I have the following form
<%= form_for :key, url: unblock_keys_path, :html => {:method => :get} do |f| %>
<%= f.text_field :value %>
<%= button_to "Unblock", method: :get %>
<% end %>
Which works fine when I enter key values in the text box. But i want the user to be able to access the endpoint directly from the url as well.
Right now the params this request generates are:
{"utf8"=>"✓", "key"=>{"value"=>"x0vdPYWb9nAfyNjFS-UAGQ"},
"authenticity_token"=>"+Oi45DHYpPAiNbKrw5kNjWMVrQgCyLsBkhVb7huB0dr+xm/oKXxzTShajVUYEWxl9qlFLfjWsP4C4JM30DTGoA==",
"controller"=>"keys", "action"=>"unblock"}
url: http://localhost:3000/keys/unblock?utf8=✓&key%5Bvalue%5D=x0vdPYWb9nAfyNjFS-UAGQ&authenticity_token=%2BOi45DHYpPAiNbKrw5kNjWMVrQgCyLsBkhVb7huB0dr%2Bxm%2FoKXxzTShajVUYEWxl9qlFLfjWsP4C4JM30DTGoA%3D%3D
I want to be able to access localhost:3000/keys/unblock?<key_value>
What changes do I need to make in my request and routes?
This localhost:3000/keys/unblock?<key_value> is not a valid url*. The ? denotes the start of the params, and then everything after that needs to have the form "name=value", joined with "&".
Do you mean localhost:3000/keys/unblock/<key_value>?
If so then add a route like
get '/keys/unblock/:value', to: 'keys#unblock'
This will send eg /keys/unblock/foo to your unblock action, with params[:value] = "foo"
*note - technically it's not illegal, but it's poorly formed and almost certainly not what you want to do.
Related
I have a rails-simpleform that looks like this:
=simple_form_for :search, url: search_path(:search), method: :get do |f|
= f.input :q
= f.submit 'Search'
When I want to retrieve the input I have to access it with:
params[:search][:q]
Is it somehow possible to build the form in a way, that the parameters aren't nested under params[:search]? So that I can access them directly through params[:q]? I understand that this only makes sense if there is only a single input for a form.
CONTEXT:
What I'm trying to do is to allow the user to either search through the search-form described above or through a short-url(myapp.com/search-text).
form_for (or simple_form_for) creates a form associated to a model object. The params passed to the controller add the model name as a key in the hash (params[:search][... fields_in_the_form ...]).
form_tag simply creates a form and it is not associated to any model. It does not add any key to the params hash except for the fields in the form. So this is a usual method to create search forms.
<%= form_tag(search_path, method: :get) do %>
<%= text_field_tag :term, params[:search] %>
<%= submit_tag 'Search', name: nil %>
<% end %>
Then you can use params[:search] in the controller.
Finally, to use myapp.com/search-text you should use route globing (http://guides.rubyonrails.org/routing.html#route-globbing-and-wildcard-segments) defining your route as:
get '*search', to: 'static_pages#search'
The StaticPagesController#search method will receive params[:search] with anything after myapp.com/. Note: this should be your last route, as it matches anything.
I need to submit a form to an external URL, so I have this:
form_for(#task, :url => "https://www.external.com/Submit") do |f|)
<%= f.hidden_field :assignmentId, :value => #assignment %>
<%= link_to image_tag(#imagelocation) %>
....
I am using form_for, because I need to access to my controller variables.
The external server looks for a param, assignmentId. When the form is submitted, the param is actually available as
params[:task][:assignmentId]
which fails to pass validation on the external server.
How do I resolve this? How do I access variables from my controller and pass 'naked' params to the external server?
[edit] Here's what the submit params looks like
utf8=%E2%9C%93&_method=put&task%5BassignmentId%5D=2LVQ39Z0B6UWI8NXYWJTYRKGQXIMXN&task%5Boutput%5D=carpet&commit=Post
I want it to not have the task referenced.
Use hidden_field_tag instead of f.hidden_field. Btw, if you want this field to store assignment's id, you should use #assignment.id, not just #assignment.
<%= hidden_field_tag :assignmentId, #assignment.id %>
I have this form:
<%= form_tag posts_path, :method => :get, :class => "search_nav" do %>
<%= text_field_tag :search, params[:search], :class => "input-long search-query", :placeholder => "#{t('.search_nav')}" %>
<%= hidden_field_tag('ip', "#{request.ip}") %>
<%= hidden_field_tag('city', "#{request.location.city}") %>
<%= hidden_field_tag('country', "#{request.location.country}") %>
<%= content_tag(:div, "",:class => "icon-search") %>
<% end %>
I get a url something like:
http://localhost:3000/en/posts?utf8=%E2%9C%93&search=check+params&ip=127.0.0.1&city=&country=Reserved
My question is:
Can I hide or encrypt the url params ip, city and country?
I can not use POST because I have paginate results:
<a rel="2" href="/en/posts?city=&country=Reserved&ip=127.0.0.1&page=2&search=check+params&utf8=%E2%9C%93">2</a>
<a rel="3" href="/en/posts?city=&country=Reserved&ip=127.0.0.1&page=3&search=check+params&utf8=%E2%9C%93">3/a>
Encrypting URL parameters is pretty pointless. Why don't you want the user to see these values? Sure you COULD encrypt them before adding them to the form, but is that really necessary?
Furthermore, and perhaps more importantly, if these values are based on the request, then there is a good chance you don't need to submit them in the first place. #{request.xxx} is going to be the same on the result page as is on the form page. Is there any good reason to pass these along? By submitting these as GET parameters, you're actually sending redundant information to the server. Ruby/Rails is already going to calculate these values based off of the IP address automatically when the next page is loaded.
The problem here isn't with the form, but rather with the logic you've applied to designing it. I think you may have over-analysed your situation, and need to take a step back and re-think the problem.
If you have a post action to "do_something/:id" => :start (say with a named route 'start'), how do you create a form_tag that submits the :id based on a select_tag selection by the user ?
Assuming you aren't using resources.
The issue is that you have a post action, however you want to set a GET variable via a form submission(that has to use POST).
You can make the form make a GET request, like so:
<%= form_tag(start_path, :method => "get") do %>
<%= select_tag "id", "<option>1</option><option>2</option><option>3</option><option>4</option>" %>
<% end %>
I have a single text box form on my home page (/).
Right now the way my Rails routes is set up, when I submit this form, it takes me to /search, but it doesn't publish the query string in my url.
In other words, when I enter in "hello" in that form and press submit, I want to end up at "/search?query=hello". I know that "hello" is in params[:query], but how do I get Rails to publish that query string in the landing page URL after I submit the query?
I read the Rails routes guide but that talks about incoming query strings in the URL, not Rails publishing the URL with the query string visible.
Thanks.
My form tag so far:
<% form_tag(:controller => "search", :action => "search", :method => :get) do %>
<%= text_field_tag 'query' %>
<%= submit_tag "Search"%>
<% end %>
If I do this, I get /search?method=get, but what I would like to see is /search?query=foo.
You just need define a form with get method instead of post
<% form_tag search_url, :method => :get do %>
<%=text_field_tag :search %>
<%= submit_tag %>
<% end %>
Make sure that your form's method (as shown in the HTML page that a client would see before submitting the form) is GET not POST. With POST, the params[:query] is hidden from the user (this is often used for login forms, forms that would submit credit cards or other sensitive information). But if you want the query to show in the URL, you need to use the GET method. Rails itself isn't responsible for this behavior, it's all on the web browser's side.