So I have a basic CMS I'm working on where a page has a title and a
body field. The body field is just plain html stored as text in the
I have two questions/concerns:
1) how do I get erb to work from within the SQL text entry? For
instance, one of my pages has an image_tag helper method in it that
2) Is this a secure way to do this? Am I creating a security
vulnerability by organizing my content this way?