Skip to content
This repository
Browse code

Merge branch 'master' of github.com:lifo/docrails

* 'master' of github.com:lifo/docrails:
  Getting Started guide: remove calls to f.error_messages as it has been removed from Rails
  deliver_* is no more
  removed unnecessary indentation
  added note with example for using flash in redirection
  corrected sample code to clear @_current_user class variable also
  the partial option is not required for simple partial rendering
  colorize_logging is a Rails General Configuration option not a specific option of ActiveRecord
  Fixed the name of the 'generator option'
  this reads better, i don't know what the other 'so on' are, doesn't help reader imho
  added missing word to clear up meaning in my previous commit
  Add a note to TextHelpers making explicit their default behavior of not escaping but sanitizing.
  removed indentation, for code style consistency and readibility
  Use Rails.logger, not ActiveRecord::Base.logger
  removed etc. not require
  added missing space and minor rewording
  corrected to Rails 3 syntax for declaring resources
  Fixes ActionMailer example error
  • Loading branch information...
commit 8b5700192e3baadf236f1d7560c3b9f979b3b56d 2 parents 74061f5 + 72fda46
Ryan Bigg authored
18  actionpack/lib/action_view/helpers/text_helper.rb
@@ -9,6 +9,24 @@ module Helpers #:nodoc:
9 9
     # and transforming strings, which can reduce the amount of inline Ruby code in
10 10
     # your views. These helper methods extend Action View making them callable
11 11
     # within your template files.
  12
+    #
  13
+    # ==== Sanitization
  14
+    #
  15
+    # Most text helpers by default sanitize the given content, but do not escape it.
  16
+    # This means HTML tags will appear in the page but all malicious code will be removed.
  17
+    # Let's look at some examples using the +simple_format+ method:
  18
+    #
  19
+    #   simple_format('<a href="http://example.com/">Example</a>')
  20
+    #   # => "<p><a href=\"http://example.com/\">Example</a></p>"
  21
+    #
  22
+    #   simple_format('<a href="javascript:alert('no!')">Example</a>')
  23
+    #   # => "<p><a>Example</a></p>"
  24
+    #
  25
+    # If you want to escape all content, you should invoke the +h+ method before
  26
+    # calling the text helper.
  27
+    #
  28
+    #   simple_format h('<a href="http://example.com/">Example</a>')
  29
+    #   # => "<p>&lt;a href=\"http://example.com/\"&gt;Example&lt;/a&gt;</p>"
12 30
     module TextHelper
13 31
       extend ActiveSupport::Concern
14 32
 
9  railties/guides/source/action_controller_overview.textile
Source Rendered
@@ -239,7 +239,7 @@ class LoginsController < ApplicationController
239 239
   # "Delete" a login, aka "log the user out"
240 240
   def destroy
241 241
     # Remove the user id from the session
242  
-    session[:current_user_id] = nil
  242
+    @_current_user = session[:current_user_id] = nil
243 243
     redirect_to root_url
244 244
   end
245 245
 end
@@ -261,6 +261,13 @@ class LoginsController < ApplicationController
261 261
 end
262 262
 </ruby>
263 263
 
  264
+Note it is also possible to assign a flash message as part of the redirection.
  265
+
  266
+<ruby>
  267
+redirect_to root_url, :notice => "You have successfully logged out"
  268
+</ruby>
  269
+
  270
+
264 271
 The +destroy+ action redirects to the application's +root_url+, where the message will be displayed. Note that it's entirely up to the next action to decide what, if anything, it will do with what the previous action put in the flash. It's conventional to display eventual errors or notices from the flash in the application's layout:
265 272
 
266 273
 <ruby>
4  railties/guides/source/action_mailer_basics.textile
Source Rendered
@@ -446,7 +446,7 @@ The following configuration options are best made in one of the environment file
446 446
 |sendmail_settings|Allows you to override options for the :sendmail delivery method.<ul><li>:location - The location of the sendmail executable. Defaults to /usr/sbin/sendmail.</li><li>:arguments - The command line arguments to be passed to sendmail. Defaults to -i -t.</li></ul>|
447 447
 |raise_delivery_errors|Whether or not errors should be raised if the email fails to be delivered.|
448 448
 |delivery_method|Defines a delivery method. Possible values are :smtp (default), :sendmail, :file and :test.|
449  
-|perform_deliveries|Determines whether deliver_* methods are actually carried out. By default they are, but this can be turned off to help functional testing.|
  449
+|perform_deliveries|Determines whether deliveries are actually carried out when the +deliver+ method is invoked on the Mail message. By default they are, but this can be turned off to help functional testing.|
450 450
 |deliveries|Keeps an array of all the emails sent out through the Action Mailer with delivery_method :test. Most useful for unit and functional testing.|
451 451
 
