This is probably simple, but I've tried a few things and couldn't find a way to make it work.
I would like to update a model with custom information given in a form_for
To make it more concrete, I'm on the show page for a particular instance of MyClass and I would like to pass something like the string "yay" into the controller, and then do as I please with the input. Maybe pass it back to the page as a flash message, or maybe modify the contents and then store it as a field of the MyClass instance.
I can write form_for's that contain the attributes of MyClass without prbolems, but it seems that other fields throw an error.
How do I write the form_for so that I can accomplish one of the two above scenarios?
def update
#my_class = MyClass.find(params[:id])
flash[:notice] = "This works" # but what can I write in a form for for it to be a variable that's passed in?
#rest of the update
end
Form helpers that unitize a form builder instance (like f.text_field) expect a valid model attribute so it can generate the appropriate id and populate the field with data from the model. If you want to have form fields that do not correspond to model attributes, don't use the the standard f.text_field but instead use:
<%= text_field_tag 'my_custom_tag' %>
which should render something like:
<input type="text" id="my_custom_tag"></input>
When the form is submitted, the value of the input will show up in the params hash with a key of :my_custom_tag.
I hope this helps.
It seems that you would probably need a hidden_field in your form :
http://apidock.com/rails/ActionView/Helpers/FormHelper/hidden_field
However, if you wish to save some kind of state, which seems like this is what you want, you would never use that. Instead, you would use a session. The reason is that a hidden field can be manipulated by the client and thus security can easily be overridden.
Like Spyros said, a hidden field will give you the place. Assuming you are ok with the fact that a user can modify the URL, just add attr_accessor :foo to your model.
In the controller you can access it with bar = params[:foo] and do as you please.
Related
I am using a form to filter records with fields not linked to an AR object. When form is submitted, I want to show records and populate the form with previously entered values so the user can see filtering parameters.
Form example:
= form_tag businesses_path, method: 'get' do
.field
= label_tag :title, 'Title'
= text_field_tag :title, params[:title]
= button_tag do
'Submit'
I'm thinking of using params to populate form inputs but not sure if it's safe? Or maybe there is a better solution?
Since we're dealing with RESTful interfaces with Rails the params hash is in essence the data in the message between the front end (browser) and the back end. It is there to be used to relay data between the user front end and your controller at the back-end. The params hash is one of the most important and versatile tools in RoR.
From the Rails guide: http://guides.rubyonrails.org/action_controller_overview.html#hash-and-array-parameters
You will probably want to access data sent in by the user or other parameters in your controller actions. There are two kinds of parameters possible in a web application. The first are parameters that are sent as part of the URL, called query string parameters. The query string is everything after "?" in the URL. The second type of parameter is usually referred to as POST data. This information usually comes from an HTML form which has been filled in by the user. It's called POST data because it can only be sent as part of an HTTP POST request. Rails does not make any distinction between query string parameters and POST parameters, and both are available in the params hash in your controller:
So use the params hash; it is a sound method for caching user input and re-displaying it, as was your question.
Caveat
Of course, if you're displaying from the hash and not the database store itself, you may encounter data synchronization problems. But as far as your specific question, I'd say use the params hash without a second thought.
It's absolutely fine. Rails will sanitise anything on it's own. Just don't call params[:title].html_safe when you printing "raw" user input.
You can store that params in a instance variable in respective controller action like flowing in controller.
def test_action
#title = params[:title]
end
And then set #title as field value as flowing
= text_field_tag :title, #title
Relative newbie here to Ruby on Rails.
Using the standard form_for method in the view for my SomeobjController#new action
= form_for #someobj do |f|
.
.
.
%p.submits
= f.submit "Submit", :class => "submit"
a submission param[] array is produced that contains a hash of #someobj for all the fields set in the form, such that
param[someobj] => { "field1" => "val1", "field2" => "val2", ... }
I would prefer to put a different value, the result of someobj.to_s to param[someobj] for the SomeobjController#create to work with, such that
param[someobj] => "strvalfromtos"
I doubt it's relative, but just in case, the model underlying this #new action is not persistent in the database (i.e., Someobj is not derived from ActiveRecord::Base, though some portions of ActiveModel are included.)
I haven't had luck trying to adjust this until after #create is invoked, but its the submission from #new to #create that I want to amend. It's not clear to me if I should be focusing more on the form_for statement or doing something special in the controller (I'm guessing the form_for is the right focus).
