// API callback
related_results_labels_thumbs({"version":"1.0","encoding":"UTF-8","feed":{"xmlns":"http://www.w3.org/2005/Atom","xmlns$openSearch":"http://a9.com/-/spec/opensearchrss/1.0/","xmlns$blogger":"http://schemas.google.com/blogger/2008","xmlns$georss":"http://www.georss.org/georss","xmlns$gd":"http://schemas.google.com/g/2005","xmlns$thr":"http://purl.org/syndication/thread/1.0","id":{"$t":"tag:blogger.com,1999:blog-8539880144347728238"},"updated":{"$t":"2023-08-23T16:29:45.305-04:00"},"category":[{"term":"Pentesting"},{"term":"Metasploit"},{"term":"cktricky"},{"term":"hacking"},{"term":"Book Reviews"},{"term":"Security Conferences"},{"term":"news"},{"term":"devoops"},{"term":"Chris Gates"},{"term":"client side attacks"},{"term":"devops"},{"term":"rant"},{"term":"web application testing"},{"term":"oracle"},{"term":"low2pwned"},{"term":"information Gathering"},{"term":"pwnage"},{"term":"auxiliary modules"},{"term":"carnal0wnage"},{"term":"cloud"},{"term":"enumeration"},{"term":"EthicalHacker.net"},{"term":"Learn Security Online"},{"term":"chicagocon"},{"term":"Kubernetes"},{"term":"Wireless"},{"term":"day in the life"},{"term":"jenkins"},{"term":"Maltego"},{"term":"certification"},{"term":"meterpreter"},{"term":"mimikatz"},{"term":"pass the hash"},{"term":"phishing"},{"term":"politics"},{"term":"Security"},{"term":"malware"},{"term":"password cracking"},{"term":"post-exploitation"},{"term":"powershell"},{"term":"Incident Response"},{"term":"android"},{"term":"automation"},{"term":"blackhat DC"},{"term":"exploits"},{"term":"linux"},{"term":"press"},{"term":"privacy"},{"term":"token impersonation"},{"term":"toorcon"},{"term":"SQL  Injection"},{"term":"incognito"},{"term":"mubix"},{"term":"scanning"},{"term":"shmoocon 09"},{"term":"webcasts"},{"term":"wrap-up"},{"term":"DNS"},{"term":"HackerDefender"},{"term":"Security Metrics"},{"term":"VNC"},{"term":"aircrack-ng"},{"term":"chris nickerson"},{"term":"fail"},{"term":"mike murray"},{"term":"nmap"},{"term":"rootkit"},{"term":"shmoocon 08"},{"term":"shotgun posts"},{"term":"token kidnaping"},{"term":"Crash Course in Penetration Testing"},{"term":"Full Scope Security"},{"term":"IPv6"},{"term":"Paterva"},{"term":"Physical Security"},{"term":"Research"},{"term":"SOURCE Boston 2009"},{"term":"Scapy"},{"term":"antivirus"},{"term":"coldfusion"},{"term":"hack tools"},{"term":"hakin9"},{"term":"http options"},{"term":"identity theft"},{"term":"interviews"},{"term":"jboss"},{"term":"karma"},{"term":"nessus"},{"term":"passthehash toolkit"},{"term":"podcasts"},{"term":"privacy is dead"},{"term":"rpcclient"},{"term":"snmp"},{"term":"social engineering"},{"term":"ubuntu"},{"term":"webdav"},{"term":"AttackResearch"},{"term":"Botnets"},{"term":"Dan Hoffman"},{"term":"GoogleAds"},{"term":"Joe McCray"},{"term":"MAME"},{"term":"NTP"},{"term":"Network Mapping"},{"term":"OMG Python"},{"term":"Packet Analysis"},{"term":"Programming"},{"term":"RetroPie"},{"term":"SCADA"},{"term":"Security Data Visualization"},{"term":"Traceroute"},{"term":"Traceroute Visulization"},{"term":"airodump-ng"},{"term":"attack analysis"},{"term":"aws"},{"term":"backtrack2"},{"term":"backtrack3"},{"term":"blue teaming"},{"term":"cadaver"},{"term":"citrix hacking"},{"term":"conspiracy"},{"term":"coolest Dad ever"},{"term":"defcon"},{"term":"defense"},{"term":"digging into the chewy center"},{"term":"elasticsearch"},{"term":"emulators"},{"term":"foursquare"},{"term":"ike-scan"},{"term":"install your own linux distro"},{"term":"java"},{"term":"javascript"},{"term":"jeremiah grossman"},{"term":"john the ripper"},{"term":"kanoOS kano computers"},{"term":"karmasploit"},{"term":"karmetasploit"},{"term":"lotus domino"},{"term":"mentoring"},{"term":"mssql"},{"term":"mssql_login"},{"term":"mssql_ping"},{"term":"msvctl"},{"term":"null-session"},{"term":"paranoia"},{"term":"privilege escalation"},{"term":"purple teaming"},{"term":"raspberry pi"},{"term":"risk management"},{"term":"ruby"},{"term":"scripting"},{"term":"sensepost"},{"term":"sqlmap"},{"term":"ssl"},{"term":"stupid users"},{"term":"tempest"},{"term":"twitter"},{"term":"windows vista"},{"term":"8570.1"},{"term":"AFP"},{"term":"DNS Fingerprinting"},{"term":"DNS exploit"},{"term":"Dr-crack"},{"term":"EFF NSA Shirt"},{"term":"Endpoint Security"},{"term":"Fabric"},{"term":"Fresh New Look"},{"term":"Full Scope Testing"},{"term":"Fuzzing: Brute Force Vulnerability Discovery"},{"term":"GCP"},{"term":"Geek Mafia"},{"term":"HE Windows"},{"term":"HR Geeks"},{"term":"Hacking Exposed Windows"},{"term":"IE7 Exploit"},{"term":"Information Security Day"},{"term":"Joe Klein"},{"term":"Johnny Long"},{"term":"LG voyager"},{"term":"MAC addresses"},{"term":"Mail"},{"term":"Metasploit Pro"},{"term":"No Place To Hide"},{"term":"No Tech Hacking"},{"term":"NoVA Sec"},{"term":"P2P"},{"term":"Programming Book Review Criteria"},{"term":"QEMU"},{"term":"SOURCE Boston 2008"},{"term":"The Art of Software Security Testing"},{"term":"The Craft of System Security"},{"term":"Traceroute Aggregation"},{"term":"Val Smith"},{"term":"WTF"},{"term":"XSS"},{"term":"amplification attacks"},{"term":"apple filing protocol"},{"term":"brute forcing"},{"term":"bugbounty"},{"term":"burp suite"},{"term":"bypassuac"},{"term":"chef"},{"term":"cisco"},{"term":"cisco asa"},{"term":"conti"},{"term":"cve"},{"term":"databases"},{"term":"deauth attack"},{"term":"defeating AV"},{"term":"dhcp script injection"},{"term":"digital signatures"},{"term":"dll"},{"term":"docker"},{"term":"domo kun video"},{"term":"ec2"},{"term":"education"},{"term":"eeepc"},{"term":"enum4linux"},{"term":"espionage"},{"term":"excel macro"},{"term":"exotic liability"},{"term":"exploit dev course"},{"term":"fckeditor"},{"term":"file format"},{"term":"firewire"},{"term":"forenics"},{"term":"full disclosure"},{"term":"github"},{"term":"google dorks"},{"term":"gsecdump"},{"term":"hack minecraft"},{"term":"hadoop"},{"term":"hijacking"},{"term":"http-dir-enum"},{"term":"ida pro"},{"term":"impacket"},{"term":"infosecwriters.com"},{"term":"irc"},{"term":"java decompile"},{"term":"kerberos"},{"term":"kickstart files"},{"term":"kismet"},{"term":"layer2"},{"term":"lft"},{"term":"life"},{"term":"linkedin"},{"term":"local root"},{"term":"local to domain account"},{"term":"metacab"},{"term":"metagoofil"},{"term":"motorola xoom root"},{"term":"mwr InfoSecurity"},{"term":"ncrack"},{"term":"netapp"},{"term":"non-english"},{"term":"notes"},{"term":"null sa"},{"term":"offtopic"},{"term":"opinion"},{"term":"osx"},{"term":"password filters"},{"term":"pentoo"},{"term":"persistence"},{"term":"pidgin"},{"term":"portqry"},{"term":"printer hacking"},{"term":"procdump"},{"term":"process injection"},{"term":"proxychains"},{"term":"puttyhijack"},{"term":"pwn plug elite"},{"term":"quotes"},{"term":"rainbow tables"},{"term":"reDuh"},{"term":"red team"},{"term":"red teaming"},{"term":"redis"},{"term":"resource scripts"},{"term":"rfid"},{"term":"richard bejtlich"},{"term":"roomwizard"},{"term":"scams"},{"term":"scp"},{"term":"sensitive data leakage"},{"term":"server-status"},{"term":"sharepoint"},{"term":"shmoocon 15"},{"term":"silc"},{"term":"slicehost"},{"term":"smbshell"},{"term":"sqid"},{"term":"sqlite3"},{"term":"sticky keys"},{"term":"sticky ports"},{"term":"sunday comics"},{"term":"swfscan"},{"term":"talks"},{"term":"thin client hacking"},{"term":"timestomp"},{"term":"tnscmd"},{"term":"tsa"},{"term":"unicornscan"},{"term":"upload.asp"},{"term":"usernames"},{"term":"vagrant"},{"term":"volatility"},{"term":"volreg"},{"term":"vulnerability"},{"term":"w3af"},{"term":"webgoat"},{"term":"webshells"},{"term":"weridAAL"},{"term":"wmap"},{"term":"wmic"},{"term":"wordpress"},{"term":"xml"},{"term":"yersinia"},{"term":"youtube"},{"term":"zone transfers"}],"title":{"type":"text","$t":"Carnal0wnage Blog"},"subtitle":{"type":"html","$t":""},"link":[{"rel":"http://schemas.google.com/g/2005#feed","type":"application/atom+xml","href":"https:\/\/blog.carnal0wnage.com\/feeds\/posts\/default"},{"rel":"self","type":"application/atom+xml","href":"https:\/\/www.blogger.com\/feeds\/8539880144347728238\/posts\/default\/-\/cktricky?alt=json-in-script\u0026max-results=6"},{"rel":"alternate","type":"text/html","href":"https:\/\/blog.carnal0wnage.com\/search\/label\/cktricky"},{"rel":"hub","href":"http://pubsubhubbub.appspot.com/"},{"rel":"next","type":"application/atom+xml","href":"https:\/\/www.blogger.com\/feeds\/8539880144347728238\/posts\/default\/-\/cktricky\/-\/cktricky?alt=json-in-script\u0026start-index=7\u0026max-results=6"}],"author":[{"name":{"$t":"Unknown"},"email":{"$t":"noreply@blogger.com"},"gd$image":{"rel":"http://schemas.google.com/g/2005#thumbnail","width":"16","height":"16","src":"https:\/\/img1.blogblog.com\/img\/b16-rounded.gif"}}],"generator":{"version":"7.00","uri":"http://www.blogger.com","$t":"Blogger"},"openSearch$totalResults":{"$t":"80"},"openSearch$startIndex":{"$t":"1"},"openSearch$itemsPerPage":{"$t":"6"},"entry":[{"id":{"$t":"tag:blogger.com,1999:blog-8539880144347728238.post-7419503793242411933"},"published":{"$t":"2013-04-12T10:20:00.000-04:00"},"updated":{"$t":"2013-04-12T12:19:02.275-04:00"},"category":[{"scheme":"http://www.blogger.com/atom/ns#","term":"cktricky"}],"title":{"type":"text","$t":"Rails - Guard, Brakeman, and Bundler-Audit"},"content":{"type":"html","$t":"Thanks to the efforts of Justin Collins (\u003Ca href=\"https:\/\/twitter.com\/presidentbeef\"\u003E@presidentbeef\u003C\/a\u003E - \u003Ca href=\"http:\/\/brakemanscanner.org\/\"\u003EBrakeman\u003C\/a\u003E) \u0026nbsp;and Hal Brodigan (\u003Ca href=\"https:\/\/twitter.com\/postmodern_mod3\"\u003E@postmodern_mod3\u003C\/a\u003E - \u003Ca href=\"https:\/\/github.com\/postmodern\/bundler-audit\"\u003EBundler-Audit)\u003C\/a\u003E, Rails developers (and Sinatra) can use these two tools in tandem with \u003Ca href=\"https:\/\/github.com\/guard\/guard\"\u003EGuard\u003C\/a\u003E to protect their applications while under development. For those who aren't familiar, Guard was designed to run while you are developing, when you save a file it triggers Guard to run whatever tests you've specified in your Guardfile.