def method_missing(method_id, *arguments, &block)
if method_id.to_s =~ /^safe_([_a-zA-Z]\w*)$/
att = $1
if self.attributes.include?(att)
if self.attributes[att].class.to_s == "String"
return CGI::escapeHTML(self.attributes[att])
end
return self.attributes[att]
end
if self.methods.include?(att)
val = self.send(att, *arguments, &block)
if val.class.to_s == "String"
return CGI::escapeHTML(val)
end
return val
end
end
super
end
Friday, December 19, 2008
escapeHTML with method_missing
Use safe_* for escaping HTML
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment