directory inside it (depends of course on your OS, you could always just create both manually). Go into the directory:

cd new_project

Now, run SVN and checkout 2.0RC1 into the vendor/rails directory.

svn co http://dev.rubyonrails.org/svn/rails/tags/rel_2-0-0_RC1 vendor/rails

Now from the project directory (new_project) run the rails script within the vendor directory.

ruby vendor/rails/railties/bin/rails .

That will execute the rails script on the current directory. You basically just did the same thing as executing “rails new_project”. That’s it, you’ve now checked out Rails 2.0RC1 and created the base project. Now get started…Have fun.

Update:

This morning (November 29th) the Rails team has released RC2 so if you are wanting to check out RC2 – use the svn checkout command of:

svn co http://dev.rubyonrails.org/svn/rails/tags/rel_2-0-0_RC2 vendor/rails
Tags:
Comment

Making Configuration Files with YAML

Filed under: Programming by Tim Knight — 4 Comments
July 25, 2007

Update: A newer version of how I load YAML into configuration files in my projects can be found here.

Since being introduced to YAML I’ve loved using it for configuration files in both Ruby and Ruby on Rails. YAML means “YAML Ain’t Markup Language”. Yes, there is an infinite loop in the title – it’s programmer humor. Those of you familiar with Ruby on Rails are somewhat familiar with YAML because that is the format of the database.yml configuration file. So this is a sample of what a YAML file typically looks like:

development:
	adapter: mysql
	database: project_development
	username: root
	password:
	socket: /tmp/mysql.sock

This is a snippet out of the database.yml file. But one of the great things about Ruby is that writing code to read YAML is extremely simple. Let’s say I want to make a website configuration file, this is what that might look like:

config:
	title: My Rails Website
	author: Santa Claus
	email: email@company.com
	css_file: default.css

The hardest part is thinking about what type of information you want to store in your configuration, the Ruby is extremely easy. Check it out…

First we require the YAML library:

require 'yaml'

Ok, now we can make a read_config method:

def read_config
	config = YAML.load_file("config.yaml")
	@title = config["config"]["title"]
	@author = config["config"]["author"]
	@email = config["config"]["email"]
	@css_file = config["config"]["css_file"]
end

Seriously, that’s it (of course you need to execute the method). We just load the YAML into a local variable. Then we spider down the YAML document using the local variable that we assigned the loaded YAML document. So where you see “config” in quotes that is referring to the “config:” within the YAML document. Of course, were I say “config.yaml” you would actually put the path to your specific YAML document. One the information is loaded, I pull the data I want into a few instance variables making them accessible to my views (in Rails).

Update:

A more efficient way to do this would be to loop through the hash that is created by the read_config method and just set the key to an instance variable, like so:

config["config"].each { |key, value| instance_variable_set("@#{key}", value) }

Update: A newer version of how I load YAML into configuration files in my projects can be found here.

Tags: , , ,
Comment

Formatting Names Using Ruby

Filed under: Programming by Tim Knight — 2 Comments
July 18, 2007

Getting information from users is a common task that we have to deal with in building an application. This typically happens either in creating a user account, commerce orders, or any other time when the application has to ask “who are you?”. Often times we’ll create a field for both a firstname and a lastname allowing the user to separate their names to make it easier for us (the application developer) to display either/or both. In this post, I’m going to talk about how we can format full names given to the application by the user without necessarily worrying about creating two textfields. Of course, you would use this code in the methods within a Rails app.

So let’s say I have a variable for creative purposes, I’ll call it ‘name’ and ‘name’ has a value.

name = “James Earl Jones”

And I want to only display the first and last name of my ‘name’ value I could do this:

names = name.split
firstname = names.first
lastname = names.last

Now this splits the three words in ‘name’ into an array. I then set firstname as the first item from the array, and set lastname as the last item from the array.