\u003Cbr \/\u003E\n\u003Cbr \/\u003E\nThe following video depicts this.\u003Cbr \/\u003E\n\u003Cdiv\u003E\n\u003Cbr \/\u003E\u003C\/div\u003E\n\u003Ciframe allowfullscreen=\"\" frameborder=\"0\" height=\"375\" mozallowfullscreen=\"\" src=\"http:\/\/player.vimeo.com\/video\/63901340\" webkitallowfullscreen=\"\" width=\"500\"\u003E\u003C\/iframe\u003E"},"link":[{"rel":"replies","type":"application/atom+xml","href":"https:\/\/blog.carnal0wnage.com\/feeds\/7419503793242411933\/comments\/default","title":"Post Comments"},{"rel":"replies","type":"text/html","href":"https:\/\/www.blogger.com\/comment.g?blogID=8539880144347728238\u0026postID=7419503793242411933","title":"0 Comments"},{"rel":"edit","type":"application/atom+xml","href":"https:\/\/www.blogger.com\/feeds\/8539880144347728238\/posts\/default\/7419503793242411933"},{"rel":"self","type":"application/atom+xml","href":"https:\/\/www.blogger.com\/feeds\/8539880144347728238\/posts\/default\/7419503793242411933"},{"rel":"alternate","type":"text/html","href":"https:\/\/blog.carnal0wnage.com\/2013\/04\/rails-guard-brakeman-and-bundler-audit.html","title":"Rails - Guard, Brakeman, and Bundler-Audit"}],"author":[{"name":{"$t":"cktricky"},"uri":{"$t":"http:\/\/www.blogger.com\/profile\/16815248087217800849"},"email":{"$t":"noreply@blogger.com"},"gd$image":{"rel":"http://schemas.google.com/g/2005#thumbnail","width":"24","height":"32","src":"\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjzbwSNk_s0HvOxfbAtSl2FhHna2aB6Xo7-_ZCNbVXymFAuMWTQm3pW0F7uI4NvrI9QfGqrYukEzyCuhpx3mtzQ-TRFv4WxM_N4kzLnphfpUKuw0emNZXEl_B7_tnXLjAo\/s220\/myphoto.gif"}}],"thr$total":{"$t":"0"}},{"id":{"$t":"tag:blogger.com,1999:blog-8539880144347728238.post-1175922758209423558"},"published":{"$t":"2013-04-10T11:39:00.001-04:00"},"updated":{"$t":"2013-04-10T11:39:13.805-04:00"},"category":[{"scheme":"http://www.blogger.com/atom/ns#","term":"cktricky"}],"title":{"type":"text","$t":"Bundler-Audit -\u003E Auditing your RubyGems"},"content":{"type":"html","$t":"Ruby applications that utilize a Gemfile\/Gemfile.lock, file(s) that contain the list of ruby gems an application should use along with their respective version number, can now be audited to determine if those libraries are vulnerable.\u003Cbr \/\u003E\n\u003Cdiv\u003E\n\u003Cbr \/\u003E\u003C\/div\u003E\n\u003Cdiv\u003E\nCredit to\u0026nbsp;\u003Ca href=\"https:\/\/twitter.com\/postmodern_mod3\"\u003Epostmodern\u003C\/a\u003E\u0026nbsp;for developing the auditing gem and also to\u0026nbsp;\u003Ca href=\"https:\/\/github.com\/rubysec\"\u003ERubySec\u003C\/a\u003E\u0026nbsp;for creating the\u0026nbsp;\u003Ca href=\"https:\/\/github.com\/rubysec\/ruby-advisory-db\"\u003Eruby-advisory-db\u003C\/a\u003E, a community maintained database of Ruby gem vulnerabilities for which \u003Ca href=\"https:\/\/github.com\/postmodern\/bundler-audit\"\u003Ebundler-audit\u003C\/a\u003E\u0026nbsp;is built on top of.\u0026nbsp;\u003C\/div\u003E\n\u003Cdiv\u003E\n\u003Cbr \/\u003E\u003C\/div\u003E\n\u003Cdiv\u003E\nSo to install this -\u0026nbsp;\u003C\/div\u003E\n\u003Cdiv\u003E\n\u003Cbr \/\u003E\u003C\/div\u003E\n\u003Cdiv\u003E\n\u003Cb\u003E\u003Cspan style=\"color: #3d85c6; font-family: Courier New, Courier, monospace;\"\u003Egem install bundler-audit\u003C\/span\u003E\u003C\/b\u003E\u003C\/div\u003E\n\u003Cdiv\u003E\n\u003Cb\u003E\u003Cspan style=\"color: #3d85c6;\"\u003E\u003Cbr \/\u003E\u003C\/span\u003E\u003C\/b\u003E\u003C\/div\u003E\n\u003Cdiv\u003E\nto run it, navigate to the directory where the Gemfile.lock is stored:\u003C\/div\u003E\n\u003Cdiv\u003E\n\u003Cbr \/\u003E\u003C\/div\u003E\n\u003Cdiv\u003E\n\u003Cb\u003E\u003Cspan style=\"color: #3d85c6; font-family: Courier New, Courier, monospace;\"\u003Ebundle-audit check\u003C\/span\u003E\u003C\/b\u003E\u003C\/div\u003E\n\u003Cdiv\u003E\n\u003Cbr \/\u003E\u003C\/div\u003E\n\u003Cdiv\u003E\nIf the application is using a vulnerable version of a gem, the output will look like...\u003C\/div\u003E\n\u003Cdiv\u003E\n\u003Cbr \/\u003E\u003C\/div\u003E\n\u003Cdiv class=\"separator\" style=\"clear: both; text-align: center;\"\u003E\n\u003C\/div\u003E\n\u003Cdiv\u003E\n\u003Cdiv class=\"separator\" style=\"clear: both; text-align: center;\"\u003E\n\u003Ca href=\"http:\/\/1.bp.blogspot.com\/-LHz0Rfm4dzI\/UWWHTa9uidI\/AAAAAAAAAp4\/166ssv3jFNk\/s1600\/bundle-audit.png\" imageanchor=\"1\" style=\"clear: left; float: left; margin-bottom: 1em; margin-right: 1em;\"\u003E\u003Cimg border=\"0\" height=\"212\" src=\"http:\/\/1.bp.blogspot.com\/-LHz0Rfm4dzI\/UWWHTa9uidI\/AAAAAAAAAp4\/166ssv3jFNk\/s640\/bundle-audit.png\" width=\"640\" \/\u003E\u003C\/a\u003E\u003C\/div\u003E\n\u003Cbr \/\u003E\u003C\/div\u003E\n\u003Cdiv\u003E\n\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Cbr \/\u003E\nThanks,\u003Cbr \/\u003E\n\u003Cbr \/\u003E\nKen (\u003Ca href=\"http:\/\/twitter.com\/cktricky\"\u003E@cktricky\u003C\/a\u003E)\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Cbr \/\u003E\u003C\/div\u003E\n"},"link":[{"rel":"replies","type":"application/atom+xml","href":"https:\/\/blog.carnal0wnage.com\/feeds\/1175922758209423558\/comments\/default","title":"Post Comments"},{"rel":"replies","type":"text/html","href":"https:\/\/www.blogger.com\/comment.g?blogID=8539880144347728238\u0026postID=1175922758209423558","title":"0 Comments"},{"rel":"edit","type":"application/atom+xml","href":"https:\/\/www.blogger.com\/feeds\/8539880144347728238\/posts\/default\/1175922758209423558"},{"rel":"self","type":"application/atom+xml","href":"https:\/\/www.blogger.com\/feeds\/8539880144347728238\/posts\/default\/1175922758209423558"},{"rel":"alternate","type":"text/html","href":"https:\/\/blog.carnal0wnage.com\/2013\/04\/bundler-audit-auditing-your-rubygems.html","title":"Bundler-Audit -\u003E Auditing your RubyGems"}],"author":[{"name":{"$t":"cktricky"},"uri":{"$t":"http:\/\/www.blogger.com\/profile\/16815248087217800849"},"email":{"$t":"noreply@blogger.com"},"gd$image":{"rel":"http://schemas.google.com/g/2005#thumbnail","width":"24","height":"32","src":"\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjzbwSNk_s0HvOxfbAtSl2FhHna2aB6Xo7-_ZCNbVXymFAuMWTQm3pW0F7uI4NvrI9QfGqrYukEzyCuhpx3mtzQ-TRFv4WxM_N4kzLnphfpUKuw0emNZXEl_B7_tnXLjAo\/s220\/myphoto.gif"}}],"media$thumbnail":{"xmlns$media":"http://search.yahoo.com/mrss/","url":"http:\/\/1.bp.blogspot.com\/-LHz0Rfm4dzI\/UWWHTa9uidI\/AAAAAAAAAp4\/166ssv3jFNk\/s72-c\/bundle-audit.png","height":"72","width":"72"},"thr$total":{"$t":"0"}},{"id":{"$t":"tag:blogger.com,1999:blog-8539880144347728238.post-2707593172403377701"},"published":{"$t":"2013-04-09T10:31:00.002-04:00"},"updated":{"$t":"2013-04-10T09:10:02.004-04:00"},"category":[{"scheme":"http://www.blogger.com/atom/ns#","term":"cktricky"}],"title":{"type":"text","$t":"Quick way to view ruby gems"},"content":{"type":"html","$t":"\u003Cbr \/\u003E\nThis post is a very short and very simple tip for easily opening a ruby gem up for closer inspection.\u003Cbr \/\u003E\n\u003Cbr \/\u003E\nWhen reviewing a Rails or Sinatra application (code review), it sometimes becomes necessary to view the libraries (ruby gems) that an application is including and using. Instead of navigating to the ~\/.rvm\/gems\/\u0026lt;version\u0026gt;@\u0026lt;gemset name\u0026gt; \u0026nbsp;directory (or wherever else the gems are stored) and opening them with your text editor of choice, you can instead leverage the power of bundler.\u003Cbr \/\u003E\n\u003Cbr \/\u003E\nFor your *nix based systems that leverage a bashrc, bash_profile, etc.\u003Cbr \/\u003E\n\u003Cbr \/\u003E\nopen your ~\/.bash_profile file (or whatever the appropriate bash file is)\u003Cbr \/\u003E\n\u003Cbr \/\u003E\nadd this line \u003Cb\u003E\u003Cspan style=\"color: #3d85c6; font-family: Courier New, Courier, monospace;\"\u003Eexport\u003C\/span\u003E\u003C\/b\u003E \u003Cspan style=\"color: #3d85c6; font-family: Courier New, Courier, monospace;\"\u003E\u003Cb\u003EBUNDLER_EDITOR=mate\u003C\/b\u003E\u003C\/span\u003E\u003Cbr \/\u003E\n\u003Cbr \/\u003E\nI chose \"mate\" because I use TextMate. Otherwise, just link to the appropriate editor executable.\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n(exit and save bash_profile)\u003Cbr \/\u003E\n\u003Cbr \/\u003E\ntype: \u003Cspan style=\"color: #3d85c6; font-family: Courier New, Courier, monospace;\"\u003E\u003Cb\u003Esource ~\/.bash_profile\u003C\/b\u003E\u003C\/span\u003E\u003Cbr \/\u003E\n\u003Cbr \/\u003E\nThen, navigate to an app that contains the Gemfile, and switch to the gemset or ruby version where these gems are contained, and choose a gem that you want to open...\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Cspan style=\"color: #3d85c6; font-family: Courier New, Courier, monospace;\"\u003E\u003Cb\u003Ebundle open \u0026lt;gem name\u0026gt;\u003C\/b\u003E\u003C\/span\u003E\u003Cbr \/\u003E\n\u003Cbr \/\u003E\nThat's all there is to it.