Help me with query string parameters (Rails)

Posted by Martin Petrov on Stack Overflow See other posts from Stack Overflow or by Martin Petrov
Published on 2011-01-02T16:37:30Z Indexed on 2011/01/02 16:54 UTC
Read the original article Hit count: 124

Filed under:

ruby-on-rails

|

query-string

Hi, I'm creating a newsletter.

Each email contains a link for editing your subscription:

<%= edit_user_url(@user, :secret => @user.created_at.to_i) %>

:secret => @user.created_at.to_i prevents users from editing each others profiles.

def edit
  @user = user.find(params[:id])
  if params[:secret] == @user.created_at.to_i
    render 'edit'
  else
    redirect_to root_path
  end
end

It doesn't work - you're always redirected to root_path.

It works if I modify it like this:

def edit
  @user = user.find(params[:id])
  if params[:secret] == "1293894219"
  ...

1293894219 is the "created_at.to_i" for a particular user.

Do you have any ideas why?

© Stack Overflow or respective owner

Related posts about ruby-on-rails

Ruby on Rails - How can I start? [closed]

as seen on Programmers - Search for 'Programmers'
I have misconception in understanding the relationship between Ruby language and Ruby on Rails Framework. Because of 'I am an absolute beginner' in web development I have no idea if I have to grasp the fundamentals of Ruby before I go with Ruby on Rails! I also want to ask who is behind both Ruby… >>> More
DES3 decryption in Ruby on Rails

as seen on Stack Overflow - Search for 'Stack Overflow'
My RoR server receives a string, that was encrypted in C++ application using des3 with base64 encoding The cipher object is created so: cipher = OpenSSL::Cipher::Cipher::new("des3") cipher.key = key_str cipher.iv = iv_str key_str and iv_str: are string representations of key and initialization… >>> More
Ruby on rails: Image downloads with Authentication/Authorization/Time outs

as seen on Stack Overflow - Search for 'Stack Overflow'
Hi Guys, I'm having few doubts on implementing file downloads. I'm creating an app where I use attachment_fu with Amazon s3 to upload files. Things are working pretty well so far on uploading side. Now its the time to start the file downloads. Here is what I need, a logged in user search and browse… >>> More
Ruby on Rails deployment, on "thin" server with lot of attachments

as seen on Stack Overflow - Search for 'Stack Overflow'
A lot of PDFs are stored inside MySQL as a BLOB field for each PDF file. The average file size is 500K each. The Rails app will stream the :binary data as file downloads, where there is a user click on the download link. Assume there is a maximum of 5 users downloading 5 PDFs concurrently, what… >>> More
Apply Behavior Driven Development to Ruby on Rails with Rspec

as seen on Internet.com - Search for 'Internet.com'
Applying the Behavior Driven Development (BDD) methodology to your Rails development takes you beyond traditional Test Driven Development. Learn how to do it with the Ruby-based BDD framework RSpec. >>> More

Related posts about query-string

Redirect from URL with QueryString to the same URL without QueryString

as seen on Stack Overflow - Search for 'Stack Overflow'
I have a page request with a QueryString, say http://www.xyz.net/Orders.aspx?OrderID=1. The page is displayed in a browser. Now there is an asp:LinkButton on the page which should enable the user to open the page without the QueryString (as if he had entered http://www.xyz.net/Orders.aspx directly… >>> More
Understanding Request Validation in ASP.NET MVC 3

as seen on ASP.net Weblogs - Search for 'ASP.net Weblogs'
Introduction: A fact that you must always remember "never ever trust user inputs". An application that trusts user inputs may be easily vulnerable to XSS, XSRF, SQL Injection, etc attacks. XSS and XSRF are… >>> More
How to get full query string parameters not UrlDecoded

as seen on Developer IT - Search for 'Developer IT'
Introduction While developing Developer IT’s website, we came across a problem when the user search keywords containing special character like the plus ‘+’ char. We found it while looking for C++ in our search engine. The request parameter output in ASP.NET was “c “.… >>> More
Query String to Object with strongly typed properties

as seen on Stack Overflow - Search for 'Stack Overflow'
Let’s say we track 20 query string parameters in our site. Each request which comes will have only a subset of those 20 parameters. But we definitely look for all/most of the parameters which comes in each request. We do not want to loop through the collection each time we are looking for a particular… >>> More
How to eliminate "else-if" statements.

as seen on Stack Overflow - Search for 'Stack Overflow'
My function get QueryString from some Web page as a string. I need to parce it, to check, what strategy i must use. Now my code looks ugly (i think so): public QueryStringParser(string QueryString) { if (string.IsNullOrEmpty(QueryString)) { this._mode… >>> More