Hello,
I have an interessting problem, I’m not sure how to solve 
I have the name of a model in a variable like this:
My model is called Article
My var contains “Article”
Now - How do I get the model class, so I can call Article.find,
Article.new etc … ?
Greetings,
Gitte W.
On 1/6/06, Gitte W. [email protected] wrote:
Greetings,
Gitte W.
‘Article’.constantize
–
rick
http://techno-weenie.net
Gitte W. wrote:
I have an interessting problem, I’m not sure how to solve
I have the name of a model in a variable like this:
My model is called Article
My var contains “Article”Now - How do I get the model class, so I can call Article.find,
Article.new etc … ?
eval(“Article”).find and eval(“Article”).new. I believe there’s at least
one other way, but it eludes me at the moment.
Do realize though, that this poses a big security hole if you pass
tainted data to eval. eval(“Article.destroy_all && Article”) is fairly
boring to run for example.
Jakob L. Skjerning wrote:
eval(“Article”).find and eval(“Article”).new. I believe there’s at least
one other way, but it eludes me at the moment.Do realize though, that this poses a big security hole if you pass
tainted data to eval. eval(“Article.destroy_all && Article”) is fairly
boring to run for example.
I’m aware of the security issues. But I won’t call .destroy or anything
Thank you very much for the help.
Greetings,
Gitte W.
This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.
Sponsor our Newsletter | Privacy Policy | Terms of Service | Remote Ruby Jobs