\u003Cbr \/\u003E\n\u003Cbr \/\u003E\nKen (@cktricky)\u003Cbr \/\u003E\n\u003Cbr \/\u003E"},"link":[{"rel":"replies","type":"application/atom+xml","href":"https:\/\/blog.carnal0wnage.com\/feeds\/2707593172403377701\/comments\/default","title":"Post Comments"},{"rel":"replies","type":"text/html","href":"https:\/\/www.blogger.com\/comment.g?blogID=8539880144347728238\u0026postID=2707593172403377701","title":"0 Comments"},{"rel":"edit","type":"application/atom+xml","href":"https:\/\/www.blogger.com\/feeds\/8539880144347728238\/posts\/default\/2707593172403377701"},{"rel":"self","type":"application/atom+xml","href":"https:\/\/www.blogger.com\/feeds\/8539880144347728238\/posts\/default\/2707593172403377701"},{"rel":"alternate","type":"text/html","href":"https:\/\/blog.carnal0wnage.com\/2013\/04\/quick-way-to-view-ruby-gems.html","title":"Quick way to view ruby gems"}],"author":[{"name":{"$t":"cktricky"},"uri":{"$t":"http:\/\/www.blogger.com\/profile\/16815248087217800849"},"email":{"$t":"noreply@blogger.com"},"gd$image":{"rel":"http://schemas.google.com/g/2005#thumbnail","width":"24","height":"32","src":"\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjzbwSNk_s0HvOxfbAtSl2FhHna2aB6Xo7-_ZCNbVXymFAuMWTQm3pW0F7uI4NvrI9QfGqrYukEzyCuhpx3mtzQ-TRFv4WxM_N4kzLnphfpUKuw0emNZXEl_B7_tnXLjAo\/s220\/myphoto.gif"}}],"thr$total":{"$t":"0"}},{"id":{"$t":"tag:blogger.com,1999:blog-8539880144347728238.post-7499127700965956456"},"published":{"$t":"2012-12-31T17:25:00.000-05:00"},"updated":{"$t":"2012-12-31T17:27:33.372-05:00"},"category":[{"scheme":"http://www.blogger.com/atom/ns#","term":"cktricky"}],"title":{"type":"text","$t":"Basics of Rails Part 5"},"content":{"type":"html","$t":"\u003Cspan style=\"color: #6fa8dc;\"\u003EIf you'd like to skip coding this up or are having issues, you can find the application \u003Ca href=\"https:\/\/github.com\/cktricky\/attackresearch\"\u003Esource code here\u003C\/a\u003E.\u003C\/span\u003E\u003Cbr \/\u003E\n\u003Cspan style=\"color: #6fa8dc;\"\u003E\u003Cbr \/\u003E\u003C\/span\u003E\n\u003Cspan style=\"color: #6fa8dc;\"\u003ETo start at the code which represents the completion of Parts 1-5, do the following:\u003C\/span\u003E\u003Cbr \/\u003E\n\u003Cspan style=\"color: #6fa8dc;\"\u003E\u003Cbr \/\u003E\u003C\/span\u003E\n\u003Cspan style=\"color: #6fa8dc;\"\u003E$\u0026nbsp;git clone git:\/\/github.com\/cktricky\/attackresearch.git\u003C\/span\u003E\u003Cbr \/\u003E\n\u003Cspan style=\"color: #6fa8dc;\"\u003E\u003Cbr \/\u003E\u003C\/span\u003E\n\u003Cspan style=\"color: #6fa8dc;\"\u003E$\u0026nbsp;cd attackresearch\/\u003C\/span\u003E\u003Cbr \/\u003E\n\u003Cspan style=\"color: #6fa8dc;\"\u003E\u003Cbr \/\u003E\u003C\/span\u003E\n\u003Cspan style=\"color: #6fa8dc;\"\u003E$\u0026nbsp;git reset --hard 3c3003d0b087d64f60446f74bcb2deedca60691f\u003C\/span\u003E\u003Cbr \/\u003E\n\u003Cspan style=\"color: #6fa8dc;\"\u003E\u003Cbr \/\u003E\u003C\/span\u003E\n\u003Cspan style=\"color: #6fa8dc;\"\u003E$ bundle install\u003C\/span\u003E\u003Cbr \/\u003E\n\u003Cspan style=\"color: #6fa8dc;\"\u003E\u003Cbr \/\u003E\u003C\/span\u003E\n\u003Cspan style=\"color: #6fa8dc;\"\u003E$\u0026nbsp;rake db:create db:migrate unicorn:start[4444]\u003C\/span\u003E\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n=========== Part 5 Code and Walkthrough ==============\u003Cbr \/\u003E\n\u003Cbr \/\u003E\nThe first thing we need to do in this post is correct a mistake in the last post.\u003Cbr \/\u003E\n\u003Cbr \/\u003E\nType the following to change the model \"Users\" to it's singular form \"User\". If you don't, it will cause problems with Rails routing.\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Cspan style=\"font-family: Courier New, Courier, monospace;\"\u003E$ rails d model Users\u003C\/span\u003E\u003Cbr \/\u003E\n\u003Cspan style=\"font-family: Courier New, Courier, monospace;\"\u003E\u003Cbr \/\u003E\u003C\/span\u003E\n\u003Cspan style=\"font-family: Courier New, Courier, monospace;\"\u003E$ rails g model User first_name:string last_name:string email:string password_hash:string password_salt:string admin:boolean\u003C\/span\u003E\u003Cbr \/\u003E\n\u003Cspan style=\"font-family: Courier New, Courier, monospace;\"\u003E\u003Cbr \/\u003E\u003C\/span\u003E\n\u003Cspan style=\"font-family: Courier New, Courier, monospace;\"\u003E$\u0026nbsp;rake db:drop\u003C\/span\u003E\u003Cbr \/\u003E\n\u003Cspan style=\"font-family: Courier New, Courier, monospace;\"\u003E\u003Cbr \/\u003E\u003C\/span\u003E\n\u003Cspan style=\"font-family: Courier New, Courier, monospace;\"\u003E$\u0026nbsp;rake db:create\u003C\/span\u003E\u003Cbr \/\u003E\n\u003Cspan style=\"font-family: Courier New, Courier, monospace;\"\u003E\u003Cbr \/\u003E\u003C\/span\u003E\n\u003Cspan style=\"font-family: Courier New, Courier, monospace;\"\u003E$ rvmsudo rake db:migrate\u003C\/span\u003E\u003Cbr \/\u003E\n\u003Cspan style=\"font-family: Courier New, Courier, monospace;\"\u003E\u003Cbr \/\u003E\u003C\/span\u003E\n\u003Cbr \/\u003E\n\u003Cspan style=\"font-family: inherit;\"\u003EAlso, a small but important detail, please ensure within your Gemfile you change:\u003C\/span\u003E\u003Cbr \/\u003E\n\u003Cspan style=\"font-family: inherit;\"\u003E\u003Cbr \/\u003E\u003C\/span\u003E\u003Cspan style=\"font-family: Courier New, Courier, monospace;\"\u003Egem 'bcrypt-ruby', '~\u0026gt; 3.0.0'\u0026nbsp;\u003C\/span\u003E\u003Cbr \/\u003E\n\u003Cbr \/\u003E\nto\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Cspan style=\"font-family: Courier New, Courier, monospace;\"\u003Egem 'bcrypt-ruby', '~\u0026gt; 3.0.0', :require =\u0026gt; 'bcrypt'\u003C\/span\u003E\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Cbr \/\u003E\nNow........back to the series. So, we last left off where a login page was visible when browsing to your site but it didn't really \u003Ci\u003Edo\u003C\/i\u003E\u0026nbsp;anything. \u0026nbsp;Time to rectify that.\u003Cbr \/\u003E\n\u003Cbr \/\u003E\nWithin the Sessions controller, a \u003Ci\u003Ecreate\u003C\/i\u003E\u0026nbsp;method was defined and in it we called the User model's method, \"authenticate\". We have yet to define this \"authenticate\" method so let's do that now.\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Ctable align=\"center\" cellpadding=\"0\" cellspacing=\"0\" class=\"tr-caption-container\" style=\"margin-left: auto; margin-right: auto; text-align: center;\"\u003E\u003Ctbody\u003E\n\u003Ctr\u003E\u003Ctd style=\"text-align: center;\"\u003E\u003Ca href=\"http:\/\/1.bp.blogspot.com\/-9Vx7nvZuN4Q\/UM5jDRQf32I\/AAAAAAAAAmA\/Z1sehTZ14rY\/s1600\/user_auth_method.png\" imageanchor=\"1\" style=\"margin-left: auto; margin-right: auto;\"\u003E\u003Cimg border=\"0\" height=\"235\" src=\"http:\/\/1.bp.blogspot.com\/-9Vx7nvZuN4Q\/UM5jDRQf32I\/AAAAAAAAAmA\/Z1sehTZ14rY\/s640\/user_auth_method.png\" width=\"640\" \/\u003E\u003C\/a\u003E\u003C\/td\u003E\u003C\/tr\u003E\n\u003Ctr\u003E\u003Ctd class=\"tr-caption\" style=\"text-align: center;\"\u003ELocated at \/app\/models\/user.rb\u003C\/td\u003E\u003C\/tr\u003E\n\u003C\/tbody\u003E\u003C\/table\u003E\n\u003Cbr \/\u003E\n\u003Cdiv\u003E\nAlso, we are going to add an encrypt method and call it using the \"before_save\" Rails method. Basically, we are going to instruct the User model to call encrypt_password when the \"save\" method is called. For example:\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Cspan style=\"font-family: Courier New, Courier, monospace;\"\u003Eme = User.new\u003C\/span\u003E\u003Cbr \/\u003E\n\u003Cspan style=\"font-family: Courier New, Courier, monospace;\"\u003Eme.email = \"test@ar.com\"\u003C\/span\u003E\u003Cbr \/\u003E\n\u003Cspan style=\"font-family: Courier New, Courier, monospace;\"\u003Eme.password = \"test\"\u003C\/span\u003E\u003Cbr \/\u003E\n\u003Cspan style=\"font-family: Courier New, Courier, monospace;\"\u003Eme.password_confirmation = \"test\"\u003C\/span\u003E\u003Cbr \/\u003E\n\u003Cspan style=\"font-family: Courier New, Courier, monospace;\"\u003Eme.save\u003C\/span\u003E \u0026lt;~ at this point, any \"before_save\" methods get called\u003Cbr \/\u003E\n\u003Cbr \/\u003E\nSo when you see something like \u003Cspan style=\"font-family: Courier New, Courier, monospace;\"\u003Euser = User.new\u003C\/span\u003E and \u003Cspan style=\"font-family: Courier New, Courier, monospace;\"\u003Euser.save\u003C\/span\u003E\u003Cspan style=\"font-family: inherit;\"\u003E\u0026nbsp;you know that the encrypt_password method will be called by Rails prior to saving the user data because of the \"before_save\" definition on line 4\u003C\/span\u003E\u003Cspan style=\"font-family: inherit;\"\u003E.\u003C\/span\u003E\u003C\/div\u003E\n\u003Cdiv\u003E\n\u003Cbr \/\u003E\u003C\/div\u003E\n\u003Cdiv class=\"separator\" style=\"clear: both; text-align: center;\"\u003E\n\u003Ca href=\"http:\/\/4.bp.blogspot.com\/-y7Q5Cy7ODBk\/UM5pfK9Mr5I\/AAAAAAAAAmc\/VXszc6zIkv4\/s1600\/user_encrypt_method.png\" imageanchor=\"1\" style=\"margin-left: 1em; margin-right: 1em;\"\u003E\u003Cimg border=\"0\" height=\"352\" src=\"http:\/\/4.bp.blogspot.com\/-y7Q5Cy7ODBk\/UM5pfK9Mr5I\/AAAAAAAAAmc\/VXszc6zIkv4\/s640\/user_encrypt_method.png\" width=\"640\" \/\u003E\u003C\/a\u003E\u003C\/div\u003E\n\u003Cdiv\u003E\n\u003Cbr \/\u003E\nNow we have to add a few more things:\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Cspan style=\"font-family: Courier New, Courier, monospace;\"\u003Eattr_accessor :password\u003C\/span\u003E\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Cspan style=\"font-family: Courier New, Courier, monospace;\"\u003Evalidates_confirmation_of :password\u003C\/span\u003E\u003Cbr \/\u003E\n\u003Cspan style=\"font-family: Courier New, Courier, monospace;\"\u003Evalidates_presence_of :password, :on =\u0026gt; :create\u003C\/span\u003E\u003Cbr \/\u003E\n\u003Cspan style=\"font-family: Courier New, Courier, monospace;\"\u003Evalidates_presence_of :email\u003C\/span\u003E\u003Cbr \/\u003E\n\u003Cspan style=\"font-family: Courier New, Courier, monospace;\"\u003Evalidates_uniqueness_of :email\u003C\/span\u003E\u003Cbr \/\u003E\n\u003Cspan style=\"font-family: Courier New, Courier, monospace;\"\u003E\u003Cbr \/\u003E\u003C\/span\u003E\n\u003Cspan style=\"font-family: inherit;\"\u003EThese are basically Rails validation functions that get called when attempting to save the state of an object that represents a User. The exception being \"attr_accessor\", which is a standard Ruby call that allows an object to be both a getter \u0026amp; setter.