CSC/ECE 517 Fall 2012/ch1b 1w67 ks: Difference between revisions

From Expertiza_Wiki
Jump to navigation Jump to search
No edit summary
No edit summary
Line 33: Line 33:


== Flash ==
== Flash ==
<p>Like an outline, you shouldn't have a single section or subsection. Your subsections can go many levels deep!</p>
<p>
The flash is a special part of the session which is cleared with each request. This means that values stored there will only be available in the next request, which is useful for storing error messages etc. It is accessed in much the same way as the session, like a hash. Flash is used by the controller to pass messages to the view. The controller can pass messages about the success or failure of the desired action."</p>


= Examples =
= Examples =

Revision as of 23:44, 3 October 2012

A brief introduction to your article. The table of contents, which is generated automatically, will show up just below this introduction.

Overview/Introduction

Redirection in ruby refers to the where a user is redirected from one page to another.As the http requests are stateless, hence this leads to losing all the state that we had before. Thus Rails provides a hash called Flash such that it persists until the end of the next request received. Also there is a session hash, which unlike flash persists forever. <ref>http://www.youtube.com/watch?v=0m8lmRwS7E0</ref>.

For information on how to format the text of your article, create tables, and use section headings and references, see this article.

Flash in Ruby

Flash in ruby helps to remember the state until the end of the next request. It is basically used to store error messages as warnings and information as notice in the hash. This is used in views to print the error messages or notice. Instead of notice or warnings, we can define user defined hash and print its value in the view as we did for the notice and warnings. Basically it helps in flashing messages on the views.

Session in Ruby

In Ruby session persists forever and is stored in the browser cookies by default. The session data can thus be deleted by clearing content of the cookies. Session is useful when we have to remember the state for a long time. Examples include Authentication where the user enters its login id and password that needs to be available for the whole session that the user is logged in. There are some alternative storage modes for session such as Storage table or No SQL data structure.


How it works

Session

Session stores small amount of data that persists between requests. The session is only available in the controller and the view and can use one of a number of different storage mechanisms such as cookies, tables, cache, memcache etc. The session stores session id in cookies as it is insecure when embedded in the url.This unique id is used to look up the session data on its storage locations such as cookies, database tables, no sql data structure, cache etc.The data storage in cookies by default makes the session lightweight and easy to access and it does not requires calls to the storage locations for accessing the session data. The cookies can store atmost 4 kb data and hence gives cookie overflow exception if the data in the session exceeds the 4 kb limit.The cookie data is not encrypted but it cannot be edited by being visible in the url. Session values are stored in a key,value pair. In Ruby we store it like a hash.

1. To add a session attribute we say

  session[:username]=params[:username]. 
  Here we assign the username received from the user to the session variable.

2. To delete a session attribute value, just assign the key to nil.

  eg: session[:username]=nil. 
  Here we are deleting the session attribute username.

3. The session can also be reset

  reset_session
  This will reset the complete session hash


Flash

The flash is a special part of the session which is cleared with each request. This means that values stored there will only be available in the next request, which is useful for storing error messages etc. It is accessed in much the same way as the session, like a hash. Flash is used by the controller to pass messages to the view. The controller can pass messages about the success or failure of the desired action."

Examples

Like an outline, you shouldn't have a single section or subsection. Your subsections can go many levels deep!

Session

This is a subsection of section 1. Obviously, you name each of your sections and subsections as appropriate for your article.

Flash

Like an outline, you shouldn't have a single section or subsection. Your subsections can go many levels deep!



Advantages/Disadvantages

Session

Session Advantages: -A session object helps us store useful information about the application like the session_id, currently logged in user details -It is similar to hash and helps us take advantages of the hash functionalities in Ruby -Since, it persists forever, the session variables can be used to perfrom authentication,server side validation and take care of the security aspects of the application

Disadvantages: -The session object is a heavy weight object as it is used to store a lot of application related information. -we have to be careful while dealing with session variables as it is subject to malicious attacks and sensitive information can be divulged if not taken care of while programming -As the session variables persists forever, it is the programmers responsibility to reset the information of the application when the application goes out of the current scope logically. -Too many session variable manipulation and storage can make the code inefficient and can cause unexpected behaviour if not programmed carefully


Flash

Flash Advantages: -A lightweight object that helps us store the information of the state the application is in. -Since flash is similar to hash, it helps us abuse the advantages of hash. Although, the most commonly used keys are :notice and :warning, any key can be passed into -the flash object and the user is responsible for extracting the inforation from the corresponding object* -It is less tedious to manage as its lifetime persists only until the next request.

Disadvantages: -As the information stored in the flash object persists only until the next request, it is not useful for providing security related capabilities to the application. -It has limited capabilities and used for displaying sinple error messages, notices or warnings in the application. -It cannot store dynamic information


Conclusion/Summary

HTTP is a stateless protocol and the web applications require saving of the applicaion state frequently. Based on the application state, certain actions are taken. This is possible in RUBY using redirection flash object. The redirection flash object persists for a short duration and helps us store simple information about the application. Another flash like object that provices us very rich capabilities in terms of information storge, authentication and security is the session object. We have seen the differences between the two. It is the programmers responsibility to approriately use the flash or the session object depending on what needs to be achieved.

Definitions

For any definitions where you don't have inline hypertext links to the definition you can place the definition of those terms here.

References

<references /> http://www.youtube.com/watch?v=0m8lmRwS7E0 http://www.youtube.com/watch?v=0m8lmRwS7E0 http://ruby.railstutorial.org/chapters/sign-in-sign-out#sec:sessions_controller http://www.tutorialspoint.com/ruby-on-rails/rails-session-cookies.htm http://guides.rubyonrails.org/action_controller_overview.html#the-flash http://guides.rubyonrails.org/security.html#sessions