5:42 Play Subscribe with or Intro song by Falseta

Episode #347 - February 22, 2013

2d87773eac5b0f45eaeffdeade7bd59d.jpg?s=18&r=pg&d=http%3a%2f%2fwww.gravatar.com%2favatar%2f8ebf4339f7c8cd73b53d1d1d3eba7c35 Jon Larkowski 241ab9ad3d170ef48f21d120a7684017.jpg?s=18&r=pg&d=http%3a%2f%2fwww.gravatar.com%2favatar%2f8ebf4339f7c8cd73b53d1d1d3eba7c35 Wes Gibbs

Another Exciting! SQL Injection! Decoding Cookies! Typehead! Media Queries! Incoming! Git rebase considered awesome! Ruby5!

Subscribe to our mailing list!

This episode is sponsored by New Relic. New Relic gives you performance monitoring, tracking, and reporting of your web applications.

  • New Relic
  • SQL Injection
  • Session Cookies
  • Typeahead.js
  • Sass Media
  • Incoming!
  • git rebase
  • Ruby5

Avoiding SQL Injection in Rails Jump to Story

Justin Collins blogged about Avoiding SQL Injection in Rails. In the post he explains an exploit via the exists? method. He also introduces http://rails-sqli.org, which is “a big list of what not to do when using ActiveRecord”.

See also:

April 18th, 2014

URL parsing with Rippersnapper, awesome APIs with Pliny, thread-safe utilities from Charles Nutter, a revival of the invoicing gem, info about recursion and memoization, querying git with gitql, and refactoring bad controllers all in this episode of the Ruby5 podcast!

April 15th, 2014

In this episode we cover the results of the Cloudflare Heartbleed challenge, tracking trends in the Ruby community with the Ruby Survey, Rails 4.1 ActiveRecord enums, iStats for CPU temperature on OS X and some Insanely Useful ActiveAdmin Customizations.

April 8th, 2014

The internet is heartbleeding plus exciting rails 4.1 features. With special guest Nathan Hessler.

April 8th, 2014

On today's episode: Rails 4 PostgreSQL integration, tips for hiring great software engineers, Ruby Love, what your conference proposal is missing, crafting a conference talk, an introduction to JSON schemas, Build a Ruby Gem, and Surviving APIs with Rails