Help me with query string parameters (Rails)

Posted by Martin Petrov on Stack Overflow See other posts from Stack Overflow or by Martin Petrov
Published on 2011-01-02T16:37:30Z Indexed on 2011/01/02 16:54 UTC
Read the original article Hit count: 127

Filed under:
|

Hi, I'm creating a newsletter.

Each email contains a link for editing your subscription:

<%= edit_user_url(@user, :secret => @user.created_at.to_i) %>

:secret => @user.created_at.to_i prevents users from editing each others profiles.

def edit
  @user = user.find(params[:id])
  if params[:secret] == @user.created_at.to_i
    render 'edit'
  else
    redirect_to root_path
  end
end

It doesn't work - you're always redirected to root_path.

It works if I modify it like this:

def edit
  @user = user.find(params[:id])
  if params[:secret] == "1293894219"
  ...

1293894219 is the "created_at.to_i" for a particular user.

Do you have any ideas why?

© Stack Overflow or respective owner

Related posts about ruby-on-rails

Related posts about query-string