From 0abf0da0016abc455145810d7060a10e0b56b0b6 Mon Sep 17 00:00:00 2001
From: Michael Koziarski <michael@koziarski.com>
Date: Sat, 31 May 2008 14:58:34 -0700
Subject: Don't provide the password with dbconsole unless explicitly opted in.

Some operating system configurations allow other users to view your process list
or environmental variables.  This option should not be used on shared hosts.

http://dev.mysql.com/doc/refman/5.0/en/password-security.html
http://www.postgresql.org/docs/8.3/static/libpq-envars.html
---
 railties/lib/commands/dbconsole.rb | 14 +++++++++++---
 1 file changed, 11 insertions(+), 3 deletions(-)

(limited to 'railties/lib')

diff --git a/railties/lib/commands/dbconsole.rb b/railties/lib/commands/dbconsole.rb
index b81997aa59..17acb7b68f 100644
--- a/railties/lib/commands/dbconsole.rb
+++ b/railties/lib/commands/dbconsole.rb
@@ -2,8 +2,13 @@ require 'erb'
 require 'yaml'
 require 'optparse'
 
+include_password = false
+
 OptionParser.new do |opt|
-  opt.banner = "Usage: dbconsole [environment]"
+  opt.banner = "Usage: dbconsole [options] [environment]"
+  opt.on("-p", "--include-password", "Automatically provide the database from database.yml") do |v|
+    include_password = true
+  end
   opt.parse!(ARGV)
   abort opt.to_s unless (0..1).include?(ARGV.size)
 end
@@ -31,10 +36,13 @@ when "mysql"
     'port'      => '--port',
     'socket'    => '--socket',
     'username'  => '--user',
-    'password'  => '--password',
     'encoding'  => '--default-character-set'
   }.map { |opt, arg| "#{arg}=#{config[opt]}" if config[opt] }.compact
 
+  if config['password'] && include_password
+    args << "--password=#{config['password']}"
+  end
+
   args << config['database']
 
   exec(find_cmd('mysql5', 'mysql'), *args)
@@ -43,7 +51,7 @@ when "postgresql"
   ENV['PGUSER']     = config["username"] if config["username"]
   ENV['PGHOST']     = config["host"] if config["host"]
   ENV['PGPORT']     = config["port"].to_s if config["port"]
-  ENV['PGPASSWORD'] = config["password"].to_s if config["password"]
+  ENV['PGPASSWORD'] = config["password"].to_s if config["password"] && include_password
   exec(find_cmd('psql'), config["database"])
 
 when "sqlite"
-- 
cgit v1.2.3


From 9b75483bf361f44046d1cb86bd2acae6c4f856f3 Mon Sep 17 00:00:00 2001
From: David Heinemeier Hansson <david@loudthinking.com>
Date: Sat, 31 May 2008 15:51:01 -0700
Subject: Added better error message for when the class name is already used
 (and dont show suggestions if there are none)

---
 railties/lib/rails_generator/commands.rb | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

(limited to 'railties/lib')

diff --git a/railties/lib/rails_generator/commands.rb b/railties/lib/rails_generator/commands.rb
index 03b7d354a6..08ecbfb5cf 100644
--- a/railties/lib/rails_generator/commands.rb
+++ b/railties/lib/rails_generator/commands.rb
@@ -380,12 +380,14 @@ HELP
           # Thanks to Florian Gross (flgr).
           def raise_class_collision(class_name)
             message = <<end_message
-  The name '#{class_name}' is reserved by Ruby on Rails.
+  The name '#{class_name}' is either already used in your application or reserved by Ruby on Rails.
   Please choose an alternative and run this generator again.
 end_message
             if suggest = find_synonyms(class_name)
-              message << "\n  Suggestions:  \n\n"
-              message << suggest.join("\n")
+              if suggest.any?
+                message << "\n  Suggestions:  \n\n"
+                message << suggest.join("\n")
+              end
             end
             raise UsageError, message
           end
-- 
cgit v1.2.3