Help me with query string parameters (Rails)
Posted
by
Martin Petrov
on Stack Overflow
See other posts from Stack Overflow
or by Martin Petrov
Published on 2011-01-02T16:37:30Z
Indexed on
2011/01/02
16:54 UTC
Read the original article
Hit count: 127
ruby-on-rails
|query-string
Hi, I'm creating a newsletter.
Each email contains a link for editing your subscription:
<%= edit_user_url(@user, :secret => @user.created_at.to_i) %>
:secret => @user.created_at.to_i prevents users from editing each others profiles.
def edit
@user = user.find(params[:id])
if params[:secret] == @user.created_at.to_i
render 'edit'
else
redirect_to root_path
end
end
It doesn't work - you're always redirected to root_path.
It works if I modify it like this:
def edit
@user = user.find(params[:id])
if params[:secret] == "1293894219"
...
1293894219 is the "created_at.to_i" for a particular user.
Do you have any ideas why?
© Stack Overflow or respective owner