Adding attributes help

lothcat

OK, so, now that I have that figured out, I'd like to know if there's a way to tell if a face is vertical or horizontal. It seems like face.plane would do that, but I've found frustratingly little about how plane works.

I'm not sure of the board etiquette. Should I post this question as a new topic, or is this OK?

TIG

@lothcat said:

OK, so, now that I have that figured out, I'd like to know if there's a way to tell if a face is vertical or horizontal. It seems like face.plane would do that, but I've found frustratingly little about how plane works.
I'm not sure of the board etiquette. Should I post this question as a new topic, or is this OK?

If it stops here no new topic needed... but if you want to talk about faces some more make a new topic...
Rather than face.plane try face.normal - that's the vector perpendicular to a face.
So if face.normal==Z_AXIS [or [0,0,1]] it's facing vertically up or face.normal==Z_AXIS.reverse [or [0,0,-1]] if facing straight down.
To test it a face is 'vertical' try if face.normal.z==0 - that is true as the normal has no element in the vertical [z].
With a bit of thought you can contrive other tests - e.g. if face.normal.y.abs != 1 is true if the normal doesn't face exactly in either of the Y/green axes direction - i.e. it faces in any direction except directly to the front or back...

lothcat

Thank you!

eneroth3

@dan rathbun said:

No don't do that [make a hash into an array], you lose your keys!
Make your hashes into strings with hashstr = hash.inspect()
Save the hashstr into the dictionary.
To read, get the hashstr from the dictionary.
Then hash = eval(hashstr) to convert it back.

I really wouldn't save a ruby string as an attribute and later eval it. It opens up for code injection and lets people run whatever malicious code they want on someone else's computer just by sending them a model made to take advantage of this vulnerability and wait for the moment where eval is called.

tt_su

@eneroth3 said:

I really wouldn't save a ruby string as an attribute and later eval it. It opens up for code injection and lets people run whatever malicious code they want on someone else's computer just by sending them a model made to take advantage of this vulnerability and wait for the moment where eval is called.

+1 eval = evil

driven

@unknownuser said:

'he's good bad', but he ain't evil!

I tend to agree with this**[anchor= goto=http://www.infoq.com/articles/eval-options-in-ruby:2ingvk9h]article[/anchor:2ingvk9h]**...

eval has it's uses, that's why it's there...
john

eneroth3

@driven said:

@unknownuser said:

'he's good bad', but he ain't evil!

I tend to agree with this**[anchor= goto=http://www.infoq.com/articles/eval-options-in-ruby:13hbt2pf]article[/anchor:13hbt2pf]**...

eval has it's uses, that's why it's there...
john

There are cases where it's fine to use. I use it myself in my attribute editor plugin for instance to let people assign things such as 1.m or Sketchup.active_model.selection.first.length to an attribute. However executing code saved in a model opens up for people to forge an evil model that causes the code to be executed without the user knowing about it.

Also arrays are allowed and can be used instead of hashes when it comes to just serializing data.

slbaumgartner

I agree with Julia. Using eval is a bit like owning a pet tiger: you have to be careful what you put in the cage with it!

tt_su

Yea, like you wouldn't feed raw user data to your database, you don't want to feed user data to eval. (I consider anything read in from the system or file to be "user data"). Validate and sanitize - this is the stuff you want to find a library that has solved all the edge cases for you.