452 452
 h4. Example Action Mailer Configuration
@@ -492,7 +492,7 @@ class UserMailerTest < ActionMailer::TestCase
492 492
     user = users(:some_user_in_your_fixtures)
493 493
 
494 494
     # Send the email, then test that it got queued
495  
-    email = UserMailer.deliver_welcome_email(user)
  495
+    email = UserMailer.welcome_email(user).deliver
496 496
     assert !ActionMailer::Base.deliveries.empty?
497 497
 
498 498
     # Test the body of the sent email contains what we expect it to
6  railties/guides/source/configuring.textile
Source Rendered
@@ -32,7 +32,7 @@ config.filter_parameters << :password
32 32
 This is a setting for Rails itself. If you want to pass settings to individual Rails components, you can do so via the same +config+ object:
33 33
 
34 34
 <ruby>
35  
-config.active_record.colorize_logging = false
  35
+config.active_record.timestamped_migrations = false
36 36
 </ruby>
37 37
 
38 38
 Rails will use that particular setting to configure Active Record.
@@ -45,6 +45,8 @@ h4. Rails General Configuration
45 45
 
46 46
 * +config.cache_store+ configures which cache store to use for Rails caching. Options include +:memory_store+, +:file_store+, +:mem_cache_store+ or the name of your own custom class.
47 47
 
  48
+* +config.colorize_logging+ (true by default) specifies whether or not to use ANSI color codes when logging information.
  49
+
48 50
 * +config.controller_paths+ accepts an array of paths that will be searched for controllers. Defaults to +app/controllers+.
49 51
 
50 52
 * +config.database_configuration_file+ overrides the default path for the database configuration file. Default to +config/database.yml+.
@@ -105,8 +107,6 @@ h4. Configuring Active Record
105 107
 
106 108
 * +config.active_record.pluralize_table_names+ specifies whether Rails will look for singular or plural table names in the database. If set to +true+ (the default), then the Customer class will use the +customers+ table. If set to +false+, then the Customers class will use the +customer+ table.
107 109
 
108  
-* +config.active_record.colorize_logging+ (true by default) specifies whether or not to use ANSI color codes when logging information from ActiveRecord.
109  
-
110 110
 * +config.active_record.default_timezone+ determines whether to use +Time.local+ (if set to +:local+) or +Time.utc+ (if set to +:utc+) when pulling dates and times from the database. The default is +:local+.
111 111
 
112 112
 * +config.active_record.schema_format+ controls the format for dumping the database schema to a file. The options are +:ruby+ (the default) for a database-independent version that depends on migrations, or +:sql+ for a set of (potentially database-dependent) SQL statements.
8  railties/guides/source/debugging_rails_applications.textile
Source Rendered
@@ -127,8 +127,8 @@ Rails makes use of Ruby's standard +logger+ to write log information. You can al
127 127
 You can specify an alternative logger in your +environment.rb+ or any environment file:
128 128
 
129 129
 <ruby>
130  
-ActiveRecord::Base.logger = Logger.new(STDOUT)
131  
-ActiveRecord::Base.logger = Log4r::Logger.new("Application Log")
  130
+Rails.logger = Logger.new(STDOUT)
  131
+Rails.logger = Log4r::Logger.new("Application Log")
132 132
 </ruby>
133 133
 
134 134
 Or in the +Initializer+ section, add _any_ of the following
@@ -142,13 +142,13 @@ TIP: By default, each log is created under +Rails.root/log/+ and the log file na
142 142
 
143 143
 h4. Log Levels
144 144
 
145  
-When something is logged it's printed into the corresponding log if the log level of the message is equal or higher than the configured log level. If you want to know the current log level you can call the +ActiveRecord::Base.logger.level+ method.
  145
+When something is logged it's printed into the corresponding log if the log level of the message is equal or higher than the configured log level. If you want to know the current log level you can call the +Rails.logger.level+ method.
146 146
 
