On Wed, Aug 20, 2008 at 4:25 PM, Nick Brown
<ruby-forum.com / nick-brown.com> wrote:
> F. Senault wrote:
>> Please provide some code to demonstrate this.
>
> a = cgi['a']

Internal to the CGI object, it appears that "a" in the @params hash is
an array of strings not a string:

irb(main):007:0> cgi = CGI.new('html4')
(offline mode: enter name=value pairs on standard input)
a=foohibyebar
=> #<CGI:0xb7c998cc @params={"a"=>["foohibyebar"]}, @multipart=false,
@output_cookies=nil, @output_hidden=nil, @cookies={}>

> a.sub!(/hi/, 'bye')
> # to see expected behavior, replace the above with: a = a.sub(/hi/,
> 'bye')
>
> To run this, type "a=hi"[enter][ctrl-d] to simulate the behavior of a
> cgi session. You will get the output:
>
> Inserting value a=bye into the database.
> What was actually inserted into the database: hi

> cat z.rb
#!/usr/bin/env ruby

require 'rubygems'
require 'sqlite3'

db = SQLite3::Database.new('test.sqlite')
db.execute ('drop table if exists example') # clean up incase of multiple runs
db.execute('create table example (aval)')

require 'cgi'
cgi = CGI.new('html4')

a = cgi['a'][0]

a.sub!(/hi/, 'bye')
# to see expected behavior, replace the above with: a = a.sub(/hi/, 'bye')

puts "Inserting value a=#{a} into the database.\n"
sql = "insert into example (aval) values (?)"
db.execute(sql, a)

sql = "select aval from example"
val = db.get_first_value(sql)
puts "What was actually inserted into the database: #{val}\n"

> ruby z.rb
z.rb:7: warning: don't put space before argument parentheses
(offline mode: enter name=value pairs on standard input)
a=foohibyebar
z.rb:13:CAUTION! cgi['key'] == cgi.params['key'][0]; if want Array,
use cgi.params['key']
Inserting value a=foobyebyebar into the database.
What was actually inserted into the database: foobyebyebar