before_filter :login_required
@session[‘user’] ||= {‘login’ => ‘guest’}
if @session[‘user’].login.downcase != “mohammad” || “nick”
redirect_to :controller => ‘login’
end
what’s wrong with this I need this is an admin area is there an eaiser
way to do this? Or an error proof way.
There are a lot of things wrong with this!
On 12/07/2006, at 8:34 AM, Nick wrote:
before_filter :login_required
@session[‘user’] ||= {‘login’ => ‘guest’}
First of all, @session is deprecated. Use session instead.
Second, you can’t just substitute a hash in place of an object like
this. They don’t work the same way.
if @session[‘user’].login.downcase != “mohammad” || “nick”
I think you mean:
login = session[:user].login.downcase
if login != ‘mohammed’ && login != ‘nick’
…
This will fail if you try putting a hash into session[:user] like you
did above, because you’d then need to do session[:user][‘login’]
rather than session[:user].login.
redirect_to :controller => ‘login’
You probably want to put a return in here to make sure the rest of
the method doesn’t get executed.
So, tying this all together and cleaning it up, you probably really
want something like:
login = session[:user] && session[:user].login.downcase
unless [‘mohammed’, ‘nick’].include?(login)
redirect_to :controller => ‘login’
return
end
Cheers,
Pete Y.
http://9cays.com/
This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.
Sponsor our Newsletter | Privacy Policy | Terms of Service | Remote Ruby Jobs