And, yes, this whole thing is probably a bit OCD of me, but the actual fieldnames are long (appropriately for the model) but data needed by #create is very small.
Is there a relatively painless way to do this, assuming that someobj.to_s has already been written?
Many thanks,
Richard
Change
When you submit the form, your controller will receive the params hash, as you've stated (Rails params explained?)
That means you can change any value in the hash that you wish:
def create
#has access to the params hash
params[:owner][:key] = value
end
As the create method receives the hash object, you'll have to change it in here. But because it's a standard hash (which has already been declared), you should be able to alter it as required
Add
If you want to add values to the params hash, you can use the .merge method, like this:
def create
#has access to the params hash
params[:key].merge(user_id: current_user.id)
end
I currently have a form (using form_tag). One of the fields is a dropdown list of options. Each option value matches the name of a method in my controller. What I want to do is when the form submit button is clicked, it runs the controller method corresponding directly to the value selected in the dropdown field.
I've built a work-around right now, but it feels too verbose:
def run_reports
case params[:report_name]
when 'method_1' then method_1
when 'method_2' then method_2
when 'method_3' then method_3
when 'method_4' then method_4
else method_1
end
# each method matches a method already defined in the controller
# (i.e. method_1 is an existing method)
I had thought that it may work to use the dropdown option value to run the corresponding method in my controller through the form_tag action (i.e. :action => params[:report_name]), but this doesn't work because the action in the form needs to be set before the params value is set. I don't want to use javascript for this functionality.
Here is my form:
<%= form_tag("../reports/run_reports", :method => "get") do %>
<%= select_tag :report_name, options_for_select([['-- Please Select --',nil],['Option 1','method_1'], ['Option 2','method_2'], ['Option 3','method_3'], ['Option 4','method_4']]) %>
<%= submit_tag "Run Report" %>
<% end %>
Any suggestions?
Can I change my controller method to look something like this - but to actually call the controller method to run? I'm guessing this won't run because the params value is returned as a string...
def run_reports
params[:report_name]
end
WARNING: this is a terrible idea
You could call the method via a snippet of code like this in the controller:
send(params[:report_name].to_sym)
The reason this is a terrible idea is that anyone accessing the page could manually construct a request to call any method at all by injecting a request to call something hazardous. You really, really do not want to do this. You're better off setting up something to dynamically call known, trusted methods in your form.
I think you should rethink the design of your application (based on the little I know about it). You have a controller responsible for running reports, which it really shouldn't be. The controllers are to manage the connection between the web server and the rest of your app.
One solution would be to write a new class called ReportGenerator that would run the report and hand the result back to the controller, which would run any of the possible reports through a single action (for instance, show). If you need variable views you can use partials corresponding to the different kinds of reports.
As for the ReportGenerator, you'll need to be a little creative. It's entirely possible the best solution will be to have an individual class to generate each report type.
What I am trying to do is build a form in which the user fills some of the fields for a new Publication, and takes you to the New Publication action, with those fields already filled in, so the user fills the rest.
I got the controller part covered, but I cant find how to use form_for for this, as its not exactly associated to the model (only some of the necessary fields are in the first form).
you could do
form_tag new_publication_path()
Not necessarily the best way to do this, but you can hide some of the fields in the form depending on whether the model id is valid. For example (in haml):
- if #model.id #only shows up if the model has been saved.
= f.text_field :field_name, ...
This way you can use the usual new, and then when the model has been saved, just redirect to the 'edit' action and the rest of the fields show up.
I'm new to Ruby on Rails and i have an issue.
I have 2 forms which edit the same model, but in the update method I have to give a different JS response depending on the form which submitted.
How do I do that?
Just add a hidden input field to your form specifying where it comes from.
Then, in your controller, access this field through the params[:field_name].
Create the form by using something like:
<%= f.hidden_field :origin, :value => "this_form" %>
This will render as something like:
<input name="origin" type="hidden" value="foo"/>
In your controller, check which value this hidden field had, and use render to render your JS response (or whatever you specifically use). See Layouts and Rendering for more info.
if params[:origin] == "foo"
render ...
else
render ...
end
There are two different ways you could go about this:
You could put a hidden variable in the form and then check in the controller to see which form was submitted.
You could also have two different controller methods to handle the different behavior.
Without knowing more about your code it's hard to say which way would be cleaner.