Post modelclass Post < ActiveRecord::Base validates_presence_of :title,

1. Post model
2.  
3. class Post < ActiveRecord::Base
4.  
5. validates_presence_of :title, :body
6.  
7. has_many :comments
8. has_many :objects
9. belongs_to :user
10. end
11. ------------------
12.  
13. user model
14. class User < ActiveRecord::Base
15.  
16. has_many :comments
17. has_many :posts
18.  
19. validates_presence_of :name
20. validates_uniqueness_of :name
21.  
22. attr_accessor :password_confirmation
23. validates_confirmation_of :password
24.  
25. validate :password_non_blank
26.  
27. validates_format_of :email, :with => /\A([^@\s]+)@((?:[-a-z0-9]+\.)+[a-z]{2,})\Z/i
28. validates_uniqueness_of :email, :case_sensitive => false
29.  
30. def self.authenticate(name, password)
31.  
32. user = self.find_by_name(name)
33. if user
34. expected_password = encrypted_password(password, user.salt)
35. if user.hashed_password != expected_password
36. user = nil
37. end
38. end
39. user
40. end
41. # 'password' is a virtual attribute
42. def password
43. @password
44. end
45.  
46.  
47.  
48. def password=(pwd)
49. @password = pwd
50. return if pwd.blank?
51. create_new_salt
52. self.hashed_password = User.encrypted_password(self.password, self.salt)
53. end
54.  
55. #def email=(eml)
56. # @email = eml
57. # return if eml.blank?
58. #end
59.  
60. private
61.  
62. def password_non_blank
63. errors.add(:password, "Missing password") if hashed_password.blank?
64. end
65.  
66. #def email_non_blank
67. # errors.add(:email, "Missing email") if email.blank?
68. #end
69.  
70. def create_new_salt
71. self.salt = self.object_id.to_s + rand.to_s
72. end
73.  
74. def self.encrypted_password(password, salt)
75. string_to_hash = password + "wibble" + salt
76. Digest::SHA1.hexdigest(string_to_hash)
77. end
78. end
79. ---------------
80.  
81. posts controller
82.  
83. class PostsController < ApplicationController
84. before_filter :authorize, :except => :index
85. # GET /posts
86. # GET /posts.xml
87. def index
88. @posts = Post.find(:all)
89.  
90. respond_to do |format|
91. format.html # index.html.erb
92. format.xml { render :xml => @posts }
93. end
94. end
95.  
96. # GET /posts/1
97. # GET /posts/1.xml
98. def show
99. @post = Post.find(params[:id])
100. @post_comments = @post.comments.collect
101. flash[:post_id] =@post.id
102.  
103. end
104.  
105. # GET /posts/new
106. # GET /posts/new.xml
107.  
108. def new
109. @post = Post.new
110. @post.user_id = session[:user_id]
111. respond_to do |format|
112. format.html # new.html.erb
113. format.xml { render :xml => @post }
114. end
115. end
116.  
117.  
118. # GET /posts/1/edit
119. #def edit
120. # @post = Post.find(params[:id])
121. #end
122.  
123. # POST /posts
124. # POST /posts.xml
125. def create
126.  
127. @post = Post.new(params[:post])
128.  
129. respond_to do |format|
130. if @post.save
131. flash[:notice] = 'Post was successfully created.'
132. format.html { redirect_to(@post) }
133. format.xml { render :xml => @post, :status => :created, :location => @post }
134. else
135. format.html { render :action => "new" }
136. format.xml { render :xml => @post.errors, :status => :unprocessable_entity }
137. end
138. end
139. end
140.  
141. # PUT /posts/1
142. # PUT /posts/1.xml
143. #def update
144. # @post = Post.find(params[:id])
145.  
146. # respond_to do |format|
147. # if @post.update_attributes(params[:post])
148. # flash[:notice] = 'Post was successfully updated.'
149. # format.html { redirect_to(@post) }
150. # format.xml { head :ok }
151. #else
152. #format.html { render :action => "edit" }
153. #format.xml { render :xml => @post.errors, :status => :unprocessable_entity }
154. #end
155. #end
156. #end
157.  
158. # DELETE /posts/1
159. # DELETE /posts/1.xml
160. def destroy
161. @post = Post.find(params[:id])
162. @post.destroy
163.  
164. respond_to do |format|
165. format.html { redirect_to(posts_url) }
166. format.xml { head :ok }
167. end
168. end
169.  
170. # Adding a comment
171. # Adding a comment
172. # Adding a comment
173. def post_comment
174.  
175. @comment = Comment.new(
176. "post_id" => flash[:post_id],
177. "created_at" => Time.now,
178. "user_id" => session[:user_id],
179. "comment" => params[:comment]['comment']
180. )
181. if @comment.save
182. flash[:notice] = 'Comment was successfully added.'
183. else
184. flash[:error] = 'Comment cant be blank'
185. end
186. redirect_to :action => 'show', :id => flash[:post_id]
187.  
188. end
189.  
190. protected
191. def authorize
192. unless User.find_by_id(session[:user_id])
193. session[:original_uri] = request.request_uri
194. flash[:notice] = "You need to log in first"
195. redirect_to :controller => 'admin/login/login'
196. end
197. end
198.  
199. end
200.  
201.  
202. ------------------
203.  
204. posts /index view
205.  
206. <h1> Web Aesthetics Forum </h1><br/>
207. <div style="color: #008080; font-size: 10pt">
208. <% for post in @posts.reverse %>
209. <h2><%= post.title %></h2>
210. <h3><%= post.user.name %>, at <%= post.created_at.strftime("%B %d, %Y at %I:%M %p") %></h3>
211. <p><%= post.body %></p>
212. <small>
213. <%= link_to "Show/Make comments",
214. :action => "show",
215. :id => post %>
216.  
217. </small>
218. <hr>
219. <% end %>
220. <br />
221. <%= link_to 'New post', new_post_path %>