Hi,
If I want to ensure that someone has filled out the email section of a
form I can write this in my model:
validates_presence_of :email
I can also achieve (more or less) the same thing by writing:
validate do |applicant|
applicant.validate_presence("email")
end
def validate_presence(arg)
string = "errors.add(:#{arg}, \"can't be blank\") if #{arg} == \"\""
eval(string)
end
My question: does the method using eval pose any kind of security
threat?
I know the above example is silly (redefining an existing validation
method), but it serves well as a simplified version of what I am trying
to do, without going into unnecessary detail.
Thanks in advance
--
Posted via http://www.ruby-forum.com/.
--
You received this message because you are subscribed to the Google Groups "Ruby
on Rails: Talk" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en.
