Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ## app/views/products/edit.html.erb
- <h1>Editing product</h1>
- <%= error_messages_for :product %>
- <% form_for(@product) do |f| %>
- <p>
- <b>Title</b><br />
- <%= f.text_field :title %>
- </p>
- <p>
- <b>Description</b><br />
- <%= f.text_area :description %>
- </p>
- <p>
- <b>Price</b><br />
- <%= f.text_field :price %>
- </p>
- <p>
- <%= f.submit "Update" %>
- </p>
- <% end %>
- <%= link_to 'Show', @product %> |
- <%= link_to 'Back', products_path %>
- ## app/views/home/index.html.erb
- <%= flash[:notice] %>
- <h1>Listando Productos</h1>
- <% for product in @products %>
- <p>
- Titulo: <%=h product.title %><br/>
- Descripcion: <%=h product.description %><br/>
- Precio: <%=h product.price %><br/>
- <%= link_to image_tag(product.photo.public_filename(:thumb)), product.photo.public_filename unless product.photo.nil? %><br/>
- </p>
- <% end %>
- <%= will_paginate @products %>
- ## app/views/products/new.html.erb
- <h1>New product</h1>
- <%= error_messages_for :product %>
- <% form_for(:product, :url => products_path, :html => { :multipart => true }) do |f| %>
- <p>
- <b>Title</b><br />
- <%= f.text_field :title %>
- </p>
- <p>
- <b>Description</b><br />
- <%= f.text_area :description %>
- </p>
- <p>
- <b>Price</b><br />
- <%= f.text_field :price %>
- </p>
- <p>
- <b>Photo</b><br />
- <%= file_field :photo, :uploaded_data %>
- </p>
- <p>
- <%= f.submit "Create" %>
- </p>
- <% end %>
- <%= link_to 'Back', products_path %>
- ## app/views/products/show.html.erb
- <p>
- <b>Title:</b>
- <%=h @product.title %>
- </p>
- <p>
- <b>Description:</b>
- <%=h @product.description %>
- </p>
- <p>
- <b>Price:</b>
- <%=h @product.price %>
- </p>
- <%= link_to 'Edit', edit_product_path(@product) %> |
- <%= link_to 'Back', products_path %>
- ## app/views/products/edit.html.erb
- <h1>Editing product</h1>
- <%= error_messages_for :product %>
- <% form_for(@product) do |f| %>
- <p>
- <b>Title</b><br />
- <%= f.text_field :title %>
- </p>
- <p>
- <b>Description</b><br />
- <%= f.text_area :description %>
- </p>
- <p>
- <b>Price</b><br />
- <%= f.text_field :price %>
- </p>
- <p>
- <%= f.submit "Update" %>
- </p>
- <% end %>
- <%= link_to 'Show', @product %> |
- <%= link_to 'Back', products_path %>
- ## app/controllers/application.rb
- # Filters added to this controller apply to all controllers in the application.
- # Likewise, all the methods added will be available for all controllers.
- class ApplicationController < ActionController::Base
- helper :all # include all helpers, all the time
- # See ActionController::RequestForgeryProtection for details
- # Uncomment the :secret if you're not using the cookie session store
- protect_from_forgery # :secret => 'bc304e5a67ce85a5c309c1249002e99b'
- end
- ## app/controllers/home_controller.rb
- class HomeController < ApplicationController
- def index
- @products = Product.paginate(:page => params[:page], :per_page => 15, :order => 'id DESC')
- end
- end
- ## app/controllers/products_controller.rb
- class ProductsController < ApplicationController
- include AuthenticatedSystem
- before_filter :login_required, :only => [:index, :show, :new, :edit, :create, :update, :destroy]
- # GET /products
- # GET /products.xml
- def index
- @products = Product.find(:all)
- respond_to do |format|
- format.html # index.html.erb
- format.xml { render :xml => @products }
- end
- end
- # GET /products/1
- # GET /products/1.xml
- def show
- @product = Product.find(params[:id])
- respond_to do |format|
- format.html # show.html.erb
- format.xml { render :xml => @product }
- end
- end
- # GET /products/new
- # GET /products/new.xml
- def new
- @product = Product.new
- respond_to do |format|
- format.html # new.html.erb
- format.xml { render :xml => @product }
- end
- end
- # GET /products/1/edit
- def edit
- @product = Product.find(params[:id])
- end
- # POST /products
- # POST /products.xml
- def create
- @product = Product.new(params[:product])
- @product.photo = Photo.new(params[:photo])
- respond_to do |format|
- if @product.save
- flash[:notice] = 'Product was successfully created.'
- format.html { redirect_to(@product) }
- format.xml { render :xml => @product, :status => :created, :location => @product }
- else
- format.html { render :action => "new" }
- format.xml { render :xml => @product.errors, :status => :unprocessable_entity }
- end
- end
- end
- # PUT /products/1
- # PUT /products/1.xml
- def update
- @product = Product.find(params[:id])
- respond_to do |format|
- if @product.update_attributes(params[:product])
- flash[:notice] = 'Product was successfully updated.'
