INFUSED

DBF is a small fast library for reading dBase, xBase, Clipper and FoxPro database files. It is written completely in Ruby and has no external dependencies.

Changes in version 1.0.2:

• Fixes a bug when reading Visual Foxpro memo files.

Today my son Dylan is 1 week old. It’s been an amazing experience so far and I’m sure it will only get better as he becomes more interactive. This is the first time I’ve had any time to sit down and catch up on email, blogs, programming, etc. He’s in my lap now, and I’ve been working with him in the crook of my arm for the last two hours. It’s surprisingly easy to do while he’s still small and sleeps most of the time!

Dylan at 1 day old:

A lot of work has gone into this release of the DBF gem. The basic reader code is stable now. I’m in the process of moving the test suite from Test::Unit to Rspec. When I’m done with that I’ll add a couple of additional features, polish the documentation and christen it 1.0.0.

• New find method
• Full compatibility with the two flavors of memo file
• Two modes of operation: In memory, or File I/O
• Improved documentation and more usage examples

When using Rails’ verify method to protect your ActionController actions, you should return a list of the allowed HTTP methods in the response headers.

Let’s say you have an action called update that you want to protect from anything but a POST. I like to do it like this:

:::ruby
verify :method => :post, 
  :only => :update, 
  :render => {:text => '405 HTTP POST required', :status => 405}, 
  :add_headers => {'Allow' => 'POST'} 

Now if someone tries to hit the update action with anything other than a POST, an error message will be displayed and the response headers will contain (among other things):

:::ruby
{"Status" => "405 Method Not Allowed", "Allow" => "POST"}

In my opinion, this is a better way to go than redirecting to another action because the use of an improper HTTP method is most likely the result of either programmer error or malicious intent. By redirecting to another page, you are making it much easier to for somebody to take your site down with a denial of service attack and if it’s a programming error, you’ll locate the problem faster.

You should also make sure that you have a functional test for this behavior:

:::ruby
def test_invalid_update_methods
  [:get, :put, :delete].each do |http_method|
    send http_method, :update
    assert_response 405
    assert_equal 'POST', @response.headers['Allow']
    assert_equal '405 HTTP POST required', @response.body
  end
end

Additional Resources

• HTTP 1.1: Status Code Definitions
• HTTP 1.1: Header Field Definitions
• Rails API Documentation: Verification

RailsConf will be held right here in Portland this year, so no travelling for me this time around. The conference is being held at the Oregon Convention Center (the same place OSCON is held every year), so it’s a huge improvement over the shitty hotel in Chicago where it was held last year.

Registration just opened a couple of hours ago. This year the registration fee is higher and the venue is a lot larger so it probably won’t sell out as quickly as last year. But, if you want to go, I would sign up soon. I already did.

Updates:

• 7 hours later: I’m glad I bought mine early, because they might sell out faster than last year.
• 3 days later: RailsConf ‘07 sells faster than any other O’Reilly conference
• 9 days later: close to 75% of the tickets have now been sold.
• 22 days later: Sold out