How to hide the id pass from controller in rails? - ruby-on-rails

localhost:3000/c_g/edit_items?id=1
Hi..i have a problem to route the system. I dont want to show the id=1 that pass from view to controller for security issue. So how to hide it? so it will be like this
localhost:3000/c_g/edit_items

Based on this post it looks like you might want to explore doing it as a POST. Alternatively you could try the friendly_id gem and go for some sort of obfuscation. A simpler form of that is suggested by this post but again it is more obfuscation than full omission.

Related

How to create a custom route for show action in rails 5?

I have a model 'Item'. It all works fine, however am not completely satisfied with its show path. I want to use certain parameters from items table to construct a more SEO friendly url. So here is my question..
How can I change my Show action url
from
'mysite.com/items/1'
to
'mysite.com/items/item-name/item-city/item-id' where item-name, item-city, and item-id are dynamic for each specific item.
Is it possible to achieve this without a gem? if yes, how? If no, which gem would you suggest to achieve this in simplest way?
Thanks
One approach to this problem is to use route globbing:
http://guides.rubyonrails.org/routing.html#route-globbing-and-wildcard-segments
You should be able to do something like this:
get 'items/*names/:id', to: 'items#show', as: :item_names_path
And put whatever you want in *names. This would take a little experimentation to get it right. I might add a method to item to create the names array.
def names
[city.name, name].uniq.compact
end
Then I believe you would call item_names_path(#item.names, #item)
You can do something relatively simple and stays true to Rails by adding a to_param method to your model like so:
def to_param
"#{id}-#{name}-#{city.name}"
end
What this does is every time you use a method like the item_path, it will use the #item.to_param method (this is what it does now, and returns :id). Generating the normal route, but replacing the :id param with the SEO friendly one.
And, on the other end, when you go to find(params[:id]) in the controller in your show, edit, delete, or update actions, it will to a to_i on it and turn it back into an id. This is what it does now, but to_i on an int is still an int.
Your urls will look something like
/items/56-boston-itemname
The other benefit to this, if you happen to change the item name or the city name, it will change all the urls appropriately, but old urls that were sent in email will still work.

Rails get Model :id via Post

I am looking for a way to access a model via its :id.
My project looks like this:
First someone can register himself in a form. Then he gets forwarded to a page where he can edit the things he entered. Now I do not want that you can see something in the URL.
Edit:
I was maybe a little unclear:
There is a form, where you can enter some things. After you submitted those things, you will be forwarded to another page with an URL like 'www.example.com/entry'. There I want to show what the person entered. And I do not want an URL like 'www.example.com/entry?id=12'
I hope that clarified some things
Your answer is a bit lacking in details, so I'll do my best here. Essentially, if you do not want to display the url parameters, then you will have to use the post HTTP method to submit your forms (which you should be doing anyway).
In your routes.rb file, you'll need to define your route to look something like this:
post 'route', to: 'controller#action'
Data submitted via the post method is typically submitted via a form. I would recommend using rails conventions like:
the rails form_for helper --> more details
resources since they typically give you the routes you want. To modify your routes beyond the defaults, I'd advise looking at the rails routing guide.

Ruby on Rails - Call controller method from a view

Sorry, I have a Rails newbie question. In my Rails application, how can I call a method defined in my controller from the view? For example, let's say I wrote a custom method that retrieves stock information. In my view, I want to have a regular HTML button, that upon clicking, will call my custom method and populate the stock results.
How is that done? I've looked around and couldn't find a straightforward way to do this. But I'm sure I'm missing something here.
Edit: I took the question by its title which wasn't what the question was. The answer to the title of your question is at the bottom
What you want is an ajax request, which is a separate controller action. You'll need:
javascript to request a route and populate its DOM object when the button is clicked
an action that returns whatever the ajax request was asking for
There are many ways to do this, but if you search for "howto rails ajax" you'll find a gazillion tutorials to help you on your way. One way that I like is called pjax: https://github.com/rails/pjax_rails
Old answer...
Declare a helper_method, like so:
In your controlller:
private
def find_stock
...
end
helper_method :find_stock
In your view:
<% find_stock.each do |stock| -%>
Documentation: http://api.rubyonrails.org/classes/AbstractController/Helpers/ClassMethods.html#method-i-helper_method
You can check the documentation for the button_to view helper
This is one way, of course, you could use the remote option to do this via an AJAX request.

Rails search/checkbox logic

I am trying to create some search function.
I do want users to be able to check checkboxes.
When the form submitted the ID of the companies should be send as params to a given URL.
In my controller i need to create some search action, I just dont know how to params are gonna be.
def search
#companyies = Company.find(find all the companies that match the params)'
end
How should I create the checkbox loop?
How should I create the search action?
Regarding the use of check boxes, this might be of some help to you.
A Railscast by Ryan Bates
Instead of rolling your own search system, you may have better luck using something like searchlogic that does most of this for you.

Stack Overflow-like URL routes in rails 3

So I want my app to generate routes like stack overflow
questions/:id/:title
How can I do this in rails?
Please note that:
http://stackoverflow.com/questions/4434266/stack-overflow-like-url-routes-in-rails-3
http://stackoverflow.com/questions/4434266/
http://stackoverflow.com/questions/4434266/you-can-put-wathever-you-want-here
Are the same. I guess stackoverflow just does that in order to provide some context if you see just the link there.
So, your route would be just this one:
http://stackoverflow.com/questions/4434266/
which should be something like:
http://stackoverflow.com/questions/:id
You can ignore the rest of the url
This is what I was looking for:
http://norman.github.com/friendly_id/file.Guide.html
hope this can help others!
Everything you could ever want to know about routes: http://guides.rubyonrails.org/routing.html
Take a look specifically at http://guides.rubyonrails.org/routing.html#static-segments. What you want to do is create a route that maps to the controller and passes the question id and title as paramaters. Then your controller action will grab that information and render the correct view. The title attribute has to be accessible in your controller, it can't be only accessible in your view.

Resources