I am trying to understand how to work with a single quote within an eval such as:
assigned_string = ‘’
name = “Addy’s”
eval(“assigned_string=‘#{name}’”)
SyntaxError: (eval):1: syntax error, unexpected tIDENTIFIER, expecting $end
assigned_string=‘Addy’s’
^
Ok, this error makes sense, but when I try to escape the single quote I also get an error:
I'd *highly* recommend that you not do this. Using send is not only
more efficient, it's far safer - for instance, what happens if
somebody sends your code a value like
'; `rm -rf *`;'
This will be syntactically valid, and will make quite a mess...
I’d highly recommend that you not do this. Using send is not only
more efficient, it’s far safer - for instance, what happens if
somebody sends your code a value like
‘; rm -rf *;’
This will be syntactically valid, and will make quite a mess…
Thanks all… yeah, I will use send, I forgot about that and you are right, it gets yucky very fast when things like single quotes and who knows what else get added.
Also, on this answer: eval(“assigned_string=#{name}”) , no it does not work, this is what I had originally but if you output the internal string it looks like “assigned_string=david” which of course errors out unless what is in ‘name’ is a non string type.
> > Is there a different way to do such an eval? In actuality what I am doing
> > with this phrase is to assign hash params to the attributes of a class:
> I'd *highly* recommend that you not do this. Using send is not only
> more efficient, it's far safer - for instance, what happens if
> somebody sends your code a value like
> '; `rm -rf *`;'
> This will be syntactically valid, and will make quite a mess...
Thanks all... yeah, I will use send, I forgot about that and you are right,
it gets yucky very fast when things like single quotes and who knows what
else get added.
For what it's worth I suspect that the problem was that you needed to
escape the \ in your substitution ( ie "\\'")
I’d highly recommend that you not do this. Using send is not only
more efficient, it’s far safer - for instance, what happens if
somebody sends your code a value like
‘; rm -rf *;’
This will be syntactically valid, and will make quite a mess…
Thanks all… yeah, I will use send, I forgot about that and you are right,
it gets yucky very fast when things like single quotes and who knows what
else get added.
For what it’s worth I suspect that the problem was that you needed to
escape the \ in your substitution ( ie “\'”)
I just tried this and thought for sure you were right. But no! So let me step back, really I fail to understand why if I have a param[key] value of “Addy’s” that Ruby can not handle it on its own, and much less escaped by (“'” or “\'”):
I’d highly recommend that you not do this. Using send is not only
more efficient, it’s far safer - for instance, what happens if
somebody sends your code a value like
‘; rm -rf *;’
This will be syntactically valid, and will make quite a mess…
Thanks all… yeah, I will use send, I forgot about that and you are right,
it gets yucky very fast when things like single quotes and who knows what
else get added.
For what it’s worth I suspect that the problem was that you needed to
escape the \ in your substitution ( ie “\'”)
I just tried this and thought for sure you were right. But no! So let me step back, really I fail to understand why if I have a param[key] value of “Addy’s” that Ruby can not handle it on its own, and much less escaped by (“'” or “\'”):
I found the problem — seems that the delayed_job process must be restarted if code is updated. I had updated the code but the old code was seemingly being executed.
