[ANN] Rails 0.5.0: The end of vaporware!

[David Heinemeier Hansson]

I’ve been talking (and hyping) Rails for so long that it’s all wierd to
finally have it out in the open. Mind you, we’re still not talking
about a 1.0 release, but the package currently on offer is still
something I’m very comfortable to share with the world. Undoubtedly,
there could be more documentation and more examples, but Real Artists
Ship and this piece will grow in public. Enjoy Rails!

Documentation, download: http://www.rubyonrails.org


What is Rails?
==============

Rails is a open source web-application framework for Ruby. It ships
with an answer for every letter in MVC: Action Pack for the Controller
and View, Active Record for the Model.

Everything needed to build real-world applications in less lines of
code than other frameworks spend setting up their XML configuraion
files. Like Basecamp, which was launched after 4 KLOCs and two months
of developement by a single programmer.

Being a full-stack framework means that all layers are built to work
seemlessly together. That way you Don’t Repeat Yourself (DRY) and you
can use a single language from top to bottom. Everything from templates
to control flow to business logic is written in Ruby—the language of
love for industry heavy-weights

In striving for DRY compliance, Rails shuns configuration files and
annotations in favor of reflection and run-time extensions. This means
the end of XML files telling a story that has already been told in
code. It means no compilation phase: Make a change, see it work.
Meta-data is an implementation detail left for the framework to handle.


What is Active Record?
======================

Active Record connects business objects and database tables to create a
persistable domain model where logic and data is presented in one
wrapping. It’s an implementation of the object-relational mapping (ORM)
pattern by the same name as described by Martin Fowler:

An object that wraps a row in a database table or view,
encapsulates the database access, and adds domain logic on that data.

Active Record’s main contribution to the pattern is to relieve the
original of two stunting problems: lack of associations and
inheritance. By adding a simple domain language-like set of macros to
describe the former and integrating the Single Table Inheritance
pattern for the latter, Active Record narrows the gap of functionality
between the data-mapper and active record approach.

Learn more: http://activerecord.rubyonrails.org


What is Action Pack?
====================

Action Pack splits the response to a web request into a controller part
(performing the logic) and a view part (rendering a template). This
two-step approach is known as an action, which will normally create,
read, update, or delete (CRUD for short) some sort of model part (often
database) before choosing either to render a template or redirecting to
another action.

Action Pack implements these actions as public methods on Action
Controllers and uses Action Views to implement the template rendering.
Action Controllers are then responsible for handling all the actions
relating to a certain part of an application. This grouping usually
consists of actions for lists and for CRUDs revolving around a single
(or a few) model objects. So ContactController would be responsible for
listing contacts, creating, deleting, and update contacts. A
WeblogController could be responsible for both posts and comments.

Action View templates are written using embedded Ruby in tags mingled
in with the HTML. To avoid cluttering the templates with code, a bunch
of helper classes provide common behavior for forms, dates, and
strings. And it’s easy to add specific helpers to keep the separation
as the application extends.

Learn more: http://actionpack.rubyonrails.org


--
David Heinemeier Hansson,
http://www.instiki.org/ -- A No-Step-Three Wiki in Ruby
http://www.basecamphq.com/ -- Web-based Project Management
http://www.loudthinking.com/ -- Broadcasting Brain
http://www.nextangle.com/ -- Development & Consulting Services

 

[gabriele renzi]

il Sun, 25 Jul 2004 04:43:00 +0900, David Heinemeier Hansson

I’ve been talking (and hyping) Rails for so long that it’s all wierd to
finally have it out in the open. Mind you, we’re still not talking
about a 1.0 release, but the package currently on offer is still
something I’m very comfortable to share with the world. Undoubtedly,
there could be more documentation and more examples, but Real Artists
Ship and this piece will grow in public. Enjoy Rails!

Documentation, download: http://www.rubyonrails.org

it seem waiting was worth it
Anyway, about the (uber impressive) ten minutes video on the main
page, a different format would be appreciated cause quicktime does not
mix well with windows boxes and small monitors

Oh, I was nearly forgetting,
woowoo!

 

[Scott Barron]

il Sun, 25 Jul 2004 04:43:00 +0900, David Heinemeier Hansson


it seem waiting was worth it
Anyway, about the (uber impressive) ten minutes video on the main
page, a different format would be appreciated cause quicktime does not
mix well with windows boxes and small monitors

Oh, I was nearly forgetting,
woowoo!

Or my linux box I can coax mplayer to play the video but not the
audio. I'd really like to watch that longer video (which is what I'm
referring about the audio), mpg format would be greatly appreciated!

To stay on topic, I've been watching Rails for a few weeks since I
came across it and I'm delighted that the release has finally come. I
look forward to playing around with it at work on Monday.

Thanks
-Scott

 

[Carl Youngblood]

Oh, I was nearly forgetting,
woowoo!

I believe the correct expression is woohoo! (not woowoo, unless
perhaps you also find David attractive

 

[daz]

Oh, I was nearly forgetting,
woowoo!

