<%= link_to_if(!comment.website.nil?, h comment.name, comment.website)
%> says: <%= h comment.body %>
This should do the trick. Look at the API* for the usage of link_to_if
I guess you are having problems with the <%= if ...%>. The <%= (with
the equal sign) means that the block will be evaluated, converted to
string and added to the view. The <% (without equal sign) means that
the block will be evaluated and nothing is going to be added to the
<%= h "Hello world!" %> outputs "Hello world!"
<% h "Hello world!" %> outputs "" (nothing).
Also, DON'T forget to escape your strings that come from your models.
It is very easy to do so: add the "h" in front of them. This protects
you against several types of attack.