Validating and using Kernal.System

Rails
1

Ok so I have a RoR project that seems to be…unconventional lol

I’m attempting to validate the name of the file and using
Kernal.System to input the file in the system as a parameter.

I’ve tried validates_presence_of, but that doesn’t appear to work
unless in a model which I don’t have. I’m trying to use
error_messages_for, but I don’t understand how to use it or what to
put in the controller.

As for the Kernal. System, how do you use it so that when the user
hits “OK”, RoR inputs the file in the correct command, runs it, and
points the user to the generated html file?

Here’s the complete code:

trying_controller.rb

class TryingController < ApplicationController
def index
end

def to
@logfile = params[:logfile]
end

end

index.html.erb

<% form_tag :action => ‘to’ do %>
<%= error_messages_for ‘logfile’ %>
<%= label_tag ‘logfile_label’, ‘Logfile:’ %>
<%= file_field_tag :logfile %>
<%= submit_tag “OK” %>
<% end %>

to.html.erb

Logfile: <%= @logfile %>

Thanks for any help,
anon_comp

2

On 27 May 2010 15:43, anon_comp [email protected] wrote:

As for the Kernal. System, how do you use it so that when the user

<% form_tag :action => ‘to’ do %>
Logfile: <%= @logfile %>
Have I got this right, you are attempting to allow a user in a browser
to enter the name of a system command which will then be run on the
server? If so I hope you realise that is incredibly dangerous. I am
intrigued to know why you wish to allow this.

Colin

3

In essence yes, but the user input is just an added command that won’t
do anything if they don’t have a log file, or the rather, the correct
log format. I’m mostly using this for personal use and am totally
aware that it’s incredibly dangerous. I just can’t think of another
way to do this.

4

On 27 May 2010 18:07, anon_comp [email protected] wrote:

In essence yes, but the user input is just an added command that won’t
do anything if they don’t have a log file, or the rather, the correct
log format. I’m mostly using this for personal use and am totally
aware that it’s incredibly dangerous. I just can’t think of another
way to do this.

Could you not top post please, it makes it easier to follow the thread
if you insert your replies inline.

So what exactly is the problem then? First look in the log file
(log/development.log) and see if the parameter is being passed
correctly when they submit. If this is ok what do you want to do with
his input?

Colin

5

On May 27, 1:27 pm, anon_comp [email protected] wrote:

So what exactly is the problem then? First look in the log file
(log/development.log) and see if the parameter is being passed
correctly when they submit. If this is ok what do you want to do with
his input?

The parameters are being passed correctly. What I want to do is pass
the parameters to the command (added on to another command already in
it) despite the security issues already pointed out.

That being said, I figured the issue out easly -headdesk-

(for people who may or may not need it in the future and for
documenting purposes…)
trying_controller.rb

class TryingController < ApplicationController
def index
end

def to
@logfile = params[:logfile]
system(‘your_execute_file.exe’, @logfile)
end
end

Now I need to figure out how to validate the file so that it can’t be
empty and it can’t be any other format excpet with a .log as the
extension.

6

On May 27, 1:19 pm, Colin L. [email protected] wrote:

Could you not top post please, it makes it easier to follow the thread
if you insert your replies inline.

Sorry about that

So what exactly is the problem then? First look in the log file
(log/development.log) and see if the parameter is being passed
correctly when they submit. If this is ok what do you want to do with
his input?

The parameters are being passed correctly. What I want to do is pass
the parameters to the command (added on to another command already in
it) despite the security issues already pointed out.

7

On May 27, 3:53 pm, Colin L. [email protected] wrote:

So what exactly is the problem then? First look in the log file
(for people who may or may not need it in the future and for
end

Colin- Hide quoted text -

  • Show quoted text -

Good idea! I’m making a lot of headway.

Thanks,
anon_comp

8

On 27 May 2010 18:32, anon_comp [email protected] wrote:

the parameters to the command (added on to another command already in
end

def to
@logfile = params[:logfile]
system(‘your_execute_file.exe’, @logfile)
end
end

Now I need to figure out how to validate the file so that it can’t be
empty and it can’t be any other format excpet with a .log as the
extension.

Just do the checks on @logfile after you pick it up from params. I
would suggest checking for nil first then a regular expression test to
check the format. Google for ruby regular expression will give you
loads of clues.

Colin