Escaping Input with Sinatra

Sep 22, 2019

I have been hacking around on a little side project and I wanted to go super bones with it, so I skipped Rails and went with Sinatra. Not even a modular app. Just a simple classic app with an app.rb file and some views.

It’s good for me to get back to simplicity once in a while. Big frameworks have a way of letting me forget some basic programming things because the framework does it for me.

I also decided I didn’t want to use an ORM. Well, not a big ORM. I grabbed Sequel. And figured I would only use what I needed to get the job done.

And since I was going with classic with Sinatra, I just wrote rawish SQL.

I have to admit it was pretty glorious. A couple of routes in one file, and some simple database queries. It’s worth mentioning that since I only use this app on my computer for the time being, I don’t need to guard against SQL injection. This frees me up to just put pieces together.

The app doesn’t do anything super interesting. It just saves text and renders some markdown.

But before long, without the crutch of a framework, I got stuck on something super simple.

I ran into my first issue when I pasted some text into a textarea and went to save it.

Sequel::DatabaseError - PG::SyntaxError: ERROR:  syntax error at or near "t"

Originally, I thought it was an encoding issue from copying and pasting. After trying some different things, I was able to read a little more into the error message.

Turns out the Sequel library was inserting the values wrapped in single quotes, and having an apostrophe in there broke the SQL statement.

Easy enough, just escape the string and insert the escaped string. I’m embarassed to report that escaping that string took a few sessions to figure out (it’s a side project, so I work on it here and there).

I tried String#dump. Nope.

I started working on a RegEx solution, but threw it out pretty quickly. I didn’t like it and knew it wasn’t the right solution.

I tried quoting the string with the percent string syntax. %q[]. I was sure this would work, but I couldn’t get it to work. I don’t use these special percent methods often, and it shows. Looks like I may have been able to get it to work with %Q.

I finally found something that works.

Rack::Utils.escape_html(string)

And as it turns out (RTFM), it was in the docs and I never saw it.

Learned in Elixir

Sep 9, 2019

Lately I’ve been sharpening the saw, sort of. Working on some things that I am not that good at (yet). I spend about 30 minutes a day. It’s a great way to start up and get the juices flowing or spend some time winding down in the evening.

Today I’m writing a Binary Search in Elixir and hit quite a few things I had to Google. This is a list of things I learned in Elixir today:

  • I learned that you use Kernel.round/1 to convert float to integer. round(5.0) => 5
  • I learned that you use Enum.to_list/1 to convert a range to a list. Enum.to_list 1..500 => [1,2,3...]
  • I learned there isn’t an Array type
  • I learned to access an index for Enum, you use Enum.at/3. Enum.at([1,2,3], 2) => 3 – The third parameter is default and it’s optional.
  • I learned that to get the length of a list, use Kernel.length/1. length([1,2,3]) => 3

Reading Files With Elixir

Aug 30, 2019

I’ve been playing with Elixir again. This time I wrote down a few simple programs I could easily build as a learning exercise. Reading a file, url shortener, markdown library, etc…

I decided to start with file related stuff. Reading, writing, and appending. I thought I would fly through these like I would in another language, but I’ve found a few things that I was unfamiliar with.

Let’s start with reading files. I’ll list out the steps to take to build this super simple file reader module, talk about a snag I hit, and push you in a direction to learn more after this.

Start by opening your terminal and creating a directory called SimpleFile. Now cd into that directory.

We are going to have a sample text file to read and an Elixir file. The steps will assume that these are both in the same directory.

Now let’s create our test file. Create a file called text.txt with the contents Hi There. The contents of the file aren’t important. Our code just needs something to read.

Now we can create our Elixir file. Create a file called simple_file_reader.exs.

A note about file extensions. Elixir has two file extensions ex and exs. ex files are meant for compiling. And exs files are meant for scripting. We can just run an exs file and Elixir will interpret it. We could compile it, but the extension should communicate it’s intent. We are going to go with exs since this is just a simple script that we will run from the command line.

Still inside the simple_file_reader.exs file, create a module called SimpleFile

defmodule SimpleFile do
end

And now the function to read the file. We will just call it read.

defmodule SimpleFile do
  def read do
  end
end

And finally we will use the File module in Elixir to read the contents of the sample file we created earlier

defmodule SimpleFile do
  def read do
    File.read("./sample.txt")
  end
end

Just like in Ruby, Elixir will return the last thing it touches, so we can omit the return statement.

One last thing to get this to work. We need to call our function so we can see the results in the terminal. After the module definition, use the IO module to puts the results. The whole thing looks like this.

defmodule SimpleFile do
  def read do
    File.read("./sample.txt")
  end
end

IO.puts(SimpleFile.read)

Now we can run the file with the elixir command. Still in the terminal, type

elixir simple_file_reader.exs

You will immediately see an error.

** (Protocol.UndefinedError) protocol String.Chars not implemented for {:ok, "Hi there\n"} of type Tuple
(elixir) lib/string/chars.ex:3: String.Chars.impl_for!/1
(elixir) lib/string/chars.ex:22: String.Chars.to_string/1
(elixir) lib/io.ex:654: IO.puts/2

This is because the read function of the File module returns a tuple. You can see that on the first line of the error not implemented for {:ok, "Hi there\n"} of type Tuple. I’m not going to lie. It took me a while to figure this out. I just haven’t worked with tuples enough to know how to deal with them. Eventually I was able to find the solution.