\u003C\/span\u003E\u003Cbr \/\u003E\n\u003Cspan style=\"font-family: inherit;\"\u003E\u003Cbr \/\u003E\u003C\/span\u003E\nOkay, now let's see what it looks like.\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Cdiv class=\"separator\" style=\"clear: both; text-align: center;\"\u003E\n\u003Ca href=\"http:\/\/1.bp.blogspot.com\/-B6YiKs54wDg\/UM5q_uWMkQI\/AAAAAAAAAmk\/K6i1RYfMyJo\/s1600\/user_model_finished.png\" imageanchor=\"1\" style=\"margin-left: 1em; margin-right: 1em;\"\u003E\u003Cimg border=\"0\" height=\"420\" src=\"http:\/\/1.bp.blogspot.com\/-B6YiKs54wDg\/UM5q_uWMkQI\/AAAAAAAAAmk\/K6i1RYfMyJo\/s640\/user_model_finished.png\" width=\"640\" \/\u003E\u003C\/a\u003E\u003C\/div\u003E\n\u003Cbr \/\u003E\n\u003Cspan style=\"font-family: inherit;\"\u003EAlright, so now we have a login page that does something but we need to create users. For this application's purpose, we are going to allow user's to signup. Let's provide a link for this purpose on the login page and even further, let's create a navigation bar at the top. We want this navigation bar visible on every page visited by the user. Easiest way to do that is to make it systemic and place it within the application.html.erb file under the layouts folder. Unless\u0026nbsp;\u003C\/span\u003Eoverridden\u003Cspan style=\"font-family: inherit;\"\u003E, all views will inherit the\u0026nbsp;\u003C\/span\u003Eproperties\u003Cspan style=\"font-family: inherit;\"\u003E\u0026nbsp;specified in this file (navigation bar, for example).\u003C\/span\u003E\u003Cbr \/\u003E\n\u003Cspan style=\"font-family: inherit;\"\u003E\u003Cbr \/\u003E\u003C\/span\u003E\n\u003Cbr \/\u003E\n\u003Ctable align=\"center\" cellpadding=\"0\" cellspacing=\"0\" class=\"tr-caption-container\" style=\"margin-left: auto; margin-right: auto; text-align: center;\"\u003E\u003Ctbody\u003E\n\u003Ctr\u003E\u003Ctd style=\"text-align: center;\"\u003E\u003Ca href=\"http:\/\/1.bp.blogspot.com\/-jffuoN4REf0\/UN_DtXfnIqI\/AAAAAAAAAm4\/ue3hwH783iU\/s1600\/app_html_erb.png\" imageanchor=\"1\" style=\"margin-left: auto; margin-right: auto;\"\u003E\u003Cimg border=\"0\" height=\"618\" src=\"http:\/\/1.bp.blogspot.com\/-jffuoN4REf0\/UN_DtXfnIqI\/AAAAAAAAAm4\/ue3hwH783iU\/s640\/app_html_erb.png\" width=\"640\" \/\u003E\u003C\/a\u003E\u003C\/td\u003E\u003C\/tr\u003E\n\u003Ctr\u003E\u003Ctd class=\"tr-caption\" style=\"text-align: center;\"\u003ELocated at \/app\/views\/layouts\/application.html.erb\u003C\/td\u003E\u003C\/tr\u003E\n\u003C\/tbody\u003E\u003C\/table\u003E\n\u003Cspan style=\"font-family: inherit;\"\u003E\u003Cbr \/\u003E\u003C\/span\u003E\u003Cspan style=\"font-family: inherit;\"\u003EWithout explaining all of Twitter-Bootstrap, one important thing to note is the class names of the HTML tags (ex: \u0026lt;div class=\"nav\"\u0026gt;) are how we associate an HTML element with a Twitter-Bootstrap defined style.\u003C\/span\u003E\u003Cbr \/\u003E\n\u003Cspan style=\"font-family: inherit;\"\u003E\u003Cbr \/\u003E\u003C\/span\u003E\n\u003Cspan style=\"font-family: inherit;\"\u003EThe logic portion, the portion that belongs to Ruby and Rails, are Lines 13 -18. Effectively we are asking if the user (current_user) visiting the page is authenticated (exists), if they are (do exist), show a link to the logout path. Otherwise, render a login and signup path link.\u003C\/span\u003E\u003Cbr \/\u003E\n\u003Cspan style=\"font-family: inherit;\"\u003E\u003Cbr \/\u003E\u003C\/span\u003E\nYou are probably wondering where link_to and current_user come from. Rails provides built-in methods and you'll notice, in the views, they are typically placed between \u0026lt;%= and %\u0026gt;. So, link_to is a built in method. However, current_user is defined by us within the application controller and is NOT a built-in method.\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Ctable align=\"center\" cellpadding=\"0\" cellspacing=\"0\" class=\"tr-caption-container\" style=\"margin-left: auto; margin-right: auto; text-align: center;\"\u003E\u003Ctbody\u003E\n\u003Ctr\u003E\u003Ctd style=\"text-align: center;\"\u003E\u003Ca href=\"http:\/\/3.bp.blogspot.com\/-FUfrmaH-H54\/UN_TYV0zYwI\/AAAAAAAAAnM\/cMz7BSYOYmA\/s1600\/app_controller_first.png\" imageanchor=\"1\" style=\"margin-left: auto; margin-right: auto;\"\u003E\u003Cimg border=\"0\" height=\"306\" src=\"http:\/\/3.bp.blogspot.com\/-FUfrmaH-H54\/UN_TYV0zYwI\/AAAAAAAAAnM\/cMz7BSYOYmA\/s640\/app_controller_first.png\" width=\"640\" \/\u003E\u003C\/a\u003E\u003C\/td\u003E\u003C\/tr\u003E\n\u003Ctr\u003E\u003Ctd class=\"tr-caption\" style=\"text-align: center;\"\u003ELocated at \/app\/controllers\/application_controller.rb\u003C\/td\u003E\u003C\/tr\u003E\n\u003C\/tbody\u003E\u003C\/table\u003E\n\u003Cspan style=\"font-family: inherit;\"\u003ENotice on line 8 we define a method called current_user. This pulls a\u0026nbsp;\u003C\/span\u003Euser_id value\u0026nbsp;\u003Cspan style=\"font-family: inherit;\"\u003Efrom the Rails session. In order to make the current_user method accessible outside of just this controller and extend it to the view, we have annotated it as a helper_method on line 4.\u003C\/span\u003E\u003Cbr \/\u003E\n\u003Cspan style=\"font-family: inherit;\"\u003E\u003Cbr \/\u003E\u003C\/span\u003E\nThe next thing we need to do now is actually make the signup page.\u0026nbsp;First, let's modify the attributes that are mass assignable via attr_accessilbe in the user model file.\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Cdiv class=\"separator\" style=\"clear: both; text-align: center;\"\u003E\n\u003Ca href=\"http:\/\/2.bp.blogspot.com\/-QQ1ZxXD5cfw\/UN_b-zy4ljI\/AAAAAAAAAng\/izKUguJHWX8\/s1600\/user_model_attr_accessible.png\" imageanchor=\"1\" style=\"margin-left: 1em; margin-right: 1em;\"\u003E\u003Cimg border=\"0\" height=\"82\" src=\"http:\/\/2.bp.blogspot.com\/-QQ1ZxXD5cfw\/UN_b-zy4ljI\/AAAAAAAAAng\/izKUguJHWX8\/s640\/user_model_attr_accessible.png\" width=\"640\" \/\u003E\u003C\/a\u003E\u003C\/div\u003E\n\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Cspan style=\"font-family: inherit;\"\u003ENext, review the users_controller.rb file and add the methods new \u0026amp; create. When new is called, instantiate a new blank User object (@user). Under the create method, we can modify a new user element leveraging the parameters submitted by the user (email, password, password_confirmation) to create the user.\u0026nbsp;\u003C\/span\u003E\u003Cbr \/\u003E\n\u003Cspan style=\"font-family: inherit;\"\u003E\u003Cbr \/\u003E\u003C\/span\u003E\n\u003Cbr \/\u003E\n\u003Cdiv class=\"separator\" style=\"clear: both; text-align: center;\"\u003E\n\u003Ca href=\"http:\/\/4.bp.blogspot.com\/-_hKfqPbg4HY\/UN_eLSQhgEI\/AAAAAAAAAn0\/BQdM80v6daQ\/s1600\/user_controller.png\" imageanchor=\"1\" style=\"margin-left: 1em; margin-right: 1em;\"\u003E\u003Cimg border=\"0\" height=\"255\" src=\"http:\/\/4.bp.blogspot.com\/-_hKfqPbg4HY\/UN_eLSQhgEI\/AAAAAAAAAn0\/BQdM80v6daQ\/s400\/user_controller.png\" width=\"400\" \/\u003E\u003C\/a\u003E\u003C\/div\u003E\n\u003Cspan style=\"font-family: inherit;\"\u003E\u003Cbr \/\u003E\u003C\/span\u003E\n\u003Cspan style=\"font-family: inherit;\"\u003EExplanation of the Intended Flow -\u0026nbsp;\u003C\/span\u003E\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Cul\u003E\n\u003Cli\u003E\u003Cspan style=\"font-family: inherit;\"\u003EUser clicks \"signup\" and is sent to \/signup (GET request).\u0026nbsp;\u003C\/span\u003E\u003C\/li\u003E\n\u003Cli\u003E\u003Cspan style=\"font-family: inherit;\"\u003EUser is routed to the \"new\" action within the \"user\" controller and then the HTML content is rendered from - \/app\/views\/users\/new.html.erb.\u0026nbsp;\u003C\/span\u003E\u003C\/li\u003E\n\u003Cli\u003E\u003Cspan style=\"font-family: inherit;\"\u003EUpon filling in the form data presented via new.html.erb, the user clicks \"submit\" and this data is sent off, this time in a POST request, to \/users.\u0026nbsp;\u003C\/span\u003E\u003C\/li\u003E\n\u003Cli\u003E\u003Cspan style=\"font-family: inherit;\"\u003EThe POST request to \/users translates to the \"create\" action within the \"user\" controller.\u0026nbsp;\u003C\/span\u003E\u003C\/li\u003E\n\u003C\/ul\u003E\n\u003Cbr \/\u003E\n\u003Cspan style=\"font-family: inherit;\"\u003E\u003Cbr \/\u003E\u003C\/span\u003E\n\u003Cspan style=\"font-family: inherit;\"\u003ENow, obviously we are missing something.....we need a signup page! Let's code that up under new.html.erb.\u003C\/span\u003E\u003Cbr \/\u003E\n\u003Cspan style=\"font-family: inherit;\"\u003E\u003Cbr \/\u003E\u003C\/span\u003E\n\u003Cbr \/\u003E\n\u003Ctable align=\"center\" cellpadding=\"0\" cellspacing=\"0\" class=\"tr-caption-container\" style=\"margin-left: auto; margin-right: auto; text-align: center;\"\u003E\u003Ctbody\u003E\n\u003Ctr\u003E\u003Ctd style=\"text-align: center;\"\u003E\u003Ca href=\"http:\/\/1.bp.blogspot.com\/-u9guwbEvpqE\/UOHkdhBBNDI\/AAAAAAAAAoI\/IsisN9hFKAs\/s1600\/new_html_user_controller.png\" imageanchor=\"1\" style=\"margin-left: auto; margin-right: auto;\"\u003E\u003Cimg border=\"0\" height=\"450\" src=\"http:\/\/1.bp.blogspot.com\/-u9guwbEvpqE\/UOHkdhBBNDI\/AAAAAAAAAoI\/IsisN9hFKAs\/s640\/new_html_user_controller.png\" width=\"640\" \/\u003E\u003C\/a\u003E\u003C\/td\u003E\u003C\/tr\u003E\n\u003Ctr\u003E\u003Ctd class=\"tr-caption\" style=\"text-align: center;\"\u003E\/app\/views\/users\/new.html.erb\u003C\/td\u003E\u003C\/tr\u003E\n\u003C\/tbody\u003E\u003C\/table\u003E\n\u003Cspan style=\"font-family: inherit;\"\u003E\u003Cbr \/\u003E\u003C\/span\u003E\n\u003Cspan style=\"font-family: inherit;\"\u003EThe internals of Rails and how we are able to treat @user as an enumerable object and create label tags and text field tags might be a little too complicated for this post. That being said, basically, the @user object (defined in the User controller under the new action - ex: @user = User.new) has properties associated with it such as email, password, and password confirmation. When Rails renders the view, it generates the parameter names based off the code in this file. In the end, the parameters will look like something like user[email] and user[password_confirmation], for example. Here is what the actual request looks like in Burp...