147 147
 The available log levels are: +:debug+, +:info+, +:warn+, +:error+, and +:fatal+, corresponding to the log level numbers from 0 up to 4 respectively. To change the default log level, use
148 148
 
149 149
 <ruby>
150 150
 config.log_level = Logger::WARN # In any environment initializer, or
151  
-ActiveRecord::Base.logger.level = 0 # at any time
  151
+Rails.logger.level = 0 # at any time
152 152
 </ruby>
153 153
 
154 154
 This is useful when you want to log under development or staging, but you don't want to flood your production log with unnecessary information.
22  railties/guides/source/form_helpers.textile
Source Rendered
@@ -67,7 +67,7 @@ A basic search form
67 67
 <% end %>
68 68
 </erb>
69 69
 
70  
-TIP: +search_path+ can be a named route specified in "routes.rb" as: <br /><code>match "search" => "search"</code>This declares for path "/search" to call action "search" from controller "search".
  70
+TIP: +search_path+ can be a named route specified in "routes.rb" as: <br /><code>match "search" => "search"</code> This declares that path "/search" will be handled by action "search" belonging to controller "search".
71 71
 
72 72
 The above view code will result in the following markup:
73 73
 
@@ -107,7 +107,7 @@ WARNING: Do not delimit the second hash without doing so with the first hash, ot
107 107
 
108 108
 h4. Helpers for Generating Form Elements
109 109
 
110  
-Rails provides a series of helpers for generating form elements such as checkboxes, text fields, radio buttons, and so on. These basic helpers, with names ending in <notextile>_tag</notextile> such as +text_field_tag+, +check_box_tag+, etc., generate just a single +&lt;input&gt;+ element. The first parameter to these is always the name of the input. In the controller this name will be the key in the +params+ hash used to get the value entered by the user. For example, if the form contains
  110
+Rails provides a series of helpers for generating form elements such as checkboxes, text fields and radio buttons. These basic helpers, with names ending in <notextile>_tag</notextile> such as +text_field_tag+ and +check_box_tag+ generate just a single +&lt;input&gt;+ element. The first parameter to these is always the name of the input. In the controller this name will be the key in the +params+ hash used to get the value entered by the user. For example, if the form contains
111 111
 
112 112
 <erb>
113 113
 <%= text_field_tag(:query) %>
@@ -127,18 +127,18 @@ Checkboxes are form controls that give the user a set of options they can enable
127 127
 
128 128
 <erb>
129 129
 <%= check_box_tag(:pet_dog) %>
130  
-  <%= label_tag(:pet_dog, "I own a dog") %>
  130
+<%= label_tag(:pet_dog, "I own a dog") %>
131 131
 <%= check_box_tag(:pet_cat) %>
132  
-  <%= label_tag(:pet_cat, "I own a cat") %>
  132
+<%= label_tag(:pet_cat, "I own a cat") %>
133 133
 </erb>
134 134
 
135 135
 output:
136 136
 
137 137
 <html>
138 138
 <input id="pet_dog" name="pet_dog" type="checkbox" value="1" />
139  
-  <label for="pet_dog">I own a dog</label>
  139
+<label for="pet_dog">I own a dog</label>
140 140
 <input id="pet_cat" name="pet_cat" type="checkbox" value="1" />
141  
-  <label for="pet_cat">I own a cat</label>
  141
+<label for="pet_cat">I own a cat</label>
142 142
 </html>
143 143
 
144 144
 The second parameter to +check_box_tag+ is the value of the input. This is the value that will be submitted by the browser if the checkbox is ticked (i.e. the value that will be present in the +params+ hash). With the above form you would check the value of +params[:pet_dog]+ and +params[:pet_cat]+ to see which pets the user owns.
@@ -149,18 +149,18 @@ Radio buttons, while similar to checkboxes, are controls that specify a set of o
149 149
 
150 150
 <erb>
151 151
 <%= radio_button_tag(:age, "child") %>
152  
-  <%= label_tag(:age_child, "I am younger than 21") %>
  152
+<%= label_tag(:age_child, "I am younger than 21") %>
153 153
 <%= radio_button_tag(:age, "adult") %>
154  
-  <%= label_tag(:age_adult, "I'm over 21") %>
  154
+<%= label_tag(:age_adult, "I'm over 21") %>
155 155
 </erb>
156 156
 