The Kernel module in Elixir has a function called elem/2. It takes a tuple and an index, (tuples are zero-based), and just returns that part of the tuple. For us, we care about the second part, so we will use the index of 1.

Update the puts statement to use elem

IO.puts(elem(SimpleFile.read, 1))

Now run the file again in the terminal elixir simple_file_reader.exs and you will see the contents of the file.

I got farther than that, but that seems like a good stopping point. I’d like to write up how to put this into a mix project and pass it any file. And I’d also like to say that is coming, but I’m terrible at commitment.

CSV with Rails Mini Course

Aug 21, 2019

After years of talking about getting back into teaching, I’ve finally released something. I’m calling it a mini course. It’s a course on how to handle importing CSV data into a Rails application.

The timing of releasing it is nothing more than just being sick of not having something out there. I decided to make something small, iterate on it, and build something from there.

It contains four videos and covers:

  • How to upload a CSV file in a form
  • How to parse the content of the file
  • How to map the cells to attributes of a Rails model

It also contains all the source code used in the example as a full Rails app. It’s not Rails 6 though, I was almost done by the time Rails 6 was released. That could be an update.

It’s selling for $5 as an introductory price. I plan on adding a lot of stuff to it. As I do, the price will go up, but you will get all the updates for free regardless of what price point you came in at.

If you have purchased it, thank you! If you are on the fence, feel free to email me with any questions you have.

Here is short preview

You can buy the whole thing here -> Parsing CSV Files with Rails

Git Tips to Help You Work Faster

Jul 23, 2019

The software development world is almost completely git-based now. I’m sure there are other version control systems being used, but I personally haven’t seen anything but git for several years. Git even extends beyond code. Authors use git for books, Universities use git for documentation, and some designers use git for large image files.

And while git is awesome and makes our jobs easier, it’s complex. Most people new to git learn a couple of commands that help them get through their day, not realizing that they could do more with a little bit more knowledge of git and the command line. I want to outline three additional things that I use that help make git even more powerful.

Continue Reading Git Tips to Help You Work Faster →

Software Developers and Cognitive Load

Jul 4, 2019

There are a lot of things that make a difficult job even more difficult. It’s often difficult to explain to non-developers how mentally exhausting creating software is. It’s just something that has to be experienced first hand.

Knowing that, it often seems that we don’t do enough to lessen the burden of cognitive load. Every developer has experienced the frustration of trying to fit more things in their brain than it can hold.

It’s one of the reasons why I am a fan of having a pen and a notebook handy to write down random things as they pop up. An easy way to make sure the cognitive ability you have is reserved for the most important work.

Continue Reading Software Developers and Cognitive Load →

Ruby Reference

Jan 14, 2019

This is a really cool reference for Ruby. I really like how they made the Language Structure more accessible. That type of stuff is sort of hard to find on the Ruby Language site.

A More Balanced Internet

Dec 8, 2018

The problem with the news that IE is going to a Chromium browser is that the things that Google is doing, or trying to do (require SSL on all sites, favor AMP) gets worse. When they own market share, or even worse almost total dominance, nothing stops them from attempting even more of these types of things.

This is the main reason why choice is a good thing. I like Firefox and I think I’m going back to that to help support a more balanced internet.

Building a Color Palette

Nov 22, 2018

Steve Schoger has a book coming out called Refactoring UI and it looks like it’s going to be awesome. He just released a teaser for building a color palette. I’ve read quite a bit about color palettes, and while I’m not a designer, I have taken some design courses and I did win 2nd place in design competition for a Led Zeppelin collage (humble brag).

Also, if you are interested in UI design and have not seem the Refactoring UI videos , stop everything and go watch them.

Attempting to Read Equations in Machine Learning

Nov 18, 2018

I ran into my first issue that caused me to stop and try to dissect what was happening. I’m not bad at math, but I’ve never studied calculus or something similar. I have taken algebra and trigonometry many years ago. I knew the math involved with machine learning would slow me down considerably. Especially since I am the type of person that likes to understand things on a deep level.

The equation was for Root Mean Square Error. I have been able to dissect it down to where I understand most of it. Here is what I know.

  • m is the number of instances in the dataset. Here I am working with housing data.
  • x(i) is a vector of all the feature values of the ith instance of the data set. So it works in conjunction with summation to iterate through each row of features in the data set.
  • y(i) is the label for x(i).
  • X is the matrix for all the feature values.
  • h is a hypothesis function.


All of that is from Hands-On Machine Learning with Scikit-Learn and TensorFlow: Concepts, Tools, and Techniques to Build Intelligent Systems

RMSE Equation

So the equation says: Take each instance in a data set, run the features through the hypothesis function, subtract the labels, and square the result. Sum all the results and return. At least that’s what I think it says.

Just so know, what this equation does is determine how much error the prediction would have.

Here is what I don’t know. I don’t know what 1 over m is there for. I also don’t know if I need to understand this to proceed. I’m pretty sure scikit learn will do this for me. But it’s good to try to understand these things so I know what to use and when.