happiness" * • Lets you quickly build and deploy dynamic web applications • Clearly defined conventions and philosophy lead to powerful and expressive code * This is a direct quote.
have the same directory structure ◦ User model -> users table, user.rb, etc • Don't repeat yourself (DRY) ◦ Information in a single, unambiguous place ◦ Ex: layouts and partials
nouns in an application ◦ A blog might have posts and users • Usually a 1-to-1 correspondence to a database table ◦ Ex: Post model implicitly tied to posts table • Home of validation and business logic ◦ "Fat model, skinny controller"
'ruby, programming, rails') • We could store a tag string on every post and then search through all posts for a match when looking for a tag • Insanely inefficient. How else to do it? Many-to-many associations
a join table between post_ids and tag_ids • Point is that after we declare the associations and create the table, Rails will take care of the heavy lifting with the foreign keys A many-to-many association
the user sees in their browser and interacts with • Scroll through a list of posts, or read a specific post • Links and forms send requests/data to the controller
with most of the databases out there • Presents a single persistence API for the SQL variants: MySQL, PostgreSQL, Oracle, SQLite, ... • Can also plug in Redis, MongoDB, etc
forms and compare them against a server-side secret • Mass-assignment attribute whitelisting • XSS: output is automatically escaped Recommended: The Rails Security Guide