Directory creation from Ruby

Hey everyone...trying to get a handle on Ruby syntax but having a bit of an issue.

I am trying to create a form and then call a linux system call that will create a directory using the value of the variable within the fieldset. Here is a short example:

<fieldset> <ol> <li> <%= f.label :name %> <%= f.text_field :name, :class => 'text' %> </li> <li> <%= f.label :credit_balance %> <%= f.text_field :credit_balance, :class => 'text' %> </li> </ol> </fieldset> <fieldset class="submit"> <%= f.submit 'Submit', :class => 'submit' %> </fieldset> <% system("mkdir /var/www/html/WHAT DO I PUT HERE") %>

Basically, I just need to know the syntax of the system line so that the directory that will be created will be the value of the :name variable within the fieldset but cannot figure out the syntax. In other words, if, on the form someone puts in WHATEVER for the :name field and 10 for the :credit_balance, I want to create a directory called /var/www/html/WHATEVER

Easy for me in PHP, but I have not been able to find a way to do it in Ruby. I am sure that it is easy for one of you.

If someone would be nice enough to get me started in the right direction, I would really appreciate it.

Thank so much!

You need to put that system call in the controller action which receives this form submission!

Where then you could do something like this :

system(‘mkdir var/www/html/’ + params[:model][:name]);

Also it is not advisable to hard code the entire path.

Thanks & Regards, Dhruva Sagar.

Hey everyone...trying to get a handle on Ruby syntax but having a bit of an issue.

I am trying to create a form and then call a linux system call that will create a directory using the value of the variable within the fieldset. Here is a short example:

<fieldset> <ol> <li> <%= f.label :name %> <%= f.text_field :name, :class => 'text' %> </li> <li> <%= f.label :credit_balance %> <%= f.text_field :credit_balance, :class => 'text' %> </li> </ol> </fieldset> <fieldset class="submit"> <%= f.submit 'Submit', :class => 'submit' %> </fieldset> <% system("mkdir /var/www/html/WHAT DO I PUT HERE") %>

Don't use system. Look into the FileUtils.mkdir method. Less chance for someone typing in "fake; rm -rf /" for the 'name' field...

Basically, I just need to know the syntax of the system line so that the directory that will be created will be the value of the :name variable within the fieldset but cannot figure out the syntax. In other words, if, on the form someone puts in WHATEVER for the :name field and 10 for the :credit_balance, I want to create a directory called /var/www/html/WHATEVER

This form will get submitted to a controller's action method. In that method you'd do something like this:

name = params[:name] # triple check that name is valid for a directory name, etc. FileUtils.mkdir("/var/www/html/#{name}")

I just want to echo Philip's comment for emphasis. Do NOT use system() for this, as it has serious security implications.

Best, Sebastian

Thank you to all who answered this question. I really appreciate and value your input.

I did, in fact, end up doing this in the application controller which handles the submission and got it working.

I was worried about the system call as well so thanks for stating the risks.

If anyone needs help in the VoIP world, let me know! I got that down!

Cheers!

Bill