Profile

Cover photo
Marcello Raffaele Avagliano
Works at Publicis Groupe
Attends West Virginia University
Lived in münchen
378 followers|56,668 views
AboutPostsPhotos

Stream

 
Handy hint for better database performance in Ruby on Rails:

Always add DB index in your Migration!
By default, rails does not add indexes automatically for foreign key, you should add indexes by yourself.
If you want to speed up your performance, I suggest to add an index for

– foreign key
– columns that need to be sorted
– lookup fields
– and columns that are used in a GROUP BY

read more ...
1
Add a comment...
 
Let’s go on with part four of our mathematical soultions-series in Project Euler:

Problem:
The Largest palindrome product

A palindromic number reads the same both ways. The largest palindrome made from the product of two 2-digit numbers is 9009 = 91 × 99. Find the largest palindrome made from the product of two 3-digit numbers.

We first need a palindrome method. Let’s define it like this:
def palindrome? x
  # convert into String
  y = x.to_s
  # define look as the length of "y" divided by 2
  look = y.length / 2
  y[0..(look-1)] == y[-look..-1].reverse
end

Read on ...
http://www.railszilla.com/projekt-euler-probem-4-ruby/ruby
1
Add a comment...
 
forever friends, thats cool :-)
4,ever,5,-,topic,of,the,day
1
Add a comment...
 
When ever we create a project, the same issue is our pain in the ass …
I talk about Security which is somehow dull and seems to be boring. I have done a simple checklist for a quick review of your code, which is divided in three simple steps: model, view and of course controller.

Our quick security checklist for your models
Use the helper method
attr_accessible
or
attr_protected

if you have to explicitly identify attributes that are accessible by the actions “create” and “update_attributes”. Don’t ever think that someone won’t try to post a value to your form.
Another thing to be aware is, when we use

attr_accessible
instead of
attr_protected

in this case we have the the advantage that it fails if new fields are added to a model. In this case you have to expose new fields explicitly. The method attr_accessible specifies a white list of model attributes that can be set via mass-assignment.

Read the full article "Ruby on Rails Security Checklist" here
1
Add a comment...
3
Marcello Raffaele Avagliano's profile photo
 
Luca Leone, two and a half years
Add a comment...
 
now you can see, how much fun we it-professionals have ;-)

The Great Office War
1
1
Tobias Bayer's profile photo
Add a comment...
Have him in circles
378 people
Uli Schlepper's profile photo
Wolfgang Felbermeier's profile photo
Peter Sommerer's profile photo
Ortwin Oberhauser's profile photo
Mladen Tomic's profile photo
Kai Limberger's profile photo
United Coders's profile photo
Norbert J. Rottensteiner's profile photo
gustavo pereira's profile photo
 
Generate polymorphic URL in Rails

In this example, I want to explain a best practice for Polymorphic URLs in Rails. I will show really bad things here as an illustrative example.
Don’t worry, we will refactor the code later ;-)

Let us assume that we have three models, Post, News and Comment. In most cases, a post has many comments and a news has many comments. 

They are defined like:

class Post < ActiveRecord::Base
  has_many :comments
end
class News < ActiveRecord::Base
  has_many :comments
end
class Comment < ActiveRecord::Base
  belongs_to :commentable, :polymorphic => true
end

read more at www.railszilla.com
1
Add a comment...
 
Ever asked yourself how to use HTTP Basic authentication with ActiveAdmin?
There are several reasons to use HTTP Basic authentication for your backend. I needed a solution which can be recycled wherever I need a HTTP Basic authentication. I only wanted a central place for User and Password and I wanted just one call wherever I need my authentication.
Lets go …

<code>
#
# app/controllers/application_controller.rb

  protected
  def authenticate
    authenticate_or_request_with_http_basic do |username, password|
      username == "admin" && password == "superpassword"
    end
  end
</code>

Now you can call
before_filter :authenticate

… whenever you need a HTTP Basic authentication.
In case of ActiveAdmin, let’s call our before_filter like that:

<code>
#
# config/initializers/active_admin.rb
#
ActiveAdmin.setup do |config|
  ...

