ruby on rails - Developing a RoR application with "levels" of difficulty -


I am creating an ROR application with different levels of "difficulty". The site is purposely designed to hack, so that students can better secure their web applications.

At every growing level of difficulty, cleanliness / security checks will be slightly more advanced. As an example for SQL injection:

  • Start - just insert ' and you break into RAW SQL
  • Intermediate - The insert breaks in 'RAW SQL' , but some special words (such as drop, altter, etc.) are "blocked" ...
  • Advanced - Username & amp; The password has been completely cleaned up, but unsafe for attacks from a different charset, etc. ...

    What is the best way to code it in pig? Right now, I am using a (horrible) pattern like: 

      if level == 1 # code for the initial Elsef level == 2 # for the # intermediate code and advanced end Code for   
     This happens several times :( What is the best way to apply this type of pattern?   
     
     
     It seems like a good place to use capricading, using the module inside Lib / ./ / / / P> 
     One < Code> customer.              # /app/models/client.rb class client & lt; ActiveRecord :: base def foo # default and / or "easy" implementation end-end # /app/controllers/client_controller.rb class client controller & lt; ApplicationController Def bar # default and / or "easy" implementation end end   
      client.rb  and  client_con The moneypatch for troller.rb  that 'medium' difficulty can be placed inside the  / lib / medium  module:  
      # / lib / media / Modules / client_patch.rb class Client def foo # end of end implementation of the # /lib/medium/controllers/client_controller_patch.rb class Client controller def bar # End of the medium implementation end   
     A file that contains all the patches will be required, a simple solution would be a simple file like this:  
      # / lib / mediaium.rb to 'Medium / Model / Client' Ntpatch 'is required ...' medium / controller / client_controller_patch 'is required>  
     so you can get it from the starter:  
      # / Config / initializers / difficulty.rb # requires' easy 'medium' # 'trick'   
     You can then launch three different instances of application The code will be shared with the exception of one difficulty, one on the hard, and with the difficulty of one hard on the middle. RB initiator (and I think the database also requires separate configuration files, log files etc).

Comments

Post a Comment