Dear all, i wrote script in view like this, <% form_for :seq do |form| %> <fieldset> <legend>Source Information</legend> <div class="form_row"> <label for="seq_id">User ID </label> <%= form.text_field :user_id, :value => session [:user_id],:size=>10 %> </div> </fieldset> <% end %> and i want hide this field to user but i want value= session[:user_id] to insert database automatically how i do? thank you
on 2009-05-06 09:17
on 2009-05-06 13:28
Change form.text_field for form.hidden_field, see http://api.rubyonrails.org/classes/ActionView/Help... for more options. Regards. Franco Catena.
on 2009-05-06 17:33
Just make sure you don't create a security hole where a "bad user" could change the hidden user_id to create problems for the application.
on 2009-05-07 06:37
thank you so much i use form.hidden_field .it's work -_- 2009/5/6 Brendon <email@example.com>
on 2009-05-09 19:44
Just as long as you know that users can EASILY change values you put into hidden fields... so If they can mess up the system, somebody will. If you need to protect against that (and don't want to store this stuff in the session which is where I'd put it) then ALSO include a hash of the hidden value + a secret value to protect against changes. Brendon.