ERB question


#1

Can anyone tell me what the difference is in these two statements? Yes,
I’m a newbie!

<%=h device.send(column.name) %>

<%= device.send(column.name) %>

Specifically, what is the <%=h supposed to do? The “h” doesn’t appear
to do anything that I can find, yet RoR generates code using it…

Thanks much!

Rob


#2

Robert D. La Gesse wrote:

Thanks much!

Rob

h is a short form for is a short form for the method html_escape.

So IMHO it’s more clear to write something like
<%= h(device.send(column.name)) %>

cu

polarix


#3

On Mar 16, 2006, at 6:03 PM, Robert D. La Gesse wrote:

Thanks much!

Rob

See: http://wiki.rubyonrails.com/rails/pages/HowToEscapeHTML

RoR has it’s own mailing list: http://rubyonrails.com/community

– Daniel


#4

Markus W. wrote:

cu

polarix

OK, I guess that’s clear enough… but it doesn’t actually seem to make
any difference if the “h” is in there or not. And I can’t seem to
determine why Ruby on Rails sometimes generates code with the “h”, and
sometimes it doesn’t :slight_smile:

Thank,

Rob


#5

On Mar 16, 2006, at 11:13 AM, Robert D. La Gesse wrote:

Specifically, what is the <%=h supposed to do? The “h” doesn’t
polarix
OK, I guess that’s clear enough… but it doesn’t actually seem to
make any difference if the “h” is in there or not. And I can’t
seem to determine why Ruby on Rails sometimes generates code with
the “h”, and sometimes it doesn’t :slight_smile:

Try:

<%= h “< & >” %>

and:

<%= “< & >” %>

James Edward G. II