I have an application that makes a render inline, and another in XML based on data from an URL. I need to validate the data before passing it over to SQL, and I would like to receive the errors in the returned array, or at least a TRUE/FALSE. As there is no associated view file I don’t know how to...
Could someone help me out or orientate me in some way?
Regards and thanks,
Daniel.
Can you give an example of what you mean by "validate the data before passing it over to SQL"?
If it's SQL injection you're worried about, rails can help clean up user input, but I'm not sure that's where your heading with this...
Harold wrote:
Can you give an example of what you mean by "validate the data before passing it over to SQL"?
If it's SQL injection you're worried about, rails can help clean up user input, but I'm not sure that's where your heading with this...
On Feb 2, 11:18�am, Daniel L�pez <rails-mailing-l...@andreas-s.net>
SQL Injection, mmm... yes, maybe, but I refer particularly to check if a string is numeric, date type or too short for the database values (for example).
Only if these requirements are OK, the select query is executed. Otherwise, the application should return false or something.
Thanks in advance, Harold. 
Sounds like something you can do with ActiveRecord validations:
http://api.rubyonrails.org/classes/ActiveRecord/Validations/ClassMethods.html
for example:
validates_numericality_of :some_numer validates_length_of :something_else, :in => 3…12
You can use validate_format_of :a_date (and specify a regex), or there’s a plugin that helps for this (i haven’t tried it: http://railslodge.com/plugins/111-validates-date-time)
etc…
is that what you’re looking for?
Harold A. Giménez Ch. wrote:
Sounds like something you can do with ActiveRecord validations:
ActiveRecord::Validations::ClassMethods
for example:
validates_numericality_of :some_numer validates_length_of :something_else, :in => 3..12
You can use validate_format_of :a_date (and specify a regex), or there's a plugin that helps for this (i haven't tried it: http://railslodge.com/plugins/111-validates-date-time)
etc...
is that what you're looking for?
No... ActiveRecord validations only works if the SQL operation is an insert or update ("create" and "update" methods, respectively), but I also need it to select querys ("find" method). That's the problem... :S
Thanks again!
In that case, I don’t know of a way to reuse an ActiveRecord validation before running a find. You don’t even have a ActiveRecord object at that point yet.
You might just have to write your custom validations before running the find. Maybe someone else has a better option. Sorry :-o)
-H
Why do you need to validate on a find method?
There should never be an invalid record at the database, that's why there is no validation in a find and for the same reason there shouldn't be. If you think you really need it, maybe you haven't really figured out what your problem is.
Completely agree with you, Mauricio.
The only reason I can see the need to validate before a find is if your are absolutely obsessed with performance and you don’t want to hit the DB if you know a priori that no record will be returned. This is definitely not a normal case. If the query takes too long you might have to rethink your schema, your query, or create proper indexes.
Keep up to date with Rails on Twitter and This Week in Rails
Policies: Conduct, License, Maintenance, Security, Trademarks