I don’t want to reveal ‘agreed_to_disclaimer_at’ to users. What am I
doing wrong?
<%= link_to (‘Continue’, { :controller => ‘people’,
:action => ‘new’,
:post => true,
:agreed_to_disclaimer_at => Time.now},
:confirm => ‘I agree to terms.’) %>
<%= link_to (‘Continue’, { :controller => ‘people’,
:action => ‘new’,
:method => ‘post’,
:agreed_to_disclaimer_at => Time.now},
:confirm => ‘I agree to terms.’) %>
BOTH return URLs of:
http://localhost:3000/people/new?post=true&agreed_to_disclaimer_at=Sat+Nov+18+19%3A49%3A49+-0500+2006
You could always use a button_to and POST it to the server.
Ah I see you are trying to POST it - move the :post option outside of
the url_for hash.
<%= link_to (‘Continue’, { :controller => ‘people’,
:action => ‘new’,
:agreed_to_disclaimer_at => Time.now},
:confirm => ‘I agree to terms.’,
:post => true, ) %>
unknown wrote:
Ah I see you are trying to POST it - move the :post option outside of
the url_for hash.
That makes sense. But I moved it an it still doesn’t work. Wierd, huh?
<%= link_to (‘Continue’, { :controller => ‘people’,
:action => ‘new’,
:agreed_to_disclaimer_at => Time.now},
:post => true,
:confirm => ‘I agree to terms.’) %>
returns:
http://localhost:3000/people/new?agreed_to_disclaimer_at=Sat+Nov+18+20%3A20%3A20+-0500+2006
Taylor S. wrote:
unknown wrote:
Ah I see you are trying to POST it - move the :post option outside of
the url_for hash.
That makes sense. But I moved it an it still doesn’t work. Wierd, huh?
<%= link_to (‘Continue’, { :controller => ‘people’,
:action => ‘new’,
:agreed_to_disclaimer_at => Time.now},
:post => true,
:confirm => ‘I agree to terms.’) %>
returns:
http://localhost:3000/people/new?agreed_to_disclaimer_at=Sat+Nov+18+20%3A20%3A20+-0500+2006
that first hash is sent to url_for and url_for has no idea this is meant
as a post request. As always, if you want to post invisible data, use a
form.
<%= form_tag :controller => ‘people’, :action => ‘new’ %>
<%= hidden_field ‘person’, ‘agreed_to_disclaimer_at’, Time.now %>
<%= submit_tag ‘Continue’ %>
that first hash is sent to url_for and url_for has no idea this is meant
as a post request. As always, if you want to post invisible data, use a
form.
<%= form_tag :controller => ‘people’, :action => ‘new’ %>
<%= hidden_field ‘person’, ‘agreed_to_disclaimer_at’, Time.now %>
<%= submit_tag ‘Continue’ %>
I see. Thanks for our help. I guess :method => ‘post’ is just for
grabbing data and not obscuring parameters. Unfortunately,
ActionController gives me an exception with the new code:
‘undefined method `delete’ for Sun Nov 19 01:37:11 -0500 2006:Time’
I’ve read the documentation and assume it is creating some kind of
object but why would it be trying to call a ‘delete’ method?
Try:
<%= link_to (‘Continue’, { :controller => ‘people’,
:action => ‘new’,
:agreed_to_disclaimer_at => Time.now},
{:confirm => ‘I agree to terms.’,
:method => ‘post’}) %>
Vish