\u003C\/span\u003E\u003Cbr \/\u003E\n\u003Cspan style=\"font-family: inherit;\"\u003E\u003Cbr \/\u003E\u003C\/span\u003E\n\u003Cbr \/\u003E\n\u003Ctable align=\"center\" cellpadding=\"0\" cellspacing=\"0\" class=\"tr-caption-container\" style=\"margin-left: auto; margin-right: auto; text-align: center;\"\u003E\u003Ctbody\u003E\n\u003Ctr\u003E\u003Ctd style=\"text-align: center;\"\u003E\u003Ca href=\"http:\/\/1.bp.blogspot.com\/-UgVhh6_9vSI\/UOHp6RVblRI\/AAAAAAAAAoc\/JqjHeyyIO4s\/s1600\/signup_1.png\" imageanchor=\"1\" style=\"margin-left: auto; margin-right: auto;\"\u003E\u003Cimg border=\"0\" height=\"342\" src=\"http:\/\/1.bp.blogspot.com\/-UgVhh6_9vSI\/UOHp6RVblRI\/AAAAAAAAAoc\/JqjHeyyIO4s\/s400\/signup_1.png\" width=\"400\" \/\u003E\u003C\/a\u003E\u003C\/td\u003E\u003C\/tr\u003E\n\u003Ctr\u003E\u003Ctd class=\"tr-caption\" style=\"text-align: center;\"\u003ESignup form generated by the code within \/app\/views\/users\/new.html.erb\u003C\/td\u003E\u003C\/tr\u003E\n\u003C\/tbody\u003E\u003C\/table\u003E\n\u003Cbr \/\u003E\n\u003Ctable align=\"center\" cellpadding=\"0\" cellspacing=\"0\" class=\"tr-caption-container\" style=\"margin-left: auto; margin-right: auto; text-align: center;\"\u003E\u003Ctbody\u003E\n\u003Ctr\u003E\u003Ctd style=\"text-align: center;\"\u003E\u003Ca href=\"http:\/\/1.bp.blogspot.com\/-Lvf2Y47OxBU\/UOHp7WlwJwI\/AAAAAAAAAok\/LpSnDqmgfJQ\/s1600\/signup_2.png\" imageanchor=\"1\" style=\"margin-left: auto; margin-right: auto;\"\u003E\u003Cimg border=\"0\" height=\"254\" src=\"http:\/\/1.bp.blogspot.com\/-Lvf2Y47OxBU\/UOHp7WlwJwI\/AAAAAAAAAok\/LpSnDqmgfJQ\/s640\/signup_2.png\" width=\"640\" \/\u003E\u003C\/a\u003E\u003C\/td\u003E\u003C\/tr\u003E\n\u003Ctr\u003E\u003Ctd class=\"tr-caption\" style=\"text-align: center;\"\u003ERaw request of signup form submission captured.\u003C\/td\u003E\u003C\/tr\u003E\n\u003C\/tbody\u003E\u003C\/table\u003E\n\u003Cspan style=\"font-family: inherit;\"\u003E\u003Cbr \/\u003E\u003C\/span\u003E\nOkay, so, now we have registered a user. The last piece here is to have a home page to view after successful authentication and also code the logout link logic so that it actually \u003Ci\u003Edoes\u003C\/i\u003E\u0026nbsp;something.\u003Cbr \/\u003E\n\u003Cbr \/\u003E\nIn order to do this, let's make a quick change in the sessions controller. Under the create method, we change home_path to home_index_path as well as create a destroy method which calls\u003Ci\u003E\u0026nbsp;\u003C\/i\u003Ethe Rails method\u0026nbsp;\u003Ci\u003E\"\u003C\/i\u003Ereset_session\" and redirects the user back to the root_url. Also, remove the content within the index action under the home controller.\u003Cbr \/\u003E\n\u003Cbr \/\u003E\nOkay, here is what I mean...\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Ctable align=\"center\" cellpadding=\"0\" cellspacing=\"0\" class=\"tr-caption-container\" style=\"margin-left: auto; margin-right: auto; text-align: center;\"\u003E\u003Ctbody\u003E\n\u003Ctr\u003E\u003Ctd style=\"text-align: center;\"\u003E\u003Ca href=\"http:\/\/2.bp.blogspot.com\/-yoWxEjZyL5g\/UOHyKRPyPMI\/AAAAAAAAAo8\/9CCoU0ga_Mg\/s1600\/session_controller.png\" imageanchor=\"1\" style=\"margin-left: auto; margin-right: auto;\"\u003E\u003Cimg border=\"0\" height=\"371\" src=\"http:\/\/2.bp.blogspot.com\/-yoWxEjZyL5g\/UOHyKRPyPMI\/AAAAAAAAAo8\/9CCoU0ga_Mg\/s640\/session_controller.png\" width=\"640\" \/\u003E\u003C\/a\u003E\u003C\/td\u003E\u003C\/tr\u003E\n\u003Ctr\u003E\u003Ctd class=\"tr-caption\" style=\"text-align: center;\"\u003ESession Controller - Note changes on Lines 9 and additions on Lines 16-19.\u003C\/td\u003E\u003C\/tr\u003E\n\u003C\/tbody\u003E\u003C\/table\u003E\n\u003Cbr \/\u003E\n\u003Ctable align=\"center\" cellpadding=\"0\" cellspacing=\"0\" class=\"tr-caption-container\" style=\"margin-left: auto; margin-right: auto; text-align: center;\"\u003E\u003Ctbody\u003E\n\u003Ctr\u003E\u003Ctd style=\"text-align: center;\"\u003E\u003Ca href=\"http:\/\/2.bp.blogspot.com\/-5BrPgfiqNSA\/UOHyPH1BLII\/AAAAAAAAApE\/liINS8Dh2sQ\/s1600\/home_controller.png\" imageanchor=\"1\" style=\"margin-left: auto; margin-right: auto;\"\u003E\u003Cimg border=\"0\" height=\"255\" src=\"http:\/\/2.bp.blogspot.com\/-5BrPgfiqNSA\/UOHyPH1BLII\/AAAAAAAAApE\/liINS8Dh2sQ\/s400\/home_controller.png\" width=\"400\" \/\u003E\u003C\/a\u003E\u003C\/td\u003E\u003C\/tr\u003E\n\u003Ctr\u003E\u003Ctd class=\"tr-caption\" style=\"text-align: center;\"\u003EHome Controller - Note that the code contained within the index action has been removed.\u003C\/td\u003E\u003C\/tr\u003E\n\u003C\/tbody\u003E\u003C\/table\u003E\nYou should be able to complete the authentication flow now! Stayed tuned for Part 6.\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Cb\u003ENote: If you see any security holes in some of the code shown in this series please remember that's kind of the point and refrain from commenting until later.\u003C\/b\u003E\u003Cbr \/\u003E\n\u003Cbr \/\u003E\u003C\/div\u003E\n"},"link":[{"rel":"replies","type":"application/atom+xml","href":"https:\/\/blog.carnal0wnage.com\/feeds\/7499127700965956456\/comments\/default","title":"Post Comments"},{"rel":"replies","type":"text/html","href":"https:\/\/www.blogger.com\/comment.g?blogID=8539880144347728238\u0026postID=7499127700965956456","title":"6 Comments"},{"rel":"edit","type":"application/atom+xml","href":"https:\/\/www.blogger.com\/feeds\/8539880144347728238\/posts\/default\/7499127700965956456"},{"rel":"self","type":"application/atom+xml","href":"https:\/\/www.blogger.com\/feeds\/8539880144347728238\/posts\/default\/7499127700965956456"},{"rel":"alternate","type":"text/html","href":"https:\/\/blog.carnal0wnage.com\/2012\/12\/basics-of-rails-part-5.html","title":"Basics of Rails Part 5"}],"author":[{"name":{"$t":"cktricky"},"uri":{"$t":"http:\/\/www.blogger.com\/profile\/16815248087217800849"},"email":{"$t":"noreply@blogger.com"},"gd$image":{"rel":"http://schemas.google.com/g/2005#thumbnail","width":"24","height":"32","src":"\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjzbwSNk_s0HvOxfbAtSl2FhHna2aB6Xo7-_ZCNbVXymFAuMWTQm3pW0F7uI4NvrI9QfGqrYukEzyCuhpx3mtzQ-TRFv4WxM_N4kzLnphfpUKuw0emNZXEl_B7_tnXLjAo\/s220\/myphoto.gif"}}],"media$thumbnail":{"xmlns$media":"http://search.yahoo.com/mrss/","url":"http:\/\/1.bp.blogspot.com\/-9Vx7nvZuN4Q\/UM5jDRQf32I\/AAAAAAAAAmA\/Z1sehTZ14rY\/s72-c\/user_auth_method.png","height":"72","width":"72"},"thr$total":{"$t":"6"}},{"id":{"$t":"tag:blogger.com,1999:blog-8539880144347728238.post-2105976084958024040"},"published":{"$t":"2012-10-30T17:11:00.001-04:00"},"updated":{"$t":"2012-10-30T17:11:06.890-04:00"},"category":[{"scheme":"http://www.blogger.com/atom/ns#","term":"cktricky"}],"title":{"type":"text","$t":"Basics of Rails Part 4"},"content":{"type":"html","$t":"In this portion of the series, we will create the foundation for a login page and deal a little bit more with the Model portion of MVC.\u003Cbr \/\u003E\n\u003Cbr \/\u003E\nWe need to be able to assign the following information to a user.\u003Cbr \/\u003E\n\u003Cul\u003E\n\u003Cli\u003EFirst Name\u003C\/li\u003E\n\u003Cli\u003ELast Name\u003C\/li\u003E\n\u003Cli\u003EEmail Address\u003C\/li\u003E\n\u003Cli\u003EPassword\u003C\/li\u003E\n\u003Cli\u003EAdmin (true\/false)\u003C\/li\u003E\n\u003C\/ul\u003E\nThis is where the Model comes in. Before we jump into that, let's create a Users controller similar to the way we create a Home controller in the last post.\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Ctable align=\"center\" cellpadding=\"0\" cellspacing=\"0\" class=\"tr-caption-container\" style=\"margin-left: auto; margin-right: auto; text-align: center;\"\u003E\u003Ctbody\u003E\n\u003Ctr\u003E\u003Ctd style=\"text-align: center;\"\u003E\u003Ca href=\"http:\/\/2.bp.blogspot.com\/-ZvKXoKx_Vmk\/UIM5kHJlV-I\/AAAAAAAAAiY\/aqvWtzYmQiY\/s1600\/users_controller_generate.png\" imageanchor=\"1\" style=\"margin-left: auto; margin-right: auto;\"\u003E\u003Cimg border=\"0\" height=\"273\" src=\"http:\/\/2.bp.blogspot.com\/-ZvKXoKx_Vmk\/UIM5kHJlV-I\/AAAAAAAAAiY\/aqvWtzYmQiY\/s640\/users_controller_generate.png\" width=\"640\" \/\u003E\u003C\/a\u003E\u003C\/td\u003E\u003C\/tr\u003E\n\u003Ctr\u003E\u003Ctd class=\"tr-caption\" style=\"text-align: center;\"\u003ENote that the \"new\" following Users simply states that a \"new\" action (method) will be automatically defined in the controller for you.\u0026nbsp;\u003C\/td\u003E\u003C\/tr\u003E\n\u003C\/tbody\u003E\u003C\/table\u003E\nAlso, we should briefly cover how you connect to a database with Rails. In this tutorial, we will stick with the default configuration\/database, SQLite. Navigate to config\/database.yml:\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Cdiv class=\"separator\" style=\"clear: both; text-align: center;\"\u003E\n\u003Ca href=\"http:\/\/2.bp.blogspot.com\/-Jkzfj4Xax_E\/UINAJL9zxDI\/AAAAAAAAAiw\/K5UL0YJwIiI\/s1600\/database.yml.png\" imageanchor=\"1\" style=\"margin-left: 1em; margin-right: 1em;\"\u003E\u003Cimg border=\"0\" height=\"325\" src=\"http:\/\/2.bp.blogspot.com\/-Jkzfj4Xax_E\/UINAJL9zxDI\/AAAAAAAAAiw\/K5UL0YJwIiI\/s400\/database.yml.png\" width=\"400\" \/\u003E\u003C\/a\u003E\u003C\/div\u003E\n\u003Cbr \/\u003E\nIf you remember Part 2 of the series, we covered the 3 default modes of Rails. This is the reason there are 3 different database configurations in this file. It is useful as your local development environment database will differ from Production (ex: database username, password, and host would\/should be different).