FanBoom puts the power of sports information in your hands. At FanBoom you can track all of your favorite teams, and writers (national and local), read the best of the sports blogs, and interact with robust community of fans of your favorite teams. Our goal is to build a portal of sports information that serve up Your Sports, Your Way, so you won’t have to go anywhere else.

Sign Up Today!

Class Method Overloading
So you say to yourself, while programming, “Ruby would be kick @ss if it only had a string method that would shuffle the characters.” I know, I’ve said it myself hundreds of times (man I need a life). In Ruby, life is good. See below:

class String
def shuffle
self.split(//).sort_by{rand}.join
end
end

puts “My Life Is Better Because of Ruby”.shuffle
#=> “I iya sMeuB t r ceLoBtfeefuReybs”

With this approach we can easily create new methods for native classes. Ruby even allows you to overwrite existing methods of native classes.

One-liners
Ruby is the king (or queen?) of one-liners. Because nearly everything in Ruby is object-oriented, you can basically write your entire program in one line of code! While that may be a bit extreme, creating one-liners can make your program much more readable and maintainable.

#Convert sentence to CSV and capitalize each column
tbdata = "Ruby is awesome"
tbdata.split(/ /).map{|word| word.capitalize}.join(',')

More to come!

• Richard Stallman doesn’t code.  He dares the computer to not do his bidding.
• Global warming is caused by Richard Stallman’s rage toward Windows Vista.
• Rather than being birthed like a normal child, Richard Stallman instead instantiated himself polymorphically. Shortly thereafter he grew a beard.
• Richard Stallman discovered extra-terrestrial life but killed them because they used closed-source software.

Mailfactory

Mailfactory is a ruby library designed to allow the simple creation of emails. It offers the following features:

• Plain text and HTML body parts
• Simple attachments
• MIME-type guessing for attachments
• Attachments from arbitrary IO objects
• Custom headers
• RFC valid email generation
• Simple API

To Install:
gem install mailfactory

Example:


require 'rubygems'
require 'net/smtp'
require 'mailfactory'

#Send this (and all other) message
smtp.finish()


Feed-Normalizer

Feed-Normalizer normalizes all RSS Feed formats into a generic class. This allows you to access the same properties from any RSS Feed it parses without worrying about the underlying format of the RSS source.

To Install:
gem install feed-normalizer

See Ruby RSS Aggregator for example code.

FasterCSV

FasterCSV is significantly faster than CSV and arguably has an improved CSV interface.

To Install
gem install fastercsv

Example:

require 'rubygems'
require 'fastercsv'

#Write a CSV File
FasterCSV.open('/path/to/file') do |csv|
csv << ["an", "array", "of", "data"]
end


Bishop

Bishop is a Bayesian classifier library for Ruby. With Bishop you can effectively train your program to recognize any number of things.

To Install:
gem install bishop

Example:

require 'rubygems'
require 'bishop'

#Guess if an email is spam or not
guess = classifier.guess('How would you like a free sample of viagra?')


Linguistics

Linguistics is a generic, language-neutral framework for extending Ruby objects with linguistic methods. This is easily one of the coolest gems. There is simply so much you can do with the Linguistics module.

To Install:
gem install linguistics

Example:

require 'rubygems'
require 'linguistics'

# => The farm has: four dogs, three cows, three geese, three goats,
two oxen, two cats, a chicken, a rooster, a llama, a pig,
and an alpaca



gem install feed-normalizer


Now that we have the gem installed, let’s put together a simple script that will aggregate Slashdot’s RSS Feed:


require 'rubygems'
require 'feed-normalizer'

#Your Logic Here
end

As you can see, it’s quite simple to aggregate an RSS Feed using Ruby and Feed-Normalizer.

Form hijacking is a very simple concept. So, you have a website which contains a form that submits data to a server-side component which analyzes, processes, and ultimately provides feedback to the user based on his/her selections. For an example, let’s pretend we have a real-estate search engine whereby a user enters their zip code & radius and they are presented with available real-estate in that area. However, they first need to login in order to view this data, so you think it’s secure. Wrong!

Ultimately, we want to protect this data because it’s valuable. This is why we make a user register/login before seeing it. However, this is not enough. With very little effort, I could create a script that logs in (with a cookie), submits data to this form, and screen-scrapes the results. Your valuable data will effectively be stolen from you.

How can we prevent form hijacking?

While there are many methods to secure data, the best three methods for securing a form are:

1. Server-side Referrer Checks
2. Server-side random token verification
3. Ajax forms & results

Server-side Referrer Checks

When a user submits the form you would like to secure, you should always check the referrer to make sure the form is being submitted from an expected location(s). Note: This method should not be the only security measure you rely on. Referrer data can be easily tampered with and your server-side validations can be fooled.

Server-Side Random Token Verification

When displaying your form, generate a random number or a random hash, then create a hidden field in the form where the value of this random number is placed. Store this random number in session or in a database for later verification. When the form is submitted, ensure that the value of the hidden field is the same as the value in session/db. Using this method, it will effectively secure your form from form hijacking. While this isn’t the most secure method, it will at least make the job of hacking your site much harder. A hacker would now have to script the login process via a series of screen-scraping, cookie storage, /etc/host entries, and form posting. Much harder.

AJAX Forms & Results

This is, by far, the best method of securing your valuable data. If your form submits to an AJAX component and then the results are displayed via AJAX, a hacker will be unable to write a script that could automatically steal your data. At this point, only browsers can render javascript. The only downside to using AJAX is that all the data you are displaying is not easily SEO’able.

What is Cross-Site Scripting?

Simply put, cross-site scripting is the malicious injection of client-side code (javascript) into web forms, forums, and other venues for user-generated content. A simple example would be a blog. My blog, for instance, allows users to comment on my articles. If a user were interested in exploiting a simple (annoying) cross-site scripting hack, they might write a comment like this:


<script type="text/javascript" language="javascript">
<!--
alert("You're a loser");
-->
</script>


Unless you have protected your site from cross-site scripting, this message would be posted, and the next time a user viewed this particular page that contained this message, an alert box would come up calling them a loser. Not a good thing to call your readers losers!

How can we stop cross-site scripting?

The easiest way to stop cross-site scripting is to strip all non-text elements (html, javascript, etc) from posts before they are placed in the database. A more lenient and equally effective solution would involve certain allowed tags.


require 'rubygems'
require 'find'

newfile = File.new(f, File::CREAT|File::TRUNC|File::RDWR, 0644)
newfile << data
newfile.close()
end