I believe the correct expression is woohoo! (not woowoo [...]

Rails => Train noise ?

+1 for woowoo! (YMMV

 

[gabriele renzi]

Oh, I was nearly forgetting,
woowoo!

I believe the correct expression is woohoo! (not woowoo [...]

Rails => Train noise ?

+1 for woowoo! (YMMV

In this days I'm gettin wrong almost everything.
But in this case I meant this, everybody loves old steam locomotives

 

[Andreas Schwarz]

I’ve been talking (and hyping) Rails for so long that it’s all wierd to
finally have it out in the open. Mind you, we’re still not talking about
a 1.0 release, but the package currently on offer is still something I’m
very comfortable to share with the world. Undoubtedly, there could be
more documentation and more examples, but Real Artists Ship and this
piece will grow in public. Enjoy Rails!

The 10 minute video is really impressive. But after browsing through the
documentation I haven't found an answer to one question: what does
happen with XML special chars like <> when you write <%= @post.text %>?

 

[David Heinemeier Hansson]

The 10 minute video is really impressive. But after browsing through

the documentation I haven't found an answer to one question: what does
happen with XML special chars like <> when you write <%= @post.text
%>?

I'm not sure I understand the question, but everything within a <% %>
block is interpreted as regular Ruby code through ERb (the Ruby-version
of eRuby). You can read more about how the Action View works in
http://ap.rubyonrails.org/classes/ActionView.html.

Every other tag is left untouched by the View. So basically the
templates are plain text files that can hold anything (HTML, XML,
LaTeX, emails) sprinkled with Ruby embeddings to add dynamic behavior.
--
David Heinemeier Hansson,
http://www.rubyonrails.org/ -- Web-application framework for Ruby
http://www.instiki.org/ -- A No-Step-Three Wiki in Ruby
http://www.basecamphq.com/ -- Web-based Project Management
http://www.loudthinking.com/ -- Broadcasting Brain
http://www.nextangle.com/ -- Development & Consulting Services

 

[Andreas Schwarz]

I'm not sure I understand the question, but everything within a <% %>
block is interpreted as regular Ruby code through ERb

Sorry that it wasn't clear, I wanted to know what happened when
@post.text contains characters like ">" or "&". (How) are they converted
to entities?

 

[David Heinemeier Hansson]

The 10 minute video is really impressive. But after browsing through

Sorry that it wasn't clear, I wanted to know what happened when
@post.text contains characters like ">" or "&". (How) are they
converted to entities?

Ahh. Rails offers no built-in method for that, but perhaps it should in
the TextHelper[1]. You can, however, just use CGI.escapeHTML[2] like
this:

<%= CGI.escapeHTML(@post.text) %>

[1] http://ap.rubyonrails.org/classes/ActionView/Helpers/TextHelper.html
[2]
http://www.ruby-doc.org/stdlib/libdoc/cgi/rdoc/classes/
CGI.html#M000003.
--
David Heinemeier Hansson,
http://www.rubyonrails.org/ -- Web-application framework for Ruby
http://www.instiki.org/ -- A No-Step-Three Wiki in Ruby
http://www.basecamphq.com/ -- Web-based Project Management
http://www.loudthinking.com/ -- Broadcasting Brain
http://www.nextangle.com/ -- Development & Consulting Services

 

[Andreas Schwarz]

Sorry that it wasn't clear, I wanted to know what happened when
@post.text contains characters like ">" or "&". (How) are they
converted to entities?

Ahh. Rails offers no built-in method for that, but perhaps it should in
the TextHelper[1]. You can, however, just use CGI.escapeHTML[2] like this:

<%= CGI.escapeHTML(@post.text) %>

I see. This is always what I don't like about Eruby; with Kwartz (and
most other templating systems) every variable I include with
#{variable}# is escaped automatically, and it is possible to disable
escaping by writing #{ X(variable) }#. As 99% of the variables usually
are not meant to include HTML code anyway, this makes templates look
clearer and is less error-prone.

Maybe it would make sense to extend Eruby/Erb/whatever with another tag
that wraps the content in CGI.escapeHTML? For example
{%= @post.text %}
instead of
<%= CGI.escapeHTML( @post.text ) %>
?

 

[Carl Youngblood]

I think a better solution if you wanted something like this would be
to alter rails so it changes the variables in the @post object before
displaying them. But I'm not sure everyone would want this behavior.

 

[Andreas Schwarz]

I think a better solution if you wanted something like this would be
to alter rails so it changes the variables in the @post object before
displaying them.

No, something like this should be done at the template level. If I need
both the escaped and the unescaped string or want to apply some
processing to the string in the template it's getting very ugly.

I'm surprised that there is no easy way to deal with this issue; after
seeing all these examples with date types being automatically displayed
as a selection form etc. I would have expected Rails to take care of
properly escaping simple strings.

