Forum: Ruby on Rails ActiveRecord can validates "select" querys?

Announcement (2017-05-07): www.ruby-forum.com is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see rubyonrails.org/community and ruby-lang.org/en/community for other Rails- und Ruby-related community platforms.
Daniel L. (Guest)
on 2009-02-02 18:18
I have an application that makes a render inline, and another in XML
based on data from an URL.
I need to validate the data before passing it over to SQL, and I would
like to receive the errors in the returned array, or at least a
TRUE/FALSE. As there is no associated view file I don’t know how to...

Could someone help me out or orientate me in some way?

Regards and thanks,

Daniel.
Harold (Guest)
on 2009-02-02 18:47
(Received via mailing list)
Can you give an example of what you mean by "validate the data before
passing it over to SQL"?

If it's SQL injection you're worried about, rails can help clean up
user input, but I'm not sure that's where your heading with this...



On Feb 2, 11:18 am, Daniel López <removed_email_address@domain.invalid>
Daniel L. (Guest)
on 2009-02-02 19:10
Harold wrote:
> Can you give an example of what you mean by "validate the data before
> passing it over to SQL"?
>
> If it's SQL injection you're worried about, rails can help clean up
> user input, but I'm not sure that's where your heading with this...
>
>
>
> On Feb 2, 11:18�am, Daniel L�pez <removed_email_address@domain.invalid>

SQL Injection, mmm... yes, maybe, but I refer particularly to check if a
string is numeric, date type or too short for the database values (for
example).

Only if these requirements are OK, the select query is executed.
Otherwise, the application should return false or something.

Thanks in advance, Harold. ;)
Harold A. Giménez Ch. (Guest)
on 2009-02-02 19:19
(Received via mailing list)
Sounds like something you can do with ActiveRecord validations:

http://api.rubyonrails.org/classes/ActiveRecord/Va...

for example:

validates_numericality_of :some_numer
validates_length_of :something_else, :in => 3..12

You can use validate_format_of :a_date (and specify a regex), or there's
a
plugin that helps for this (i haven't tried it:
http://railslodge.com/plugins/111-validates-date-time)

etc...

is that what you're looking for?

On Mon, Feb 2, 2009 at 12:10 PM, Daniel López <
Daniel L. (Guest)
on 2009-02-02 19:30
Harold A. Giménez Ch. wrote:
> Sounds like something you can do with ActiveRecord validations:
>
> http://api.rubyonrails.org/classes/ActiveRecord/Va...
>
> for example:
>
> validates_numericality_of :some_numer
> validates_length_of :something_else, :in => 3..12
>
> You can use validate_format_of :a_date (and specify a regex), or there's
> a
> plugin that helps for this (i haven't tried it:
> http://railslodge.com/plugins/111-validates-date-time)
>
> etc...
>
> is that what you're looking for?

No... ActiveRecord validations only works if the SQL operation is an
insert or update ("create" and "update" methods, respectively), but I
also need it to select querys ("find" method). That's the problem... :S

Thanks again! ;)
Harold A. Giménez Ch. (Guest)
on 2009-02-02 19:43
(Received via mailing list)
In that case, I don't know of a way to reuse an ActiveRecord validation
before running a find. You don't even have a ActiveRecord object at that
point yet.

You might just have to write your custom validations before running the
find. Maybe someone else has a better option. Sorry :-o)

-H

On Mon, Feb 2, 2009 at 12:30 PM, Daniel López <
Maurício L. (Guest)
on 2009-02-02 19:45
(Received via mailing list)
Why do you need to validate on a find method?

There should never be an invalid record at the database, that's why
there is no validation in a find and for the same reason there
shouldn't be. If you think you really need it, maybe you haven't
really figured out what your problem is.

-
Maurício Linhares
http://alinhavado.wordpress.com/ (pt-br) | http://blog.codevader.com/
(en)



On Mon, Feb 2, 2009 at 2:42 PM, Harold A. Giménez Ch.
Harold A. Giménez Ch. (Guest)
on 2009-02-02 19:48
(Received via mailing list)
Completely agree with you, Mauricio.

The only reason I can see the need to validate before a find is if your
are
absolutely obsessed with performance and you don't want to hit the DB if
you
know a priori that no record will be returned. This is definitely not a
normal case. If the query takes too long you might have to rethink your
schema, your query, or create proper indexes.



On Mon, Feb 2, 2009 at 12:44 PM, Maurício Linhares <
Daniel L. (Guest)
on 2009-02-03 13:13
The fact is that the project I'm developing is a database connection API
and, although is not essential, it would be nice that it could checks
the data integrity. The reason for do that is to improve the user (or
programmer :P) experience and prevent potential errors in the final
application, not the performance.

Anyway, I found a plugin that does what I want, but it has no associated
download :S. Here's a brief description (in Spanish):

http://www.tabernadelturco.com/2006/05/03/validaci...

Does anyone know where can I find it? This is the original link in
RubyForge:

http://rubyforge.org/projects/validator

Thanks again guys! :)
This topic is locked and can not be replied to.