  # http auth for admin area
  config.before_filter :authenticate

  ...
</code>

Have fun!

http://www.railszilla.com/activeadmin-http-authentication/rails
1
Markus Schirp's profile photo
 
Never validate authentication tokens with String#== . You need to use a fixed time string equals to avoid a timing side channel.
Add a comment...
 
Why the Rails default_scope is a bad thing

Activerecord provides default_scope to set a default scope for all operations on the model. I was never a friend of using default_scope, even when many friends used it in their projects. At the first look, it looks convenient but will lead to a headache very soon. We should avoid using it and here is why:

Assume we defined a default_scope in Comment model
<code>
class Comment
  default_scope where(published: true).order("created_at desc")
end
</code>

In this case the default_scope added some behaviors that we don’t recognize at the first look. The bad news: You can’t override default_scope by default! It lists comments order by created_at. Let’s have a look

<code>
> Comment.limit(10)
  Comment Load (3.3ms)  SELECT `comments`.* FROM `comments` WHERE `comments`.`published` = 1 ORDER BY created_at desc LIMIT 10
</code>

Read the full article in my blog: http://www.railszilla.com/default_scope-in-rails-is-bad/rails
1
Add a comment...
2
Marcello Raffaele Avagliano's profile photo
 
Minea Lucia, 4 months ...
Add a comment...
 
As I showed in my article (see bottom line), we can have another way of doing this job:
----- <code> -----
require 'prime'
goal = 600851475143

Prime.each(goal) do |number|
   @container= [number]
end
puts @container.last
----- </code> -----

This small piece of code illustrates togeter with my other solutions, that we have a vast amount of ways doing things in Ruby …
1
Add a comment...
 
This goes into category "coffee break" ...
My favourite excuse is the new word of the day:

My code did not fail!
I just found another method that will not solve this problem ...

;-)
1
Add a comment...
People
Have him in circles
378 people
Uli Schlepper's profile photo
Wolfgang Felbermeier's profile photo
Peter Sommerer's profile photo
Ortwin Oberhauser's profile photo
Mladen Tomic's profile photo
Kai Limberger's profile photo
United Coders's profile photo
Norbert J. Rottensteiner's profile photo
gustavo pereira's profile photo
Work
Occupation
Technical Consultant & product owner
Skills
Ruby, Ruby on Rails, BDD, TDD, PHP, Symfony, JQuery, SASS / CSS3, HTML5, Mobile Apps, Facebook Apps, LAMP Server, NoSQL, MySQL, PostgreSQL, Adobe Creative Suite, JavaScript, Cucumber/DSL, CoffeeScript, SEO, CloudComputing, AWS, Heroku, ScrumMaster, Scrum Product Owner
Employment
  • Publicis Groupe
    Technical Consultant & Product Owner, 2014 - present
Places
Map of the places this user has livedMap of the places this user has livedMap of the places this user has lived
Previously
münchen - hamburg - bremen - london - napoli
Story
Tagline
Software Engineer who works as a Product Owner and Technical Consultant
Introduction
Marcello Raffaele Avagliano - aka RailsZilla - writer of the Ruby on Rails blog http://www.railszilla.com

class RailsZilla < ActiveRecord::Base
    has_many :dirty_tricks, 
    belongs_to :you, :dependent => :daily
end
Bragging rights
Contemporary classical music, vegetarian, traveling around the world
Education
  • West Virginia University
    Forensic Accounting and Fraud Examination, 2014 - present
    Benford's Law and Financial Analytics, Cyber-Crime and Money Laundering
  • University of Rostock
    Management and Leadership, 2014 - 2015
    Professional certification in Leadership and team psychology
Basic Information
Gender
Male