Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- class ApplicationController < ActionController::Base
- protected
- def authenticate
- unless session["User"]
- redirect_to :controller => "login"
- return false
- end
- end
- end
- class LoginController < ActionController::Base
- #before_filter :authorize, :except => :index
- #before_filter :authorize, :except => :index
- before_filter :authorize, :except => :index
- def index
- end
- def authorize
- session[:user_id] = nil
- user = User.authenticate(@params["name"], @params["password"])
- if user
- session[:user_id] = user.id
- redirect_to :controller => "Questions"
- else
- flash[:error] = 'Invalid user name and/or password.'
- redirect_to :action => "index"
- end
- end
- def new
- end
- def register
- if (@params["name"]!='' && @params["password"]!='')
- if session[:user_id] = !User.checkAvailability(@params["name"])
- @user = User.new
- @user.user_name = @params["name"]
- @user.password = @params["password"]
- @user.admin_role= 0
- if @user.save
- session[:user_id] = user.id
- redirect_to :controller => "Questions"
- else
- flash[:error] = 'Problem creating user, please try again'
- redirect_to :action => "new"
- end
- else
- flash[:error] = 'User name already exists.'
- redirect_to :action => "new"
- end
- else
- flash[:error] = 'Please make sure you have entered all parameters.'
- redirect_to :action => "new"
- end
- end
- def logout
- reset_session
- flash["alert"] = "Logged out"
- redirect_to :action => "index"
- end
- end
- class QuestionsController < ActionController::Base
- def index
- # show the secret stuff
- end
- def back
- redirect_to :action => "index"
- end
- def edit
- u = User.find_by_id(session[:user_id])
- if u.admin_role
- flash[:error] = " 'The question ID does not exist. '"+ @current_user.author
- redirect_to :action => "index"
- else
- flash[:error] = " 'It works?????. '"+ @current_user.author
- redirect_to :action => "index"
- end
- @question = Question.find(@params["id"])
- rescue Exception => exc
- flash[:error] = 'The question ID does not exist.'
- redirect_to :action => "index"
- end
- def find
- redirect_to :action => "index"
- end
- def make
- end
- def update
- @question = Question.find(@params["id"])
- @question.question = @params["question"]
- @question.answer = @params["answer"]
- if @question.save
- flash[:error] = 'Update Successful'
- redirect_to :action => "index"
- else
- flash[:error] = 'Problem updating question, please try again'
- redirect_to :action => "index"
- end
- rescue Exception => exc
- flash[:error] = 'The question ID does not exist.'
- redirect_to :action => "index"
- end
- end
- class User < ActiveRecord::Base
- def self.authenticate(name, password)
- find(:first,
- :conditions => [ "user_name = '%s' AND password = '%s'", name, password ]
- )
- end
- def self.checkAvailability(name)
- find(:first,
- :conditions => [ "user_name = '%s'", name ]
- )
- end
- end
Add Comment
Please, Sign In to add comment