 

[David Heinemeier Hansson]

I'm surprised that there is no easy way to deal with this issue; after

seeing all these examples with date types being automatically
displayed as a selection form etc. I would have expected Rails to take
care of properly escaping simple strings.

I guess it depends on what kind of application you're building. For
content-heavy applications, such as weblogs, discussion board, content
management systems, etc, it's often the case that you _don't_ want the
strings escaped. And even if you don't want them escaped, it's likely
that you need more advanced escaping anyway.

But I agree that CGI.escapeHTML is a bit rich, so I'll add some kind of
shorther wrapper for that to the TextHelper in the next version. No
need to wait, though. Edit
vendor/actionpack/lib/action_view/helpers/text_helper.rb and add this
method:

def escape(string)
CGI.escapeHTML(string)
end

If you think that's two much to type, perhaps also:

alias_method :e, :escape

Then you're all ready to rock with <%= e(@post.text) %>
--
David Heinemeier Hansson,
http://www.rubyonrails.org/ -- Web-application framework for Ruby
http://www.instiki.org/ -- A No-Step-Three Wiki in Ruby
http://www.basecamphq.com/ -- Web-based Project Management
http://www.loudthinking.com/ -- Broadcasting Brain
http://www.nextangle.com/ -- Development & Consulting Services

 

[Jamis Buck]

I think a better solution if you wanted something like this would be
to alter rails so it changes the variables in the @post object before
displaying them. But I'm not sure everyone would want this behavior.




.

Well, here's a quick hack that anyone could do in their code to make the
autoescaping (and explicit non-escaping) possible:

require 'erb'
require 'cgi'

class String
NO_ESC_REGEX = /^NOESCAPE.*)/

def html_safe_concat( text )
if text =~ NO_ESC_REGEX
concat($1)
else
concat(CGI.escapeHTML(text))
end
end
end

class ERB
alias ld_set_eoutvar :set_eoutvar

def set_eoutvar(compiler, eoutvar='_erbout')
old_set_eoutvar( compiler, eoutvar )
compiler.put_cmd = "#{eoutvar}.html_safe_concat"
end
end

X = "NOESCAPE:"
@something = "<escape \"me\" baby>"
@notme = "<b>not me, \"please\"</b>"

erb = ERB.new "This is <%=@something%> with text, and <%=X+@notme%>"

p erb.result
# -> "This is &lt;escape &quot;me&quot; baby&gt; with text, and
<b>not me, \"please\"</b>"

Not perfect, obviously, but it does work.

--
Jamis Buck
(e-mail address removed)
http://www.jamisbuck.org/jamis

"I use octal until I get to 8, and then I switch to decimal."

 

[David Heinemeier Hansson]

Well, here's a quick hack that anyone could do in their code to make

the autoescaping (and explicit non-escaping) possible:

Not perfect, obviously, but it does work.

That's kinda sexy. I'd certainly welcome a switch-on addition of that
to Action Pack. Perhaps something like:

ActionController::Base.auto_escape_template_prints = true

Following the lines of existing switches, like:

ActionController::Base.view_controller_internals = true

Cool stuff, Jamis!
--
David Heinemeier Hansson,
http://www.rubyonrails.org/ -- Web-application framework for Ruby
http://www.instiki.org/ -- A No-Step-Three Wiki in Ruby
http://www.basecamphq.com/ -- Web-based Project Management
http://www.loudthinking.com/ -- Broadcasting Brain
http://www.nextangle.com/ -- Development & Consulting Services

 

[dominic sisneros]

If you include ERB::Util then it includes html escape. Use it in your
templates like this

<%h= puts "Some text with <characters>" %>

 

[Jamis Buck]

If you include ERB::Util then it includes html escape. Use it in your
templates like this

<%h= puts "Some text with <characters>" %>

Could you give a longer example? I tried the following and didn't get
what I expected...

require 'erb'
include ERB::Util

@text = "something with <brackets> and \"quotes\""
erb = ERB.new( "This is <%h= @text %>" )
p erb.result
#-> "This is "

- Jamis

--
Jamis Buck
(e-mail address removed)
http://www.jamisbuck.org/jamis

"I use octal until I get to 8, and then I switch to decimal."

 

[dominic sisneros]

Sorry, I tried to do it from memory and got the format juxtaposed.

Instead of <%h= "something with <xml> %>

should be <%=h "something with <xml> %>

See below

require 'erb'

class Foo
include ERB::Util

SCRIPT = <<EOS
<h1><%=h @name %></h1>
<ul>
<% ary.each do |x|%>
<li><%=h x %></li>
<% end %>
</ul>
EOS
def initialize(name)
@name = name
@erb = ERB.new(SCRIPT)
end

def foo(ary)
@erb.result(binding)
end
end

it = Foo.new('foo')
puts it.foo([1,2,'<dia>'])

 

[gabriele renzi]

Could you give a longer example? I tried the following and didn't get
what I expected...

it is just that ERB::Util includes an 'h' method
so it is:
<%=h blBLA%>

oh, you even get a #u method