schneems · July 23, 2012 21:35
diff --git a/gistfile1.txt b/gistfile1.txt
 ## 1) What is SQL Injection



 ## 2) Which of these are safe from SQL Injection attacks?

 A)

    User.where(:name => params[:name])

 B)

    Product.where("price > (?)", params[:price])

 C)

    Product.where("price < 5")


 D)

    name = params[:name]
    query = "name = " + name
    User.where(query)

 E)

  Product.where("quality = #{params[:quality]}")



 ## 3) Below is the help for Enumerable#detect what are some possible returns from the method?

 detect(ifnone = nil) {| obj | block } → obj or nil click to toggle source
 find(ifnone = nil) {| obj | block } → obj or nil
 detect(ifnone = nil) → an_enumerator
 find(ifnone = nil) → an_enumerator

 Passes each entry in enum to block. Returns the first for which block is not false. If no object matches, calls ifnone and returns its result when it is specified, or returns nil otherwise.

 If no block is given, an enumerator is returned instead.

 ## 4) Which of the methods below can we use to query against an aggregate set of data. For instance a store has many products and each product belongs to the store. What methods would we need to use to find all of the stores that that have an average product price of greater than $10?

    find
    where
    includes
    order
    limit
    offset
    joins
    group
    having


 ## 5) Explain the difference between inner join and outer join


 ## 6) What method can we use to get rid of the N+1 Query problem?


 ## 7) Which of these indicates a Class method and which an instance method?


 A)
    @user.name

 B)

    User.last



 ## 8) What type of logic did we use in our testing last week?

 Hint: if you're working really hard at your job it could be said that you are ______ing yourself.
	## 1) What is SQL Injection



	## 2) Which of these are safe from SQL Injection attacks?

	A)

	User.where(:name => params[:name])

	B)

	Product.where("price > (?)", params[:price])

	C)

	Product.where("price < 5")


	D)

	name = params[:name]
	query = "name = " + name
	User.where(query)

	E)

	Product.where("quality = #{params[:quality]}")



	## 3) Below is the help for Enumerable#detect what are some possible returns from the method?

	detect(ifnone = nil) {\| obj \| block } → obj or nil click to toggle source
	find(ifnone = nil) {\| obj \| block } → obj or nil
	detect(ifnone = nil) → an_enumerator
	find(ifnone = nil) → an_enumerator

	Passes each entry in enum to block. Returns the first for which block is not false. If no object matches, calls ifnone and returns its result when it is specified, or returns nil otherwise.

	If no block is given, an enumerator is returned instead.

	## 4) Which of the methods below can we use to query against an aggregate set of data. For instance a store has many products and each product belongs to the store. What methods would we need to use to find all of the stores that that have an average product price of greater than $10?

	find
	where
	includes
	order
	limit
	offset
	joins
	group
	having


	## 5) Explain the difference between inner join and outer join


	## 6) What method can we use to get rid of the N+1 Query problem?


	## 7) Which of these indicates a Class method and which an instance method?


	A)
	@user.name

	B)

	User.last



	## 8) What type of logic did we use in our testing last week?

	Hint: if you're working really hard at your job it could be said that you are ______ing yourself.