- format.html { redirect_to(@product) }
- format.xml { head :ok }
- else
- format.html { render :action => "edit" }
- format.xml { render :xml => @product.errors, :status => :unprocessable_entity }
- end
- end
- end
- # DELETE /products/1
- # DELETE /products/1.xml
- def destroy
- @product = Product.find(params[:id])
- @product.destroy
- respond_to do |format|
- format.html { redirect_to(products_url) }
- format.xml { head :ok }
- end
- end
- end
- ## app/controllers/sessions_controller.rb
- # This controller handles the login/logout function of the site.
- class SessionsController < ApplicationController
- # Be sure to include AuthenticationSystem in Application Controller instead
- include AuthenticatedSystem
- # render new.rhtml
- def new
- end
- def create
- self.current_user = User.authenticate(params[:login], params[:password])
- if logged_in?
- if params[:remember_me] == "1"
- self.current_user.remember_me
- cookies[:auth_token] = { :value => self.current_user.remember_token , :expires => self.current_user.remember_token_expires_at }
- end
- redirect_back_or_default('/products')
- #redirect_back_or_default('/')
- flash[:notice] = "Logged in successfully"
- else
- render :action => 'new'
- end
- end
- def destroy
- self.current_user.forget_me if logged_in?
- cookies.delete :auth_token
- reset_session
- flash[:notice] = "You have been logged out."
- redirect_back_or_default('/')
- end
- end
- ## app/controllers/users_controller.rb
- class UsersController < ApplicationController
- # Be sure to include AuthenticationSystem in Application Controller instead
- include AuthenticatedSystem
- # render new.rhtml
- def new
- end
- def create
- cookies.delete :auth_token
- # protects against session fixation attacks, wreaks havoc with
- # request forgery protection.
- # uncomment at your own risk
- # reset_session
- @user = User.new(params[:user])
- @user.save
- if @user.errors.empty?
- self.current_user = @user
- redirect_back_or_default('/')
- flash[:notice] = "Thanks for signing up!"
- else
- render :action => 'new'
- end
- end
- end
- ## app/models/photo.rb
- class Photo < ActiveRecord::Base
- belongs_to :product
- has_attachment :content_type => :image,
- :storage => :file_system,
- :max_size => 500.kilobytes,
- :resize_to => '320x200>',
- :thumbnails => { :thumb => '100x100>' }
- validates_as_attachment
- end
- ## app/models/product.rb
- class Product < ActiveRecord::Base
- has_one :photo
- validates_presence_of :title, :description
- validates_numericality_of :price
- end
- ## app/models/user.rb
- require 'digest/sha1'
- class User < ActiveRecord::Base
- # Virtual attribute for the unencrypted password
- attr_accessor :password
- validates_presence_of :login, :email
- validates_presence_of :password, :if => :password_required?
- validates_presence_of :password_confirmation, :if => :password_required?
- validates_length_of :password, :within => 4..40, :if => :password_required?
- validates_confirmation_of :password, :if => :password_required?
- validates_length_of :login, :within => 3..40
- validates_length_of :email, :within => 3..100
- validates_uniqueness_of :login, :email, :case_sensitive => false
- before_save :encrypt_password
- # prevents a user from submitting a crafted form that bypasses activation
- # anything else you want your user to change should be added here.
- attr_accessible :login, :email, :password, :password_confirmation
- # Authenticates a user by their login name and unencrypted password. Returns the user or nil.
- def self.authenticate(login, password)
- u = find_by_login(login) # need to get the salt
- u && u.authenticated?(password) ? u : nil
- end
- # Encrypts some data with the salt.
- def self.encrypt(password, salt)
- Digest::SHA1.hexdigest("--#{salt}--#{password}--")
- end
- # Encrypts the password with the user salt
- def encrypt(password)
- self.class.encrypt(password, salt)
- end
- def authenticated?(password)
- crypted_password == encrypt(password)
- end
- def remember_token?
- remember_token_expires_at && Time.now.utc < remember_token_expires_at
- end
- # These create and unset the fields required for remembering users between browser closes
- def remember_me
- remember_me_for 2.weeks
- end
- def remember_me_for(time)
- remember_me_until time.from_now.utc
- end
- def remember_me_until(time)
- self.remember_token_expires_at = time
- self.remember_token = encrypt("#{email}--#{remember_token_expires_at}")
- save(false)
- end
- def forget_me
- self.remember_token_expires_at = nil
- self.remember_token = nil
- save(false)
- end
- protected
- # before filter
- def encrypt_password
- return if password.blank?
- self.salt = Digest::SHA1.hexdigest("--#{Time.now.to_s}--#{login}--") if new_record?
- self.crypted_password = encrypt(password)
- end
- def password_required?
- crypted_password.blank? || !password.blank?
- end
- end
Add Comment
Please, Sign In to add comment