\u003Cbr \/\u003E\n\u003Cbr \/\u003E\nWhen we are running in development mode, the database we will be using will be db\/development.sqlite3 as specified on line 8. The naming convention refers to it's location and filename.\u003Cbr \/\u003E\n\u003Cbr \/\u003E\nSo nothing really to change there, let's go ahead and create the model.\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Cdiv class=\"separator\" style=\"clear: both; text-align: center;\"\u003E\n\u003Ca href=\"http:\/\/1.bp.blogspot.com\/-MyZnSzoZOZk\/UINQST5jMHI\/AAAAAAAAAjI\/fcIuaCCzKPA\/s1600\/users_model_generate.png\" imageanchor=\"1\" style=\"margin-left: 1em; margin-right: 1em;\"\u003E\u003Cimg border=\"0\" height=\"156\" src=\"http:\/\/1.bp.blogspot.com\/-MyZnSzoZOZk\/UINQST5jMHI\/AAAAAAAAAjI\/fcIuaCCzKPA\/s640\/users_model_generate.png\" width=\"640\" \/\u003E\u003C\/a\u003E\u003C\/div\u003E\n\u003Cbr \/\u003E\nCommand(s) Breakdown:\u003Cbr \/\u003E\n\u003Cul\u003E\n\u003Cli\u003Erails - Invoking a Rails\u0026nbsp;command\u003C\/li\u003E\n\u003Cli\u003Eg - Short for generate, used to generate Rails items\u003C\/li\u003E\n\u003Cli\u003Emodel - specifies that we are generating a model\u003C\/li\u003E\n\u003Cli\u003EUsers - the name of the model which, actually refers to both the model (app\/models\/users.rb) and a table in the database\u003C\/li\u003E\n\u003Cli\u003Efirst_name:string (etc.) - The first portion is the name of the column in the table and the second part (string) identifies the variable type to be stored in the database.\u003C\/li\u003E\n\u003C\/ul\u003E\nNow, upon generation, the model is created but the db table\/columns do not yet exist. To make this happen, let's run rake db:migrate.\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Cdiv class=\"separator\" style=\"clear: both; text-align: center;\"\u003E\n\u003Ca href=\"http:\/\/4.bp.blogspot.com\/-ZyMvoqKcVik\/UIp7GoloE3I\/AAAAAAAAAjg\/6iLLhV7XLJc\/s1600\/rake_db_migrate_users.png\" imageanchor=\"1\" style=\"margin-left: 1em; margin-right: 1em;\"\u003E\u003Cimg border=\"0\" height=\"180\" src=\"http:\/\/4.bp.blogspot.com\/-ZyMvoqKcVik\/UIp7GoloE3I\/AAAAAAAAAjg\/6iLLhV7XLJc\/s640\/rake_db_migrate_users.png\" width=\"640\" \/\u003E\u003C\/a\u003E\u003C\/div\u003E\n\u003Cbr \/\u003E\nTo give you a visual of what was just created...\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Ctable align=\"center\" cellpadding=\"0\" cellspacing=\"0\" class=\"tr-caption-container\" style=\"margin-left: auto; margin-right: auto; text-align: center;\"\u003E\u003Ctbody\u003E\n\u003Ctr\u003E\u003Ctd style=\"text-align: center;\"\u003E\u003Ca href=\"http:\/\/2.bp.blogspot.com\/-tIQeHzUr8GI\/UIp7lAI7G_I\/AAAAAAAAAjo\/eHtHhsuod7A\/s1600\/user_table_sqliteb.png\" imageanchor=\"1\" style=\"margin-left: auto; margin-right: auto;\"\u003E\u003Cimg border=\"0\" height=\"226\" src=\"http:\/\/2.bp.blogspot.com\/-tIQeHzUr8GI\/UIp7lAI7G_I\/AAAAAAAAAjo\/eHtHhsuod7A\/s640\/user_table_sqliteb.png\" width=\"640\" \/\u003E\u003C\/a\u003E\u003C\/td\u003E\u003C\/tr\u003E\n\u003Ctr\u003E\u003Ctd class=\"tr-caption\" style=\"text-align: center;\"\u003ENote the table \"users\" has been created along with the columns we identified during model creation.\u003C\/td\u003E\u003C\/tr\u003E\n\u003C\/tbody\u003E\u003C\/table\u003E\nThis is great and later if you'd like to add an additional column to your local db, you can. What if you'd like to add a column so that the next person to download your code and run rake db:migrate also has the new column? Navigate to db\/migrate\/ and you'll see a file that ends in _create_users.rb. This is where you would make that change. Do NOT edit the db\/schema.rb file for that purpose (this is overwritten by the migrate files).\u003Cbr \/\u003E\n\u003Cbr \/\u003E\nNext, create a sessions controller:\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Cdiv class=\"separator\" style=\"clear: both; text-align: center;\"\u003E\n\u003Ca href=\"http:\/\/2.bp.blogspot.com\/-uda-2CTfjgg\/UIp8woGMhiI\/AAAAAAAAAjw\/EGH-d4QPmo8\/s1600\/session_controller_generated.png\" imageanchor=\"1\" style=\"margin-left: 1em; margin-right: 1em;\"\u003E\u003Cimg border=\"0\" height=\"262\" src=\"http:\/\/2.bp.blogspot.com\/-uda-2CTfjgg\/UIp8woGMhiI\/AAAAAAAAAjw\/EGH-d4QPmo8\/s640\/session_controller_generated.png\" width=\"640\" \/\u003E\u003C\/a\u003E\u003C\/div\u003E\n\u003Cbr \/\u003E\n\u003Cbr \/\u003E\nTime to add code to the session controller (app\/controllers\/sessions_controller.rb).\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Cdiv class=\"separator\" style=\"clear: both; text-align: center;\"\u003E\n\u003Ca href=\"http:\/\/1.bp.blogspot.com\/-WIuGYtWOqKI\/UIrtE8ACutI\/AAAAAAAAAlA\/puE6nakFS58\/s1600\/sessions_controller.png\" imageanchor=\"1\" style=\"margin-left: 1em; margin-right: 1em;\"\u003E\u003Cimg border=\"0\" height=\"292\" src=\"http:\/\/1.bp.blogspot.com\/-WIuGYtWOqKI\/UIrtE8ACutI\/AAAAAAAAAlA\/puE6nakFS58\/s640\/sessions_controller.png\" width=\"640\" \/\u003E\u003C\/a\u003E\u003C\/div\u003E\n\u003Cdiv class=\"separator\" style=\"clear: both; text-align: center;\"\u003E\n\u003Cbr \/\u003E\u003C\/div\u003E\n\u003Cbr \/\u003E\nNotice the new and create actions. The gist of this, AFAIK, is that Rails uses new to instantiate a new instance of the Model object and create will actually save data and perform some of the more permanent actions. For our purposes, the \"GET\" request to the sessions#new and the new.html.erb file will show a login form. Once 'POST'-ing from that login form, the create method will receive the email and password parameters.\u003Cbr \/\u003E\n\u003Cbr \/\u003E\nCode Breakdown:\u003Cbr \/\u003E\n\u003Cbr \/\u003E\nLine 6 - Calls a method in the User model (authenticate).\u003Cbr \/\u003E\nLine 8 - Extract a user ID from the user's session\u003Cbr \/\u003E\nLine 9 - redirects to a home path once authenticated\u003Cbr \/\u003E\nLine 11 - A user did not authenticate correctly and we want to send them back to the login page.\u003Cbr \/\u003E\n\u003Cbr \/\u003E\nThe next thing we need to discuss are the changes to your routes.rb file:\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Cdiv class=\"separator\" style=\"clear: both; text-align: center;\"\u003E\n\u003Ca href=\"http:\/\/1.bp.blogspot.com\/-RP4T-3VTbhM\/UIqEfSpWLpI\/AAAAAAAAAkg\/7WyIRcqZ9rs\/s1600\/modified_routes.png\" imageanchor=\"1\" style=\"margin-left: 1em; margin-right: 1em;\"\u003E\u003Cimg border=\"0\" height=\"233\" src=\"http:\/\/1.bp.blogspot.com\/-RP4T-3VTbhM\/UIqEfSpWLpI\/AAAAAAAAAkg\/7WyIRcqZ9rs\/s400\/modified_routes.png\" width=\"400\" \/\u003E\u003C\/a\u003E\u003C\/div\u003E\n\u003Cbr \/\u003E\nLines 3 - The first portion (ex: logout) identifies a request for that resources, goes to sessions#destroy.\u003Cbr \/\u003E\nLine 8 - Our root has changed to the login page (app\/views\/sessions\/new.html.erb)\u003Cbr \/\u003E\nLine 10-12 - We've identified resources (controllers) and instantiated some default routes. 7 to be exact:\u003Cbr \/\u003E\n\u003Cbr \/\u003E\nYou can run `rake routes` to see these.\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Ctable align=\"center\" cellpadding=\"0\" cellspacing=\"0\" class=\"tr-caption-container\" style=\"margin-left: auto; margin-right: auto; text-align: center;\"\u003E\u003Ctbody\u003E\n\u003Ctr\u003E\u003Ctd style=\"text-align: center;\"\u003E\u003Ca href=\"http:\/\/1.bp.blogspot.com\/-1YlO0zW4rbc\/UIqGK2QPmzI\/AAAAAAAAAko\/OmG6lRtlg8c\/s1600\/7_actions.png\" imageanchor=\"1\" style=\"margin-left: auto; margin-right: auto;\"\u003E\u003Cimg border=\"0\" height=\"268\" src=\"http:\/\/1.bp.blogspot.com\/-1YlO0zW4rbc\/UIqGK2QPmzI\/AAAAAAAAAko\/OmG6lRtlg8c\/s400\/7_actions.png\" width=\"400\" \/\u003E\u003C\/a\u003E\u003C\/td\u003E\u003C\/tr\u003E\n\u003Ctr\u003E\u003Ctd class=\"tr-caption\" style=\"text-align: center;\"\u003E7 routes\u0026nbsp;automatically\u0026nbsp;created for the actions: index, create, new, edit, show, update, destroy\u003C\/td\u003E\u003C\/tr\u003E\n\u003C\/tbody\u003E\u003C\/table\u003E\nNote that 7 routes were not manually defined by you, in your routes file but rather, Rails created them for you. This is because you specified `resources :\u0026lt;controller name\u0026gt;` in your routes.rb file. You can create views and controller actions whose names match the names of those 7 defined routes (index, create, etc.). They automagically have routes!\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Cdiv class=\"separator\" style=\"clear: both; text-align: center;\"\u003E\n\u003Ca href=\"http:\/\/2.bp.blogspot.com\/-NK488EjoByQ\/UIrypDTpWRI\/AAAAAAAAAlU\/hTbdSHqITXg\/s1600\/session_view.png\" imageanchor=\"1\" style=\"margin-left: 1em; margin-right: 1em;\"\u003E\u003Cimg border=\"0\" height=\"241\" src=\"http:\/\/2.bp.blogspot.com\/-NK488EjoByQ\/UIrypDTpWRI\/AAAAAAAAAlU\/hTbdSHqITXg\/s400\/session_view.png\" width=\"400\" \/\u003E\u003C\/a\u003E\u003C\/div\u003E\n\u003Cbr \/\u003E\nCode breakdown:\u003Cbr \/\u003E\n\u003Cbr \/\u003E\nLine 5 - form_tag is a Rails method, notice how we encapsulate it in \u0026lt;%= %\u0026gt;. This is how we separate Rails code from regular HTML. You may also see \u0026lt;% %\u0026gt;.\u003Cbr \/\u003E\nLine 7, 8, 11, 12 - Rails methods that are converted by Rails to define labels and input fields.