Overriding model's save method

Hi!

Okay, so let's start I'm starting rails so here's a noob question for
you!

I did a little blog with scaffolding. Everything is working as
expected but I'd like to modify it's functionality.

I've been a PHP developer for ages and I'm currently using symfony for
almost a year. It's a PHP framework that works in some way like rails.

In my little blog I, sometimes, enter ruby codes with HTML tags (<>)
but as there's nothing to convert them to html entities they are not
showing up on the page.

As you can see on http://rails.tbergeron.com They are plain HTML tags
in my html layout.

So here's what I'd like to do:
I'd like to override my model's save method to put something like h()
around my text so html could be converted to entities.

Could you help? That'd be awesome!

Thanks a lot!

Hi!

Okay, so let's start I'm starting rails so here's a noob question for
you!

I did a little blog with scaffolding. Everything is working as
expected but I'd like to modify it's functionality.

I've been a PHP developer for ages and I'm currently using symfony for
almost a year. It's a PHP framework that works in some way like rails.

In my little blog I, sometimes, enter ruby codes with HTML tags (<>)
but as there's nothing to convert them to html entities they are not
showing up on the page.

As you can see onhttp://rails.tbergeron.comThey are plain HTML tags
in my html layout.

So here's what I'd like to do:
I'd like to override my model's save method to put something like h()
around my text so html could be converted to entities.

This sounds like a possible job for before_save. Personally though I'd
store unsanitized text in the database and sanitize it when displaying
(having escaped text in the database might make your editing bits
rather more complicated).

Fred

[...]

Personally though I'd
store unsanitized text in the database and sanitize it when displaying
(having escaped text in the database might make your editing bits
rather more complicated).

Maybe. If you're just using plain text, then just store it plain in
the database and escape it on output. However, if you want to allow
HTML tags for formatting, then the database should contain HTML
fragments and *not* be escaped on output.

Either way, though, h() on before_save is probably a bad idea.

Fred

Best,