dthtien · May 13, 2017 09:46
diff --git a/gistfile1.txt b/gistfile1.txt
 ## 1) What is SQL Injection


 QL Injection is a security vulnerability where an attacker can run arbitrary SQL code on your machine because we are not using safe Active Record practices. 
 ## 2) Which of these are safe from SQL Injection attacks?

 A) safe

    User.where(:name => params[:name])

 B) safe

    Product.where("price > (?)", params[:price])

 C) safe becase it not input anything

    Product.where("price < 5")


 D)not safe

    name = params[:name]
    query = "name = " + name
    User.where(query)

 E) not safe

  Product.where("quality = #{params[:quality]}")



 ## 3) Below is the help for Enumerable#detect what are some possible returns from the method?

 detect(ifnone = nil) {| obj | block } → obj or nil click to toggle source
 find(ifnone = nil) {| obj | block } → obj or nil
 detect(ifnone = nil) → an_enumerator
 find(ifnone = nil) → an_enumerator

 Passes each entry in enum to block. Returns the first for which block is not false. If no object matches, calls ifnone and returns its result when it is specified, or returns nil otherwise.

 If no block is given, an enumerator is returned instead.

 Answer :  We can expect an object (obj) or nil or an_enumerator. Enumerators are constructs that allow us to loop through it's contents.
 ## 4) Which of the methods below can we use to query against an aggregate set of data. For instance a store has many products and each product belongs to the store. What methods would we need to use to find all of the stores that that have an average product price of greater than $10?

    find
    where
    includes
    order
    limit
    offset
    joins
    group
    having
 Answer: To find all stores that have an average product price greater than 10 we would have to group by store_id and the use "AVG(products.price) > 10" inside of a having clause.

 the two methods we use are `group` and `having`

 ## 5) Explain the difference between inner join and outer join
 Inner join

 An inner join: using either of the equivalent queries gives the intersection of the two tables, i.e. the two rows they have in common.
 Left outer join: A left outer join will give all rows in A, plus any common rows in B.
 Right outer join: A right outer join will give all rows in B, plus any common rows in A.
 Full outer join: A full outer join will give you the union of A and B, i.e. all the rows in A and all the rows in B. If something in A doesn't have a corresponding datum in B, then the B portion is null, and vice versa.


 ## 6) What method can we use to get rid of the N+1 Query problem?
 includes

 ## 7) Which of these indicates a Class method and which an instance method?


 A) instance method
    @user.name

 B) class method

    User.last



 ## 8) What type of logic did we use in our testing last week?
 We used `assertion` logic in our tests last week. 
 Hint: if you're working really hard at your job it could be said that you are ______ing yourself.
	## 1) What is SQL Injection


	QL Injection is a security vulnerability where an attacker can run arbitrary SQL code on your machine because we are not using safe Active Record practices.
	## 2) Which of these are safe from SQL Injection attacks?

	A) safe

	User.where(:name => params[:name])

	B) safe

	Product.where("price > (?)", params[:price])

	C) safe becase it not input anything

	Product.where("price < 5")


	D)not safe

	name = params[:name]
	query = "name = " + name
	User.where(query)

	E) not safe

	Product.where("quality = #{params[:quality]}")



	## 3) Below is the help for Enumerable#detect what are some possible returns from the method?

	detect(ifnone = nil) {\| obj \| block } → obj or nil click to toggle source
	find(ifnone = nil) {\| obj \| block } → obj or nil
	detect(ifnone = nil) → an_enumerator
	find(ifnone = nil) → an_enumerator

	Passes each entry in enum to block. Returns the first for which block is not false. If no object matches, calls ifnone and returns its result when it is specified, or returns nil otherwise.

	If no block is given, an enumerator is returned instead.

	Answer : We can expect an object (obj) or nil or an_enumerator. Enumerators are constructs that allow us to loop through it's contents.
	## 4) Which of the methods below can we use to query against an aggregate set of data. For instance a store has many products and each product belongs to the store. What methods would we need to use to find all of the stores that that have an average product price of greater than $10?

	find
	where
	includes
	order
	limit
	offset
	joins
	group
	having
	Answer: To find all stores that have an average product price greater than 10 we would have to group by store_id and the use "AVG(products.price) > 10" inside of a having clause.

	the two methods we use are `group` and `having`

	## 5) Explain the difference between inner join and outer join
	Inner join

	An inner join: using either of the equivalent queries gives the intersection of the two tables, i.e. the two rows they have in common.
	Left outer join: A left outer join will give all rows in A, plus any common rows in B.
	Right outer join: A right outer join will give all rows in B, plus any common rows in A.
	Full outer join: A full outer join will give you the union of A and B, i.e. all the rows in A and all the rows in B. If something in A doesn't have a corresponding datum in B, then the B portion is null, and vice versa.


	## 6) What method can we use to get rid of the N+1 Query problem?
	includes

	## 7) Which of these indicates a Class method and which an instance method?


	A) instance method
	@user.name

	B) class method

	User.last



	## 8) What type of logic did we use in our testing last week?
	We used `assertion` logic in our tests last week.
	Hint: if you're working really hard at your job it could be said that you are ______ing yourself.