I have created a page were users can make a rating for a product and add
this to a database, but when they do this the correct way teh item name
is moved to the rating page and used in a text box.
I want to secure my program by stopping users from using this page if
the try to go to it directly without going through a product screen.
Below is what I was thing of:
if (:item_name == “”) then(
error
)else {
<% form_for(@rating) do |f| %>
Item name
<%= f.text_field :item_name %>
Comment
<%= f.text_area :comment %>
Seller rating
<%= f.text_field :seller_rating %>
Advert rating
<%= f.text_field :advert_rating %>
<%= f.submit "Create" %>
<% end %>
<%= link_to ‘Back’, ratings_path %>
)
i cannot get anything like this to work though.
Here is the controller if it helps:
def new @rating = Rating.new
if params[:product_name] @rating.item_name = params[:product_name]
end
respond_to do |format|
format.html # new.html.erb
format.xml { render :xml => @rating }
end