How hidden field


#1

Dear all,

i wrote script in view like this,
<% form_for :seq do |form| %>

Source Information


User ID
<%= form.text_field :user_id, :value => session
[:user_id],:size=>10 %>
<% end %>

and i want hide this field to user but i want value= session[:user_id]
to insert database automatically
how i do?
thank you


#2

Change form.text_field for form.hidden_field, see


for more options.

Regards.

Franco C…


#3

Just make sure you don’t create a security hole where a “bad user”
could change the hidden user_id to create problems for the
application.


#4

Just as long as you know that users can EASILY change values you put
into hidden fields… so If they can mess up the system, somebody
will.

If you need to protect against that (and don’t want to store this
stuff in the session which is where I’d put it) then ALSO include a
hash of the hidden value + a secret value to protect against changes.

Brendon.


#5

thank you so much
i use form.hidden_field .it’s work
-_-

2009/5/6 Brendon removed_email_address@domain.invalid