#1
  1. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Aug 2003
    Posts
    199
    Rep Power
    0

    A couple questions about Ruby on Rails


    what is Rake? i dont understand what the use of it is. say I have already made a RoR app, it's all done and ready to go. i can just so script/server, and boom its running. what is the use of Rake tho? i understand that it's to "deploy" the app... but... what does that mean...?




    another question, say my app gives you random polls, 1 at a time. if there is no user-based system, how do u prevent people from voting twice in one poll in Ruby, at least while the browser is still open. meaning if you close the browser, clear the cache, and open a new browser (or i guess just clear the cache in general), you could technically vote for the same poll again.
  2. #2
  3. Banned ;)
    Devshed Supreme Being (6500+ posts)

    Join Date
    Nov 2001
    Location
    Woodland Hills, Los Angeles County, California, USA
    Posts
    9,638
    Rep Power
    4247
    Rake is a program (written in ruby!) which can be used to build other ruby programs. It does this by reading a special file called a Rakefile, which contains a set of different tasks to do.

    Among other things, you can do:
    1. Generate documentation for your app (rake appdoc)
    2. Create a test database from your dev. database (rake clone_structure_to_test)
    3. Run unit tests (rake test_units) or functional tests (run test_functional) or all tests (rake)
    4. Give you stats on your code (rake stats)
    etc.

    If you want to see the list of things you can do with your standard Rakefile, simply type:
    rake --tasks
    Up the Irons
    What Would Jimi Do? Smash amps. Burn guitar. Take the groupies home.
    "Death Before Dishonour, my Friends!!" - Bruce D ickinson, Iron Maiden Aug 20, 2005 @ OzzFest
    Down with Sharon Osbourne

    "I wouldn't hire a butcher to fix my car. I also wouldn't hire a marketing firm to build my website." - Nilpo
  4. #3
  5. Banned ;)
    Devshed Supreme Being (6500+ posts)

    Join Date
    Nov 2001
    Location
    Woodland Hills, Los Angeles County, California, USA
    Posts
    9,638
    Rep Power
    4247
    As for your second question, there is no real way to prevent people from voting twice, aside from asking for some very personal information AND verifying that the personal information is valid, before letting the person vote. Even then, there is no way to prevent an identity thief from stealing personal information from someone else and then voting a second time.

    There are a few ways you can prevent some obvious ballot stuffing.
    1. Post processing after the fact. For instance, you could record the time, browser, IP address etc. of the voter. If too many votes for a particular choice are coming from the same IP address at around the same time, then it would be pretty easy to pick this up and discount all the extra votes.
    2. Asking the user to register with their email first before they can vote (and disallowing registration from free webmail services like yahoo/gmail/hotmail etc.)
    Up the Irons
    What Would Jimi Do? Smash amps. Burn guitar. Take the groupies home.
    "Death Before Dishonour, my Friends!!" - Bruce D ickinson, Iron Maiden Aug 20, 2005 @ OzzFest
    Down with Sharon Osbourne

    "I wouldn't hire a butcher to fix my car. I also wouldn't hire a marketing firm to build my website." - Nilpo
  6. #4
  7. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Aug 2003
    Posts
    199
    Rep Power
    0
    ah i see. what about cookies, or sessions? i don't really know how either of those work, but can either be used for this purpose. can i send a cookie to the client every time he casts a vote on a poll, and check if the client has a certain cookie or not? how do u even check for cookies..
  8. #5
  9. No Profile Picture
    Contributing User
    Devshed Regular (2000 - 2499 posts)

    Join Date
    Jul 2006
    Posts
    2,270
    Rep Power
    1737
    “Security” and “depending on the user” do not go together. Cookies are a terrible idea for that reason. They are stored on the client’s computer. Obviously, the client can delete them at his whim.

    You’ll find sessions to be no better. They are just a way of tracking information about a user such as what page on a website he is on and so forth. Session systems commonly involve cookies. You may try to complicate it by checking the session with a table of IPs and so on. But then it’s practical to not even have a session system, and just log IP addresses. Trying to detect fraud by IP addresses isn’t very secure. You’ll find too many false positives (router/proxy on a large block of users) and too many false negatives (proxied connections).
    When you ask a question, be prepared to tell us: what have you tried? If you think you don't need to try anything, we will never be interested in helping you. If you agree with the link, and you refuse to answer that question, you are being a hypocrite.

    Need help with broken code? Your question should be like a good bug report: (1) It has the smallest number of steps to reproduce the problem you see (2) It tells us precisely what you expected to see and (3) It tells us what you saw and how it differed from what you expected. We need all three to help you.
    Want better answers? Tell us what you Googled for and what steps you took to answer your own question.
  10. #6
  11. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Aug 2003
    Posts
    199
    Rep Power
    0
    Originally Posted by Oler1s
    “Security” and “depending on the user” do not go together. Cookies are a terrible idea for that reason. They are stored on the client’s computer. Obviously, the client can delete them at his whim.

    You’ll find sessions to be no better. They are just a way of tracking information about a user such as what page on a website he is on and so forth. Session systems commonly involve cookies. You may try to complicate it by checking the session with a table of IPs and so on. But then it’s practical to not even have a session system, and just log IP addresses. Trying to detect fraud by IP addresses isn’t very secure. You’ll find too many false positives (router/proxy on a large block of users) and too many false negatives (proxied connections).

    I see. Well the use of cookies for my purposes is not for security. It's just to prevent from over-voting, cause that'll just ruin the fun.



    Say, has anyone tried to use RadRails?


    I just downloaded Aptana RadRails, and I tried to do two things:

    1) I created a new project and added an existing project into RadRails. When I tried to run it, I got this:

    Code:
    /script/../config/boot.rb:18:in `require’: No such file to load—rubygems (LoadError) from ./script/../config/boot.rb:18 from ./script/server:2:in `require’ from ./script/server:2 from -e:4:in `load’ from -e:4
    Gem is installed on my machine for sure, version 0.9.2. I can’t figure out what’s wrong. I have the Rails, Rake, and Ruby configuration all correct (or at least I think I do). I am on Mac OSX 10.4.9, with Ruby 1.8.6 (2007-03-13 patchlevel 0) [i686-darwin8.9.1]

    2) Probably related to the first question: when I do a fresh Rails Project, I check the “Generate Rails application skeleton” option, and hit finish. After that, I check out the freshly created project, and WHAM! it’s empty. No structure, no folders, no files, no nothing. Probably because it couldn’t find the gems?

    No idea, completely clueless. Please help! Thanks!
  12. #7
  13. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Oct 2004
    Posts
    366
    Rep Power
    10
    Did you install RubyGems? Your install should have been: Ruby --> RubyGems --> Rails Gem.

    As for RadRails; I've never used it on Mac (TextMate FTW!) but I've toyed with it on Windows. I seem to have liked the old RadRails better than the new Aptana IDE.

    as for over-voteing; Have you seen the acts_as_rateable plugin? Instead of using sessions or cookies to account for voting it uses the user_id table from the database. For every rating it stores a user_id and a object_id. If the user tries to vote again the app sees his user_id in the ratings table and instead of adding another vote it simple overwrites the old vote.

    -Amir
    I have summoned you here for a purpose

IMN logo majestic logo threadwatch logo seochat tools logo