On 19/08/09 9:26 AM, MarkBennett wrote:
> I did have one more question about running SQL queries in Rails. I'm
> defining a set of reports which can contain arbitrary SQL which can be
> executed to produce data for my graphs.
examples please
my first suggestion would be "don't" but I can't offer this without
knowing what you're trying to do.
> I've been able to get a raw
> database connection using ActiveRecord::Base.connection which I can
> use to execute my SQL, however I'm not sure how to properly escape
> parameters I'm passing in to my queries if I want to prevent SQL
> injection attacks. What is a safe way to escape these values? I feel
> like I'm not generating the data for these reports "the Rails way".
>
> Any thoughts?
>
> On Aug 18, 7:10 pm, suranyami<[email protected]> wrote:
>> There are also some quite good screencasts on rspec that covers
>> speccing controllers and views over at:
>>
>> http://peepcode.com
>>
>> On Aug 18, 3:09 pm, Nathan de Vries<[email protected]> wrote:
>>
>>
>>
>>> On 18/08/2009, at 1:41 PM, Sonia Hamilton wrote:
>>
>>>> Ruby in Practice by Jeremy McAnally and Assaf Arkin (Paperback - Mar
>>>> 28, 2009)
>>
>>> Yep, that's a pretty good book. I would also recommend getting your
>>> hands on a copy of The RSpec Book [1], which goes through RSpec
>>> (obviously), cucumber, mocking, integration tests, webrat etc. Much of
>>> the content found online to do with TDD/BDD is the result of
>>> developers playing with a tool for a few minutes and then excitedly
>>> recommending or mouthing off about it. Books are your best bet in this
>>> regard. Once you've got your head around it all, you'll be able to
>>> pick the difference between ideology and good recommendations.
>>
>>> So even if you don't use all the tools recommended in The RSpec Book,
>>> I still think it's good for learning the whole testing stack so you
>>> have a point of comparison when evaluating all the other tools out
>>> there.
>>
>>> Cheers,
>>
>>> Nathan de Vries
>>
>>> [1]http://pragprog.com/titles/achbd/the-rspec-book
>
> >
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "Ruby
or Rails Oceania" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/rails-oceania?hl=en
-~----------~----~----~----~------~----~------~--~---