Running:
p “#{firstname} #{lastname}”

Would then output:
“James Jones”

How about we do another common formatting task we can to show the last name first separated with a comma the rest of the name, we could do this:

names = name.split
lastname = names.pop
firstname_remaining = names.join(‘ ‘)

Here we split the name up again, put then ran the pop method which pulls the last time of the array out of the array and then returns it. This would leave only the remaining name left to work with as the firstname_remaining variable. I them join the rest of the array with spaces for the firstname_remaining (which would include the first name and any remain name information like a middle name).

Running:
p “#{lastname}, #{firstname_remaining}”

Would then output:
“Jones, James Earl”

Lastly, a common thing I’ve been seeing lately is the usage of the last initial when showing a user’s name. We could do something like this:

names = name.split
firstname = names.first
lastinitial = names.last[0,1]

Here I’m introducing some trimming for the lastinitial variable. You see this with a bracket and two numbers. The first number is the offset in the string that I’m trimming (zero is the first letter is a string), the next number is how many characters I’m showing from that offset.

Running:
p “#{firstname} #{lastinitial}.”

Would then output:
“James J.”

So that’s it for now. Of course you might think about adapting this to users that will have items at the end of their name like “Jr.” – this can sometimes just be solved using a drop-down.  I’m hoping that perhaps I have introduced you to some things in Ruby that you might have been previously unaware of. Until next time.

Tags: ,
Comment

Silencing Rails Logs for Security

Filed under: Programming by Tim Knight — Leave a comment
June 12, 2007

For those of you that are already familiar with the Rails framework you already know that the Rails logs are completely invaluable when it comes to debugging and troubleshooting issues.  However, just as with any form of transaction logs they introduce a major security issue.

Just think about some of that information that you might be storing in your database… credit card numbers?, social security numbers?, or what about passwords?  Imagine someone getting a hold of those logs and seeing all the session parameters being passed into the database.  Inserting the credit card numbers into an order, selecting the user information based on a username and password combination.  See the point I’m making here?  Let’s look at a quick example of what you’ll see in your logs:

Parameters: {“model”=>{“username”=>”John”, “password”=>”hax0r”}…

Not good.

Thankfully Rails makes it simple to filter this important material from your logs.  Just open up the model that you want to filter and add a single line just below the class definition:

class Model < ActiveRecord::Base
filter_parameter_logging :password

end

In this case I just filtered “password”, but you could filter whatever else you wanted to for that model, separating each parameter with a comma, like such:

filter_parameter_logging :password, :confirm_password, :ssn, :creditcard_number, :etc

It’s that’s simple.  So keep those Rails logs secure and filter out the stuff that others don’t need to know.

Comment

Using Ruby to Stay Informed With Innovative Thought

Filed under: Programming by Tim Knight — Leave a comment
May 23, 2007

So I was thinking this evening about creating an RSS parser in Ruby. You know… Ruby supports this built in? Big surprise right? All you have to do in require the rss library:

require 'rss'

Then of course if you want to open up a connection to a URL you need to include the open uri library too:

require 'open-uri'

So that’s all the requirements. Next I’ll create a method called ReadRss that will take a single variable defined as “url”.

def ReadRss(url)
  open(url) do |page|
    respond = page.read
    result = RSS::Parser.parse(respond,false)
    puts "Blog: #{result.channel.title}, #{result.channel.description}"
    result.items.each_with_index do |item, i|
      i += 1
      puts "#{i}  #{item.title}"
    end
  end
end

That’s it. Now all you have to do is call ReadRss with the site feed address. Here’s a good hint for you:

ReadRss("http://innovativethought.wordpress.com/feed/")

So now that you can parse RSS feeds right from your Ruby script.  ATOM parser will come shortly.

Tags: , ,
Comment

Web 2.0: Day 2 Recap – Sessions

Filed under: Business, Design, Programming by Tim Knight — Leave a comment
April 22, 2007

Of course I am recapping here and reviewing most of my notes now that I am home. I still wanted to share what I had experiences so I’m posting this information a little late. Day 3 and 4 will be coming as well.