157 157
 output:
158 158
 
159 159
 <html>
160 160
 <input id="age_child" name="age" type="radio" value="child" />
161  
-  <label for="age_child">I am younger than 21</label>
  161
+<label for="age_child">I am younger than 21</label>
162 162
 <input id="age_adult" name="age" type="radio" value="adult" />
163  
-  <label for="age_adult">I'm over 21</label>
  163
+<label for="age_adult">I'm over 21</label>
164 164
 </html>
165 165
 
166 166
 As with +check_box_tag+ the second parameter to +radio_button_tag+ is the value of the input. Because these two radio buttons share the same name (age) the user will only be able to select one and +params[:age]+ will contain either "child" or "adult".
@@ -284,7 +284,7 @@ h4. Relying on Record Identification
284 284
 The Article model is directly available to users of the application, so -- following the best practices for developing with Rails -- you should declare it *a resource*:
285 285
 
286 286
 <ruby>
287  
-map.resources :articles
  287
+resources :articles
288 288
 </ruby>
289 289
 
290 290
 TIP: Declaring a resource has a number of side-affects. See "Rails Routing From the Outside In":routing.html#resource-routing-the-rails-default for more information on setting up and using resources.
8  railties/guides/source/getting_started.textile
Source Rendered
@@ -919,8 +919,6 @@ So first, we'll wire up the Post show template (+/app/views/posts/show.html.erb+
919 919
 
920 920
 <h2>Add a comment:</h2>
921 921
 <%= form_for([@post, @post.comments.build]) do |f| %>
922  
-  <%= f.error_messages %>
923  
-
924 922
   <div class="field">
925 923
     <%= f.label :commenter %><br />
926 924
     <%= f.text_field :commenter %>
@@ -989,8 +987,6 @@ Once we have made the new comment, we send the user back to the original post us
989 987
 
990 988
 <h2>Add a comment:</h2>
991 989
 <%= form_for([@post, @post.comments.build]) do |f| %>
992  
-  <%= f.error_messages %>
993  
-
994 990
   <div class="field">
995 991
     <%= f.label :commenter %><br />
996 992
     <%= f.text_field :commenter %>
@@ -1057,8 +1053,6 @@ Then in the +app/views/posts/show.html.erb+ you can change it to look like the f
1057 1053
 
1058 1054
 <h2>Add a comment:</h2>
1059 1055
 <%= form_for([@post, @post.comments.build]) do |f| %>
1060  
-  <%= f.error_messages %>
1061  
-
1062 1056
   <div class="field">
1063 1057
     <%= f.label :commenter %><br />
1064 1058
     <%= f.text_field :commenter %>
@@ -1086,8 +1080,6 @@ Lets also move that new comment section out to it's own partial, again, you crea
1086 1080
 
1087 1081
 <erb>
1088 1082
 <%= form_for([@post, @post.comments.build]) do |f| %>
1089  
-  <%= f.error_messages %>
1090  
-
1091 1083
   <div class="field">
1092 1084
     <%= f.label :commenter %><br />
1093 1085
     <%= f.text_field :commenter %>
2  railties/guides/source/layouts_and_rendering.textile
Source Rendered
@@ -970,7 +970,7 @@ Partial templates - usually just called "partials" - are another device for brea
970 970
 
971 971
 h5. Naming Partials
972 972
 
973  
-To render a partial as part of a view, you use the +render+ method within the view, and include the +:partial+ option:
  973
+To render a partial as part of a view, you use the +render+ method within the view:
974 974
 
975 975
 <ruby>
976 976
 <%= render "menu" %>
2  railties/guides/source/plugins.textile
Source Rendered
@@ -802,7 +802,7 @@ You can also see if your routes work by running +rake routes+ from your app dire
802 802
 
803 803
 h3. Generators
804 804
 
805  
-Many plugins ship with generators.  When you created the plugin above, you specified the +--with-generator+ option, so you already have the generator stubs in 'vendor/plugins/yaffle/generators/yaffle'.
  805
+Many plugins ship with generators.  When you created the plugin above, you specified the +--generator+ option, so you already have the generator stubs in 'vendor/plugins/yaffle/generators/yaffle'.
806 806
 
807 807
 Building generators is a complex topic unto itself and this section will cover one small aspect of generators: generating a simple text file.
808 808
 

0 notes on commit 8b57001

Please sign in to comment.
Something went wrong with that request. Please try again.