Attr_reader not being read?

I have this model that holds search parameters accross pages:

class Search < User
attr_reader :min_age, :max_age

for a form:

<% age_list = (0…99).collect {|x| [x,(]} %>
<%= select ‘search’,‘min_age’, age_list %>

<%= select ‘search’,‘max_age’, age_list.reverse %>

then in the search controller I have:

class SearchController < ApplicationController

def simple
if params[:search]
@search =[:search])
session[:search] = @search
@search = session[:search]

    @results = User.find(:all,
			    :conditions => [":min_age < year(birthday) < :max_age",

{:min_age => min_age, :max_age => max_age}])


for some reason I’m getting

"NoMethodError in Search#simple

undefined method `min_age=’ for #Search:0x23da2cc"

as if min_age weren’t defined… what could be causing this?



I think you’re okay up to the point where you do

{:min_age => min_age, :max_age => max_age}])

Because you’re doing assignments, :min_age and :max_age need to be
writable. attr_reader does not generate an assignment method of the
form described in the NoMethodError message. If you’ll look closely
at the method name referenced there, you’ll see the “=” appended to

Long story short – change your “attr_reader” declaration to use
“attr_writer” and your code should work as you expect.


David, many thanks for the thorough explanation. using attr_accessor
did the trick, and I understand better how these attribute setters

I’ve read up on the article you sent, and am now using
‘attr_accessible’ for the attributes being searched for, from what I
understood this would be the most secure way correct?

2005/11/28, David R. [email protected]:


After further review, I wanted to correct and clarify a couple of
things. The problem is related to the the writability of your
attributes, but it’s not in the line I cited. That line is just
setting the values of the parameters used in the SQL query that does
your find(). It’s when you call[:search]) that
you’re getting the complaint about the undefined method. This form of
new() is a shortcut for assigning values to all attributes that have
corresponding parameters in the inbound request. You can still change
the declaration of your attributes, but you probably want to change
them (in the simplest case) to “attr_accessor”, instead of
“attr_reader” or “attr_writer”. attr_accessor generates both read and
write methods. If you change them to attr_writer, you’ll be able to
write to the attributes but not read from them (the converse of the
problem you’re having now).

Keep in mind that there are some implications for the security of
your data when you use the shortcut method for assigning attributes
from request parameters.
has some good information on this topic.


It’s more secure, in the sense that it gives you explicit control
over which attributes can be set automatically from forms. Any
attributes declared as attr_accessible are still subject to the same
kinds of attacks described in that article. If your app needs more
security, you’ll need to take even more control and set attributes by
calling the setter methods directly (say, after you do your own
validation), rather than letting them be set automatically by the
new / initialize methods.

Glad I could help. :slight_smile:

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs