Today I Learned

To prevent SQL injection in Node.js, use parameterized queries with a database library, such as pg for PostgreSQL or mysql2 for MySQL.

Example using pg for PostgreSQL:

const { Client } = require('pg');

// Bad: Concatenation (vulnerable to SQL injection)
const insecureQuery = `SELECT * FROM users WHERE username = '${inputUsername}'`;

// Good: Parameterized query (prevents SQL injection)
const secureQuery = 'SELECT * FROM users WHERE username = $1';
const values = [inputUsername];

const client = new Client();
client.connect();

client.query(secureQuery, values, (err, result) => {
  // Handle the query result
  client.end();
});

By using parameterized queries, you avoid directly interpolating user input into SQL statements, reducing the risk of SQL injection.

pointer-events

CSS

The pointer-events CSS property is used to control under what circumstances an element can trigger user interface events like mouse clicks and hover. It allows you to control the visibility and interaction of elements on the page.

The pointer-events property can take the following values:

auto: The element behaves as normal. It is subject to mouse events according to its CSS styling.
none: The element is completely transparent to mouse events. It will not block any interactions with elements beneath it, effectively making it "click-through."

This property is beneficial when you want to overlay an element on top of another but still want the underlying element to receive mouse events. It provides a way to flexibly control layered elements' interaction behavior.

Removes whitespace from both ends of a string.

Ruby

" Hello world ".strip # => "Hello world"

Clear sidekiq queue

Sidekiq

Deletes all Jobs in a Queue, by removing the queue.

Sidekiq.redis(&:flushdb)

process.nextTick()

Javascript

process.nextTick() is a function in Node.js designed to schedule a callback function to be invoked in the next iteration of the event loop.

It allows a callback to be executed immediately after the current operation but before the event loop continues. This makes it useful for ensuring that certain tasks, especially related to the execution context or I/O, are deferred until the next tick of the event loop. It is often used to break down large asynchronous operations into smaller, more manageable chunks.

Modulus Operation

So the operation

(3 - 10) % 27

result in 20, because when you insert a negative number in the first operand the modulus return a positive result changing this

-7 % 27

to this

-7 + 27

resulting in 20

Minimize shorcut in mac

Shorcut

Using the following command, you can minimize any app on your Mac

cmd + m

Display logs from any branch

Git

With this command, you can check the commit logs in another branch of your project. It's very useful when other coworkers push changes to the main branch.

case main branch: git log -g main

Show content inside a specific stash.

Git

git stash show -p stash@{0}

split tabs in vs code

Shorcut

When coding across multiple tabs and needing to split your screen to work on another file, use this command:

ctrl/cmd + \

Isomorphic JavaScript

Javascript

Isomorphic JavaScript works in the context of a single-page application (SPA). In a typical SPA, most of the application logic, including routing, is encapsulated in a bundled JavaScript file that is sent to the client. While this frees up the server, as it does not have to handle so many requests, it also makes the initial load slow for the client, as the entire application needs to be sent over to the client.

With Isomorphic JavaScript, when a client web page is first requested from the server, the view of the page is generated on the server, similar to server-side dynamic web pages, and sent over to the client. The client can then render the view immediately. After the initial view is rendered, the complete SPA is downloaded in the background, and subsequent actions are handled client-side.

Use the html_safe method to mark a string as 'safe' HTML content.

Ruby On Rails

In certain instances, when sharing content via Rails view using I18n and incorporating specific HTML instructions, such as the requirement to set a string in bold, we follow this approach:

# config/locales/en.yml
en:
  homepage:
    services:
      title: "This is the <strong>example</strong>"

in this case should use the html_safe method in views like:

 <h1><%= t(:title, scope: %w[homepage services]).html_safe %></h1>

with this implementation, any HTML tag can work effectively.

Surf over tabs in chrome

Shorcut

Is possible to navigate over tabs in a custom panel with this shortcut:

ctrl/cmd + shift + a

JS Regular Expressions

Javascript

If you want to validate a field in js for example a password field, you can use the regex, is a sequence of characters that forms a search pattern
I have the pwdField
and my const to test is const validPwd = /^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[$@$!%*?&])([A-Za-z\d$@$!%*?&]|[^ ]){8,}$/;

Min 8 characters
at least one uppercase or lowercase letter
contains $@$!%*?&

You can use the test method to validate the field.
Example:

    const getPwdAndValidate = (pwdField, pwdField2) => {
    const validPwd = /^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[$@$!%*?&])([A-Za-z\d$@$!%*?&]|[^ ]){8,}$/;
        if (pwdField === pwdField2 && validPwd.test(pwdField) && pwdField.length >= 8) {
            return pwdField;
        } else {
            return null;
        }
    };

:back symbol

Ruby On Rails

The :back symbol in Rails is often used to generate a URL that represents the previous page or location the user came from. It's commonly utilized in conjunction with methods like redirect_to redirecting users back to where they were before performing a specific action.

Here's a brief explanation:

- Usage with redirect_to you can use :back with the redirect_to method to send the user back to the previous page:

redirect_to :back

- Usage with Links, You can also use :back as the path in a link to create a "Back" button or link:

<%= link_to 'Back', :back, class: 'btn btn-primary' %>