Is there a way to differ if params are set through form submit:
<%= form_tag action: ‘login’, method: :put do %>
<%= text_field(‘record’,‘username’) %>
<%= password_field(‘record’,‘password’) %>
<%= submit_tag %>
or through url
http://some.site/login?record[username]=user&record[password]=pwd
In both cases they appear in controller as params[:record][:user] and
params[:record][:password]
The idea is to prevent the second scenario.
by
TheR
On 14 April 2013 17:13, Damjan R. [email protected] wrote:
In both cases they appear in controller as params[:record][:user] and
params[:record][:password]
The second one will appear as a GET, not a POST.
Colin
On Sunday, April 14, 2013 5:13:11 PM UTC+1, Ruby-Forum.com User wrote:
The idea is to prevent the second scenario.
If I only wanted an action to be accessible via the put method, I’d
setup the corresponding route(s) to enforce that for me (ie don’t use
match, use the verb you actually expect)
Fred
This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.
Sponsor our Newsletter | Privacy Policy | Terms of Service | Remote Ruby Jobs