On Wed, 11 Oct 2006, Eero Saynatkari wrote:
> On 2006.10.11 04:25, Bil Kleb wrote:

> The only problem you are likely to encounter is fitting your
> existing schema to fit AR's model if going with Rails (and
> not replacing AR at the backend).
>
> Remember, though, to mention Nitro and IOWA also. Both have
> ORMs that work better with legacy database schemas.

IOWA is completely ORM agnostic.  I use Kansas because I like the query 
model, but one could just as easily use Og, or even AR (if AR were 
threadsafe).

>>  I also have the forms defined in html (used these for working
>>  with [the PI] in determining what metadata to capture).  It
>>  looks like I would have to "redo" all the html to use Ruby
>>  methods?

In general, the answer is somewhere between "No" to "Only very slightly".

>>  I'm also interested in the "security" aspects of using Ruby.
>>  PHP (as opposed to ColdFusion) has been identified as having
>>  too many security issues and therefore not encouraged here,
>>  so I'm curious about Ruby/Ruby on Rails....

I can only speak to security with IOWA, but mostly it boils down to 
whether the application developer does things that will open a hole, and 
the most likely thing there is doing something unsafe with input from 
a form.  And I think that's generally the situation with other Ruby 
frameworks.  There was a security issue with earlier versions of Rails, 
but that was fixed over the summer, and details are readily found via your 
favorite search engine.


Kirk Haines
Waiting for Rubyforge to come back to push IOWA 0.99.2.17 up to it.