On May 27, 1:19 pm, Colin Law <clan...@googlemail.com> wrote:
> Could you not top post please, it makes it easier to follow the thread
> if you insert your replies inline.
Sorry about that
> So what exactly is the problem then? First look in the log file
> (log/development.log) and see if the parameter is being passed
> correctly when they submit. If this is ok what do you want to do with
> his input?
The parameters are being passed correctly. What I want to do is pass
the parameters to the command (added on to another command already in
it) despite the security issues already pointed out.
>
> > On May 27, 12:06 pm, Colin Law <clan...@googlemail.com> wrote:
> >> On 27 May 2010 15:43, anon_comp <neocools...@gmail.com> wrote:
>
> >> > Ok so I have a RoR project that seems to be...unconventional lol
>
> >> > I'm attempting to validate the name of the file and using
> >> > Kernal.System to input the file in the system as a parameter.
>
> >> > I've tried validates_presence_of, but that doesn't appear to work
> >> > unless in a model which I don't have. I'm trying to use
> >> > error_messages_for, but I don't understand how to use it or what to
> >> > put in the controller.
>
> >> > As for the Kernal. System, how do you use it so that when the user
> >> > hits "OK", RoR inputs the file in the correct command, runs it, and
> >> > points the user to the generated html file?
>
> >> > Here's the complete code:
>
> >> > trying_controller.rb
> >> > -----------------------------------------------
> >> > class TryingController < ApplicationController
> >> > def index
> >> > end
>
> >> > def to
> >> > @logfile = params[:logfile]
> >> > end
>
> >> > end
>
> >> > index.html.erb
> >> > ---------------------------------------------
> >> > <% form_tag :action => 'to' do %>
> >> > <%= error_messages_for 'logfile' %>
> >> > <%= label_tag 'logfile_label', 'Logfile:' %>
> >> > <%= file_field_tag :logfile %>
> >> > <%= submit_tag "OK" %>
> >> > <% end %>
>
> >> > to.html.erb
> >> > --------------------------------------------
> >> > Logfile: <%= @logfile %>
>
> >> Have I got this right, you are attempting to allow a user in a browser
> >> to enter the name of a system command which will then be run on the
> >> server? If so I hope you realise that is incredibly dangerous. I am
> >> intrigued to know why you wish to allow this.
>
> >> Colin- Hide quoted text -
>
> >> - Show quoted text -
>
> > --
> > You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
> > To post to this group, send email to rubyonrails-talk@googlegroups.com.
> > To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com.
> > For more options, visit this group athttp://groups.google.com/group/rubyonrails-talk?hl=en.- Hide quoted text -
>
> - Show quoted text -
--
You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
To post to this group, send email to rubyonrails-talk@googlegroups.com.
To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
No comments:
Post a Comment