\u003Cbr \/\u003E\nLine 14 - submit_tag, again, a Rails method. Note the {:class =\u0026gt; \"btn btn-primary\"}. This is a Twitter-Boostrap definition you can find\u0026nbsp;\u003Ca href=\"http:\/\/twitter.github.com\/bootstrap\/base-css.html#buttons\"\u003Ehere\u003C\/a\u003E.\u003Cbr \/\u003E\n\u003Cbr \/\u003E\nNow fire up your instance, you should see the following:\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Ctable align=\"center\" cellpadding=\"0\" cellspacing=\"0\" class=\"tr-caption-container\" style=\"margin-left: auto; margin-right: auto; text-align: center;\"\u003E\u003Ctbody\u003E\n\u003Ctr\u003E\u003Ctd style=\"text-align: center;\"\u003E\u003Ca href=\"http:\/\/1.bp.blogspot.com\/-2aAL8dEvI28\/UI7SdrjhDBI\/AAAAAAAAAlo\/TW5Rl3BoPbU\/s1600\/login_page.png\" imageanchor=\"1\" style=\"margin-left: auto; margin-right: auto;\"\u003E\u003Cimg border=\"0\" height=\"185\" src=\"http:\/\/1.bp.blogspot.com\/-2aAL8dEvI28\/UI7SdrjhDBI\/AAAAAAAAAlo\/TW5Rl3BoPbU\/s640\/login_page.png\" width=\"640\" \/\u003E\u003C\/a\u003E\u003C\/td\u003E\u003C\/tr\u003E\n\u003Ctr\u003E\u003Ctd class=\"tr-caption\" style=\"text-align: center;\"\u003ENote: You can't necessarily use this yet but it looks nice :-)\u003C\/td\u003E\u003C\/tr\u003E\n\u003C\/tbody\u003E\u003C\/table\u003E\nThis was a lot of information (read: lengthy post) and while the login does not yet work, we will wrap all of this up in Part 5 of the series. While part 5 of this series will walk you through the details of the code, you can always skip ahead and grab it from this\u0026nbsp;\u003Ca href=\"http:\/\/railscasts.com\/episodes\/250-authentication-from-scratch\"\u003ERailscast\u003C\/a\u003E\u0026nbsp;(if you'd like to finish up).\u003Cbr \/\u003E\n\u003Cbr \/\u003E\nThanks!\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Cbr \/\u003E"},"link":[{"rel":"replies","type":"application/atom+xml","href":"https:\/\/blog.carnal0wnage.com\/feeds\/2105976084958024040\/comments\/default","title":"Post Comments"},{"rel":"replies","type":"text/html","href":"https:\/\/www.blogger.com\/comment.g?blogID=8539880144347728238\u0026postID=2105976084958024040","title":"0 Comments"},{"rel":"edit","type":"application/atom+xml","href":"https:\/\/www.blogger.com\/feeds\/8539880144347728238\/posts\/default\/2105976084958024040"},{"rel":"self","type":"application/atom+xml","href":"https:\/\/www.blogger.com\/feeds\/8539880144347728238\/posts\/default\/2105976084958024040"},{"rel":"alternate","type":"text/html","href":"https:\/\/blog.carnal0wnage.com\/2012\/10\/basics-of-rails-part-4.html","title":"Basics of Rails Part 4"}],"author":[{"name":{"$t":"cktricky"},"uri":{"$t":"http:\/\/www.blogger.com\/profile\/16815248087217800849"},"email":{"$t":"noreply@blogger.com"},"gd$image":{"rel":"http://schemas.google.com/g/2005#thumbnail","width":"24","height":"32","src":"\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjzbwSNk_s0HvOxfbAtSl2FhHna2aB6Xo7-_ZCNbVXymFAuMWTQm3pW0F7uI4NvrI9QfGqrYukEzyCuhpx3mtzQ-TRFv4WxM_N4kzLnphfpUKuw0emNZXEl_B7_tnXLjAo\/s220\/myphoto.gif"}}],"media$thumbnail":{"xmlns$media":"http://search.yahoo.com/mrss/","url":"http:\/\/2.bp.blogspot.com\/-ZvKXoKx_Vmk\/UIM5kHJlV-I\/AAAAAAAAAiY\/aqvWtzYmQiY\/s72-c\/users_controller_generate.png","height":"72","width":"72"},"thr$total":{"$t":"0"}},{"id":{"$t":"tag:blogger.com,1999:blog-8539880144347728238.post-6280184860425274225"},"published":{"$t":"2012-10-16T16:58:00.001-04:00"},"updated":{"$t":"2012-11-09T20:06:47.010-05:00"},"category":[{"scheme":"http://www.blogger.com/atom/ns#","term":"cktricky"}],"title":{"type":"text","$t":"Basics of Rails Part 3"},"content":{"type":"html","$t":"\u003Cdiv class=\"separator\" style=\"clear: both; text-align: center;\"\u003E\n\u003C\/div\u003E\nIf you've been following along in this series you've already created a Rails application called \"attackresearch, configured your Ruby\/gem environment with RVM, and created a Rake task to start the application with Unicorn.\u003Cbr \/\u003E\n\u003Cbr \/\u003E\nIn this portion, we will create our first Rails page and configure the appropriate routes.\u003Cbr \/\u003E\n\u003Cbr \/\u003E\nNow, first thing first, remove the index.html file located under the public directory:\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Ctable align=\"center\" cellpadding=\"0\" cellspacing=\"0\" class=\"tr-caption-container\" style=\"margin-left: auto; margin-right: auto; text-align: center;\"\u003E\u003Ctbody\u003E\n\u003Ctr\u003E\u003Ctd style=\"text-align: center;\"\u003E\u003Ca href=\"http:\/\/2.bp.blogspot.com\/-cVAUPbURgwU\/UHmBrSvAw5I\/AAAAAAAAAfc\/zkBawAavx5Y\/s1600\/remove_public.png\" imageanchor=\"1\" style=\"margin-left: auto; margin-right: auto;\"\u003E\u003Cimg border=\"0\" height=\"365\" src=\"http:\/\/2.bp.blogspot.com\/-cVAUPbURgwU\/UHmBrSvAw5I\/AAAAAAAAAfc\/zkBawAavx5Y\/s400\/remove_public.png\" width=\"400\" \/\u003E\u003C\/a\u003E\u003C\/td\u003E\u003C\/tr\u003E\n\u003Ctr\u003E\u003Ctd class=\"tr-caption\" style=\"text-align: center;\"\u003ERemoving this file removes the new Rails application landing page as it is unecessary.\u003C\/td\u003E\u003C\/tr\u003E\n\u003C\/tbody\u003E\u003C\/table\u003E\nFire up the server using the rake task created earlier in this series and browse to the site.\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Cdiv style=\"text-align: center;\"\u003E\nUh-oh:\u003C\/div\u003E\n\u003Cbr \/\u003E\n\u003Cdiv class=\"separator\" style=\"clear: both; text-align: center;\"\u003E\n\u003Ca href=\"http:\/\/3.bp.blogspot.com\/-FVt4fnsrjR4\/UHs6zR8XU0I\/AAAAAAAAAfw\/a_dr0hZaJjs\/s1600\/no_routes.png\" imageanchor=\"1\" style=\"margin-left: 1em; margin-right: 1em;\"\u003E\u003Cimg border=\"0\" height=\"216\" src=\"http:\/\/3.bp.blogspot.com\/-FVt4fnsrjR4\/UHs6zR8XU0I\/AAAAAAAAAfw\/a_dr0hZaJjs\/s400\/no_routes.png\" width=\"400\" \/\u003E\u003C\/a\u003E\u003C\/div\u003E\nWhy did this occur? Rails requires some direction from you, the developer. Where does the default or \"root\" page live and how do I get there?\u003Cbr \/\u003E\n\u003Cbr \/\u003E\nLike any good map, you need to show a route. That being said, open config\/routes.rb and take a look at what I mean:\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Cdiv class=\"separator\" style=\"clear: both; text-align: center;\"\u003E\n\u003Ca href=\"http:\/\/3.bp.blogspot.com\/-3-M8eslOI8k\/UHs8EAP3MqI\/AAAAAAAAAf4\/P4HsMGmlt2A\/s1600\/routes.png\" imageanchor=\"1\" style=\"margin-left: 1em; margin-right: 1em;\"\u003E\u003Cimg border=\"0\" height=\"267\" src=\"http:\/\/3.bp.blogspot.com\/-3-M8eslOI8k\/UHs8EAP3MqI\/AAAAAAAAAf4\/P4HsMGmlt2A\/s400\/routes.png\" width=\"400\" \/\u003E\u003C\/a\u003E\u003C\/div\u003E\n\u003Cbr \/\u003E\nNotice the comment? Each comment block provides instructions on mapping routes in various ways. You can delete them :-). Leave the first and last line (actual code) but remove the comments.\u003Cbr \/\u003E\n\u003Cbr \/\u003E\nNow that we know where to map out the route to our destination, let's create a destination. The first thing we want to do is go to our terminal and enter the following (this only has to be done once):\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Cdiv class=\"separator\" style=\"clear: both; text-align: center;\"\u003E\n\u003Ca href=\"http:\/\/3.bp.blogspot.com\/-guMa9ocs1uE\/UHtARTKrLZI\/AAAAAAAAAgM\/_8LQskjhbng\/s1600\/bootstrap_install.png\" imageanchor=\"1\" style=\"margin-left: 1em; margin-right: 1em;\"\u003E\u003Cimg border=\"0\" height=\"192\" src=\"http:\/\/3.bp.blogspot.com\/-guMa9ocs1uE\/UHtARTKrLZI\/AAAAAAAAAgM\/_8LQskjhbng\/s640\/bootstrap_install.png\" width=\"640\" \/\u003E\u003C\/a\u003E\u003C\/div\u003E\n\u003Cbr \/\u003E\nRemember the twitter-bootstrap-rails gem we added in the first part of this series? We just installed it. This allows us to forego some CSS and HTML work and piggyback off those of the Twitter designers (thanks gals\/guys).\u003Cbr \/\u003E\n\u003Cbr \/\u003E\nNext, we will generate our first controller and view. As of right now, we don't necessarily require a model. First, here is a quick break down of MVC:\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Cul\u003E\n\u003Cli\u003EModel - Used for handling data resources (databases, usually).\u003C\/li\u003E\n\u003Cli\u003EView - Renders HTML content to users.\u003C\/li\u003E\n\u003Cli\u003EController - Code that handles the bulk of the logic and decision making.\u003C\/li\u003E\n\u003C\/ul\u003E\n\u003Cbr \/\u003E\nGenerating a \"Home\" controller:\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Ctable align=\"center\" cellpadding=\"0\" cellspacing=\"0\" class=\"tr-caption-container\" style=\"margin-left: auto; margin-right: auto; text-align: center;\"\u003E\u003Ctbody\u003E\n\u003Ctr\u003E\u003Ctd style=\"text-align: center;\"\u003E\u003Ca href=\"http:\/\/4.bp.blogspot.com\/-jrvucmnp5Oo\/UHtCg6MEgGI\/AAAAAAAAAgU\/qaWYjiAFydg\/s1600\/generated_home_controller.png\" imageanchor=\"1\" style=\"margin-left: auto; margin-right: auto;\"\u003E\u003Cimg border=\"0\" height=\"257\" src=\"http:\/\/4.bp.blogspot.com\/-jrvucmnp5Oo\/UHtCg6MEgGI\/AAAAAAAAAgU\/qaWYjiAFydg\/s640\/generated_home_controller.png\" width=\"640\" \/\u003E\u003C\/a\u003E\u003C\/td\u003E\u003C\/tr\u003E\n\u003Ctr\u003E\u003Ctd class=\"tr-caption\" style=\"text-align: center;\"\u003EWe used --skip-stylesheets as they are unnecessary when using twitter-bootstrap\u003C\/td\u003E\u003C\/tr\u003E\n\u003C\/tbody\u003E\u003C\/table\u003E\nNote that a new *View* folder was created app\/views\/home and a controller file \"app\/controllers\/home_controller.rb\".\u003Cbr \/\u003E\n\u003Cbr \/\u003E\nOne thing to be aware of. The name of your controller will have `_controller.rb` appended to it. This is the standard convention.