The New Hybrid Designer

This was a panel discussion that included Kelly Goto, Jeremy Keith, and Chris Messina. Unfortunately it become more of an introduction to the Design related track that really getting down the what it means to be a Hybrid Designer. Getting the designers to learn more about application design and architecture are some of the most important key points here. Using documentation such as that from Apple, their Application Design Guidelines is a great suggestion. Remembering as well that the line between design and development continues to grow thinner. Continuing to place strong consideration on “placelessness” – the idea that not only should content be separated from design but as well as context and device limitations. Chris Messina also made strong mention against applications such as Adobe’s Apollo which will end the “View Source” option, noting that many of todays developers have learned using the method of learning from someone else’s work. I was differently that person and I’m sure many of today’s beginners learned HTML are doing the same. It is important we don’t kill the growth of our community by developing applications that eradicate it’s growth.

Rich Internet Applications with Apollo

Sadly, the presentation with Mike Chambers as he tried to show the benefits of Apollo left me desiring more in general. I can’t blame Mike for it completely because the network was extremely congested and he was unable to demo many of the features of online application access. The thing that really has got me bothered by the platform in general is that, in a bad way, it feels like “half a product”. Now I’m a strong advocate of building “half a product” more then a “half ass product”. Perhaps I would lean to being more enthusiastic about this product if I felt the features planned for inclusion in their initial release was the “correct half” of the product.

If you are wanting to streamline application development to “bridge the gap” between the web and desktop platforms you need to create a way to easy deploy the single page/controller level updates to all the desktop clients. Streamlined, without interruption – with no option to not update the functionality. It would be a replica of the features you are mimicking from the web application you are converting. Not necessarily in user interface, but function and user experience.

Vulnerabilities 2.0 in Web 2.0: Next Generation Web Apps from a Hacker’s Perspective

This was an amazing conference session. Given by a partner of iSEC Partners a security research firm and pen-testing company. I’m hoping to get a copy of the slides as the presenter did tell us that they would be available. Getting into topics that were far more advanced then just simple cross-site scripting issues. Major vulnerabilities exist in all current AJAX framework implementations as well a big issue with most AJAX sites is that the functions and methods are rightly available to all visitors to the application. Having methods within your code for “MakeMeAdmin()” is ridiculous! But it still happens. Remembering as well using cross site forgery techniques are assisted because browsers will pass the cookie if it is active in the other window or tab – because cookies are shared among windows. It turns out the guys over at iSEC Partners are going to be publishing the new Hacking Exposed book in December 2007 entitled ‘Hacking Exposed: Web 2.0′.

The Arrival of Web 2.0: The State of the Union on Browser Technology

I’ll be honest and say I don’t know how much really came out of this session other then, “Browser companies are starting to work today.” People representing Opera, Mozilla, and IE were on the panel. Other then continuing to hear that Firefox 3 will offer local store so you can natively develop offline applications and that the Mozilla foundation is working on issues that exist in JavaScript as it is currently being implemented using Ajax (the previous session was of course stuck in my head at the time). That was about it on that one.

Tags: , ,
Comment

Cleaning up my Ruby Fizzbuzz

Filed under: Programming by Tim Knight — Leave a comment
April 21, 2007

As I become more familiar with Ruby and Rails I’m of course going to start to understand better ways to do a snippet of code. Here is an updated script that is a little leaner:

(1..100).each do |i|
  fb = []
  fb << "Fizz" if (i % 3) == 0
  fb << "Buzz" if (i % 5) == 0
  fb << i if (i % 3) != 0 and (i % 5) != 0
  puts (fb.join "")
end

I am still tring to review my notes, so I just ask that those of you awaiting my review of the Web 2.0 Expo please continue to be patient.

Tags: , ,
Comment