Marnen Laibow-Koser wrote:
I don’t believe I do. Most people in this forum don’t take kindly to
people who:
(1) insist on doing dangerous things
(2) ask sketchy questions with insufficient information
(3) can’t figure out answers even after they have all the information
(4) don’t take the time to understand the explanations they’re given
(5) complain that others have attitude problems
Marnen, I think we can let it go now as I think you have misunderstood
what people in most forums don’t take kindly. I would personally never
give answers in the manner you do.
I hear your answer and thank you, but I ask you not to give me any more
answers.
If someone could help me and give me an answer and clarify this for me I
would be very grateful.
Pål Bergström wrote:
[…]
I hear your answer and thank you, but I ask you not to give me any more
answers.
Ever? I’m half-tempted to say yes…of course, very often, I’m the only
person who bothers to answer your questions…
If someone could help me and give me an answer and clarify this for me I
would be very grateful.
Someone already has.
Best,
Marnen Laibow-Koser
http://www.marnen.org
[email protected]
Ar Chron wrote:
Pål Bergström wrote:
If someone could help me and give me an answer and clarify this for me I
would be very grateful.
The basics are that the DB just stores text.
If you want to evoke that text, then just a simple (I use haml for my
apps)
= eval(@object.description)
will render the outcome of the eval of the text in that field in your
form.
If I change the text in @object.description from “Testing Scenario
2.1.3”
to something relatively benign, like
Time.now.strftime(“%m-%d-%y”)
then I’ll see “11-20-09” in my form.
If I change it to something a bit more risky, well, it might not be
pretty.
The point that “He who must not be named” 
was making
Ah, you have discovered the subtle nature of Voldemort! cackle He
does not hand people loaded guns – he exerts a strange compulsion to
get others to do it.
That was thirsty work. Got some unicorn blood?
is that
allowing this for any user facing inputs is risky business, and that
there are templating add-ins that do allow this is a safe way, like
Radius.
Precisely.
Best,
Marnen Laibow-Koser
http://www.marnen.org
[email protected]
Pål Bergström wrote:
If someone could help me and give me an answer and clarify this for me I
would be very grateful.
The basics are that the DB just stores text.
If you want to evoke that text, then just a simple (I use haml for my
apps)
= eval(@object.description)
will render the outcome of the eval of the text in that field in your
form.
If I change the text in @object.description from “Testing Scenario
2.1.3”
to something relatively benign, like
Time.now.strftime("%m-%d-%y")
then I’ll see “11-20-09” in my form.
If I change it to something a bit more risky, well, it might not be
pretty.
The point that “He who must not be named” 
was making is that
allowing this for any user facing inputs is risky business, and that
there are templating add-ins that do allow this is a safe way, like
Radius.
Marnen Laibow-Koser wrote:
Ah, you have discovered the subtle nature of Voldemort! cackle He
does not hand people loaded guns – he exerts a strange compulsion to
get others to do it.
That was thirsty work. Got some unicorn blood?
Step 1: Load gun
@loaded_gun = “<%= render :partial =>‘include_this_page’ %>”
Step 2: Shoot self
eval(@loaded_gun)
Step 3: Wonder why that hurt so much
P.S. I’ve quite enjoyed following this thread. I need to find new way to
entertain myself.
