I have bean seen code of scaffold in rails. I found
<%% breadcrumb_add "<%= plural_table_name.capitalize %>", <%= plural_table_name %>_path %>
<%%= render 'form' %>
https://github.com/rails/rails/blob/3fcc0ca99107fa57110421b392f5854555f17fe2/railties/lib/rails/generators/erb/scaffold/templates/_form.html.erb
What is <%% and how to use?
<%% in Erb produces a literal <% in the output. You can use it if you want the output of your template to also be Erb, which is what is happening in the Rails example you link to.
In your code, the output will be something like (if the variable plural_table_name is things):
<% breadcrumb_add "Things", thing_path %>
<%= render 'form' %>
which itself is Erb.
Related
In a rails 5.2.3 erb template:
<% input = "<script>alert('XSS')</script>" %>
<p><%= input %></p>
is showing <script>alert('XSS')</script> instead of >.. etc
Isn't <%= ... %> supposed to prevent against reflected xss attack?
Same issue if input is retrieved from params[:input]
The raw is output in the html:
Need to look in source ctrl+u
as Gabor suggested
By design, some classes will deal with only a subset of available languages.
the globalize-accessors gem is quite useful, however, the rendering requires that the following be defined
Class.globalize_attribute_names
so while available_locales = [:en, :ru, :fr, :de], the goal is to work with a smaller array [:en, :ru]
The documentation states Calling globalize_accessors with no options will therefore generate accessor methods for all translated fields and available languages. But the purported way to invoke is in the model
globalize_accessors :locales => [:en, :fr], :attributes => [:title]
How can the globalize_accessorsmethod refer to an array, something generated by the likes of
#post.owner.ownerlocales.pluck('locale')
(although the array values are quoted...)
A working solution found but that does not address the above question, is based on the fact that globalize-accessors
gives you access to methods: title_pl, title_en, title_pl=, title_en=
Thus, a controller method that generates a whitelist
#locales = []
#post.owner.ownerlocales.each do |ol|
locale = ol.locale
#locales.push(locale)
end
... then process in the view filtering out the globalize_processors from whitelist
<% Post.globalize_attribute_names.each do |lang| %>
<% my_string = lang.to_s %>
<% #locales.each do |locale| %>
<% checkstring = "_" + locale %>
<% if my_string.include? checkstring %>
<div class="row">
<%= t(lang[0..-4]) %> - <%= lang[-2, 2] %> <br />
<%= f.text_area lang, rows: "3" %>
</div>
<% end %>
<% end %>
<% end %>
Not efficient, functional.
I would like to add an HTML element attribute depending whether I'm passing an URL or not to an HTML helper.
I tried this in my template.html.eex:
<%= if Regex.match?(~r/www/, "#auxButton_linkURL") do %> target="_blank" <% else %><% end %>
I know that I'm close but this is not working (although no error, it simply just doesn't add the target attribute).
How to use it correctly?
Do you mean to use the #auxButton_linkURL value from conn.assigns? If so you should use:
<%= if Regex.match?(~r/www/, #auxButton_linkURL) do %> target="_blank" <% else %><% end %>
Notice there are no quotes around #auxButton_linkURL. As an aside, variables by convention should use snake_case (#aux_button_link_url)
I'm running Spree 2.2. I'm trying to get the standard taxonomy/filter list to appear on each individual product page in Spree, but I cannot find where it decides that there's sidebar content to be displayed. If anyone can shed any light on where/how that's decided I'd be most grateful.
On the front-end part of spree, more specific, on the index view of the products controller, route spree_frontend/app/views/spree/products/index.html.erb at the beginning of the file, it get's decided whether there will be displayed the taxons or not:
<% content_for :sidebar do %>
<div data-hook="homepage_sidebar_navigation">
<% if "spree/products" == params[:controller] && #taxon %>
<%= render :partial => 'spree/shared/filters' %>
<% else %>
<%= render :partial => 'spree/shared/taxonomies' %>
<% end %>
</div>
<% end %>
So what you can do is to write an override pointing at any part of the products/show view, in particular i suggest after the product_left_part_wrap" data-hook, wich is a wrapper for the sidebar on the products show view, so your deface could look something like this:
Deface::Override.new(
:virtual_path => 'spree/products/show',
:name => 'add_map_to_product_show',
:insert_after => '[data-hook="product_left_part_wrap"]',
:partial => "spree/products/the_taxons_and_filters"
)
And inside the file named _the_taxons_and_filters.html.erb located on app/views/spree/products/ you can add the code from above and include the taxons filters. Hope this was helpful.
I have the following:
<% #users.each do |user| %>
<% if user.profile %>
<%= link_to user do %>
<h2><%= user.profile.first_name %> <%= user.profile.last_name %></h2>
<% end %>
<% end %>
<% end %>
The above code works fine. What this code does is that it will output the first and last names of every user. These names are clickable and will take me to that user's page. My main issue is with the 3rd line. The issue I am having is that I am trying to get rid of the link underline, but I am unsure as to how to pass a class into it. Below is my attempt. My class "no-text-dec" is just one line of "text-decoration: none;"
<%= link_to (user, class: "no-text-dec") do %>
I'm new to Rails, but I understand that link_to has a body, url options, and then html options in that specific order, but how can I make it work in this case? The above line makes my application is crash, but it's the only thing I can think of that makes sense. I'm assuming it's because I am not giving it its body argument, but I'm not sure what that would be.
This should work fine if user contains url/path correct
<%= link_to(user, class: 'some_class') %> do
<span>Delete</span>
<% end %>
The space after method in sending argument in helper method link_to is crashing your application
you can give a try at irb
def test(a,b)
puts a; puts b;
end
test ("Ad","Cd")
It should throw an error