\u003Cbr \/\u003E\n\u003Cbr \/\u003E\nTime to make an entry in routes.rb. The first thing we need to define is a landing page so that if you request our URL, you have a starting page. We will call it \"welcome\". There are a few things that have to happen:\u003Cbr \/\u003E\n\u003Cul\u003E\n\u003Cli\u003EMake an action inside the home controller called \"welcome\".\u0026nbsp;\u003C\/li\u003E\n\u003Cli\u003ECreate a view page under the \/app\/views\/home folder called \"welcome.html.erb\".\u003C\/li\u003E\n\u003Cli\u003EConfigure the route but since this is our first, we will simply use `root :to =\u0026gt; \"\u0026lt;controller\u0026gt;#\u0026lt;action\u0026gt;\"\u003C\/li\u003E\n\u003C\/ul\u003E\n\u003Cbr \/\u003E\n\u003Ctable align=\"center\" cellpadding=\"0\" cellspacing=\"0\" class=\"tr-caption-container\" style=\"margin-left: auto; margin-right: auto; text-align: center;\"\u003E\u003Ctbody\u003E\n\u003Ctr\u003E\u003Ctd style=\"text-align: center;\"\u003E\u003Ca href=\"http:\/\/2.bp.blogspot.com\/-R0Dyv3SNC4I\/UHycu5jvzLI\/AAAAAAAAAgo\/ELxP8g4An6M\/s1600\/welcome_action_definition.png\" imageanchor=\"1\" style=\"margin-left: auto; margin-right: auto;\"\u003E\u003Cimg border=\"0\" height=\"211\" src=\"http:\/\/2.bp.blogspot.com\/-R0Dyv3SNC4I\/UHycu5jvzLI\/AAAAAAAAAgo\/ELxP8g4An6M\/s400\/welcome_action_definition.png\" width=\"400\" \/\u003E\u003C\/a\u003E\u003C\/td\u003E\u003C\/tr\u003E\n\u003Ctr\u003E\u003Ctd class=\"tr-caption\" style=\"text-align: center;\"\u003ENote: Rails does \u003Cb\u003E\u003Cu\u003Enot\u003C\/u\u003E\u003C\/b\u003E require code within the action (method), only that it exists.\u003C\/td\u003E\u003C\/tr\u003E\n\u003C\/tbody\u003E\u003C\/table\u003E\n\u003Cbr \/\u003E\n\u003Ctable align=\"center\" cellpadding=\"0\" cellspacing=\"0\" class=\"tr-caption-container\" style=\"margin-left: auto; margin-right: auto; text-align: center;\"\u003E\u003Ctbody\u003E\n\u003Ctr\u003E\u003Ctd style=\"text-align: center;\"\u003E\u003Ca href=\"http:\/\/2.bp.blogspot.com\/-oyRy_pEFDIY\/UHzBg7GQ--I\/AAAAAAAAAhM\/hhwSaxN8vl8\/s1600\/root_route_definition.png\" imageanchor=\"1\" style=\"margin-left: auto; margin-right: auto;\"\u003E\u003Cimg border=\"0\" height=\"156\" src=\"http:\/\/2.bp.blogspot.com\/-oyRy_pEFDIY\/UHzBg7GQ--I\/AAAAAAAAAhM\/hhwSaxN8vl8\/s400\/root_route_definition.png\" width=\"400\" \/\u003E\u003C\/a\u003E\u003C\/td\u003E\u003C\/tr\u003E\n\u003Ctr\u003E\u003Ctd class=\"tr-caption\" style=\"text-align: center;\"\u003ENote: Only one\u0026nbsp;\u003Cu style=\"font-weight: bold;\"\u003Eroot\u003C\/u\u003E\u0026nbsp;route can exist.\u003C\/td\u003E\u003C\/tr\u003E\n\u003C\/tbody\u003E\u003C\/table\u003E\n\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Cdiv class=\"separator\" style=\"clear: both; text-align: center;\"\u003E\n\u003C\/div\u003E\n\u003Cdiv class=\"separator\" style=\"clear: both; text-align: center;\"\u003E\n\u003Ca href=\"http:\/\/4.bp.blogspot.com\/-rasQkB-9L60\/UHyeCYB_roI\/AAAAAAAAAg4\/A3w6dDpKn4w\/s1600\/welcome_view.png\" imageanchor=\"1\" style=\"margin-left: 1em; margin-right: 1em;\"\u003E\u003Cimg border=\"0\" src=\"http:\/\/4.bp.blogspot.com\/-rasQkB-9L60\/UHyeCYB_roI\/AAAAAAAAAg4\/A3w6dDpKn4w\/s1600\/welcome_view.png\" \/\u003E\u003C\/a\u003E\u003C\/div\u003E\n\u003Cbr \/\u003E\nTime to edit the welcome.html.erb...\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Ctable align=\"center\" cellpadding=\"0\" cellspacing=\"0\" class=\"tr-caption-container\" style=\"margin-left: auto; margin-right: auto; text-align: center;\"\u003E\u003Ctbody\u003E\n\u003Ctr\u003E\u003Ctd style=\"text-align: center;\"\u003E\u003Ca href=\"http:\/\/1.bp.blogspot.com\/-DctVXGBQMMw\/UH2yWv5VLCI\/AAAAAAAAAhg\/dtLSkTzdw3I\/s1600\/gday_1.png\" imageanchor=\"1\" style=\"margin-left: auto; margin-right: auto;\"\u003E\u003Cimg border=\"0\" height=\"146\" src=\"http:\/\/1.bp.blogspot.com\/-DctVXGBQMMw\/UH2yWv5VLCI\/AAAAAAAAAhg\/dtLSkTzdw3I\/s400\/gday_1.png\" width=\"400\" \/\u003E\u003C\/a\u003E\u003C\/td\u003E\u003C\/tr\u003E\n\u003Ctr\u003E\u003Ctd class=\"tr-caption\" style=\"text-align: center;\"\u003ENote that the h1 tag is has a look and feel defined by the h1 definition in Twitter's CSS.\u003C\/td\u003E\u003C\/tr\u003E\n\u003C\/tbody\u003E\u003C\/table\u003E\n\u003Ctable align=\"center\" cellpadding=\"0\" cellspacing=\"0\" class=\"tr-caption-container\" style=\"margin-left: auto; margin-right: auto; text-align: center;\"\u003E\u003Ctbody\u003E\n\u003Ctr\u003E\u003Ctd style=\"text-align: center;\"\u003E\u003Ca href=\"http:\/\/1.bp.blogspot.com\/-U1hJrKlc_T8\/UH2ym8tLBFI\/AAAAAAAAAho\/15hNshq6_JU\/s1600\/gday_2.png\" imageanchor=\"1\" style=\"margin-left: auto; margin-right: auto;\"\u003E\u003Cimg border=\"0\" height=\"249\" src=\"http:\/\/1.bp.blogspot.com\/-U1hJrKlc_T8\/UH2ym8tLBFI\/AAAAAAAAAho\/15hNshq6_JU\/s640\/gday_2.png\" width=\"640\" \/\u003E\u003C\/a\u003E\u003C\/td\u003E\u003C\/tr\u003E\n\u003Ctr\u003E\u003Ctd class=\"tr-caption\" style=\"text-align: center;\"\u003EWelcome Page\u003C\/td\u003E\u003C\/tr\u003E\n\u003C\/tbody\u003E\u003C\/table\u003E\n..And with that we have a website, sort of. To recap we covered generating a controller and making a view page as well as adding the action with the home_controller called \"welcome\".\u003Cbr \/\u003E\n\u003Cbr \/\u003E\nThat last thing I'll cover before the next tutorial is the flow of a request. So when you request http:\/\/localhost\/ this is what is happening.\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Col\u003E\n\u003Cli\u003EThe config\/routes.rb file is checked to see where this request should go.\u003C\/li\u003E\n\u003Cli\u003ESince the request is for the root page '\/', it is rerouted to the Home controller and Welcome action.\u003C\/li\u003E\n\u003Cli\u003EImmediately following any code executing in the Welcome action (none right now), the request finally lands on the view page or the last part in it's journey, welcome.html.erb.\u003C\/li\u003E\n\u003C\/ol\u003E\n\u003Cbr \/\u003E\n\u003Cbr \/\u003E\nAgain, the flow is route -\u0026gt; controller -\u0026gt; view.\u003Cbr \/\u003E\n\u003Cbr \/\u003E\nIf you want to see what I mean, we can stop the flow from reaching the view stage by (welcome.html.erb) by rendering content at the controller. Observe:\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Ctable align=\"center\" cellpadding=\"0\" cellspacing=\"0\" class=\"tr-caption-container\" style=\"margin-left: auto; margin-right: auto; text-align: center;\"\u003E\u003Ctbody\u003E\n\u003Ctr\u003E\u003Ctd style=\"text-align: center;\"\u003E\u003Ca href=\"http:\/\/2.bp.blogspot.com\/-It7seDAnVVM\/UH3Is_3jRcI\/AAAAAAAAAh8\/N4nJnJW96fY\/s1600\/controller_override_2.png\" imageanchor=\"1\" style=\"margin-left: auto; margin-right: auto;\"\u003E\u003Cimg border=\"0\" height=\"151\" src=\"http:\/\/2.bp.blogspot.com\/-It7seDAnVVM\/UH3Is_3jRcI\/AAAAAAAAAh8\/N4nJnJW96fY\/s320\/controller_override_2.png\" width=\"320\" \/\u003E\u003C\/a\u003E\u003C\/td\u003E\u003C\/tr\u003E\n\u003Ctr\u003E\u003Ctd class=\"tr-caption\" style=\"text-align: center;\"\u003EAdded the directive render :text =\u0026gt; \u0026lt;some text\u0026gt; which stops the flow from reaching the view page and renders content itself.\u003C\/td\u003E\u003C\/tr\u003E\n\u003C\/tbody\u003E\u003C\/table\u003E\n\u003Cbr \/\u003E\n\u003Ctable align=\"center\" cellpadding=\"0\" cellspacing=\"0\" class=\"tr-caption-container\" style=\"margin-left: auto; margin-right: auto; text-align: center;\"\u003E\u003Ctbody\u003E\n\u003Ctr\u003E\u003Ctd style=\"text-align: center;\"\u003E\u003Ca href=\"http:\/\/2.bp.blogspot.com\/-bjvx9SLBWcw\/UH3IuW38MvI\/AAAAAAAAAiE\/nIk02BYp-U4\/s1600\/controller_flow_override.png\" imageanchor=\"1\" style=\"margin-left: auto; margin-right: auto;\"\u003E\u003Cimg border=\"0\" height=\"78\" src=\"http:\/\/2.bp.blogspot.com\/-bjvx9SLBWcw\/UH3IuW38MvI\/AAAAAAAAAiE\/nIk02BYp-U4\/s320\/controller_flow_override.png\" width=\"320\" \/\u003E\u003C\/a\u003E\u003C\/td\u003E\u003C\/tr\u003E\n\u003Ctr\u003E\u003Ctd class=\"tr-caption\" style=\"text-align: center;\"\u003EThe outcome of this change.\u003C\/td\u003E\u003C\/tr\u003E\n\u003C\/tbody\u003E\u003C\/table\u003E\n\u003Cbr \/\u003E\n\u003Cbr \/\u003E\nThanks for following along, more to come in the next post as we dig a bit deeper with routes and the MVC.\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n~cktricky\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Cbr \/\u003E\n\u003Cbr \/\u003E"},"link":[{"rel":"replies","type":"application/atom+xml","href":"https:\/\/blog.carnal0wnage.com\/feeds\/6280184860425274225\/comments\/default","title":"Post Comments"},{"rel":"replies","type":"text/html","href":"https:\/\/www.blogger.com\/comment.g?blogID=8539880144347728238\u0026postID=6280184860425274225","title":"6 Comments"},{"rel":"edit","type":"application/atom+xml","href":"https:\/\/www.blogger.com\/feeds\/8539880144347728238\/posts\/default\/6280184860425274225"},{"rel":"self","type":"application/atom+xml","href":"https:\/\/www.blogger.com\/feeds\/8539880144347728238\/posts\/default\/6280184860425274225"},{"rel":"alternate","type":"text/html","href":"https:\/\/blog.carnal0wnage.com\/2012\/10\/basics-of-rails-part-3.html","title":"Basics of Rails Part 3"}],"author":[{"name":{"$t":"cktricky"},"uri":{"$t":"http:\/\/www.blogger.com\/profile\/16815248087217800849"},"email":{"$t":"noreply@blogger.com"},"gd$image":{"rel":"http://schemas.google.com/g/2005#thumbnail","width":"24","height":"32","src":"\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjzbwSNk_s0HvOxfbAtSl2FhHna2aB6Xo7-_ZCNbVXymFAuMWTQm3pW0F7uI4NvrI9QfGqrYukEzyCuhpx3mtzQ-TRFv4WxM_N4kzLnphfpUKuw0emNZXEl_B7_tnXLjAo\/s220\/myphoto.gif"}}],"media$thumbnail":{"xmlns$media":"http://search.yahoo.com/mrss/","url":"http:\/\/2.bp.blogspot.com\/-cVAUPbURgwU\/UHmBrSvAw5I\/AAAAAAAAAfc\/zkBawAavx5Y\/s72-c\/remove_public.png","height":"72","width":"72"},"thr$total":{"$t":"6"}}]}});