class ApplicationController < ActionController::Base protected def a

1. class ApplicationController < ActionController::Base
2.  
3. protected
4. def authenticate
5. unless session[:user]
6. redirect_to :controller => "login"
7. return false
8. end
9. end
10.  
11.  
12.  
13. end
14.  
15.  
16.  
17. class LoginController < ActionController::Base
18.  
19. #before_filter :authorize, :except => :index
20. #before_filter :authorize, :except => :index
21.  
22. def index
23.  
24. end
25.  
26. def authorize
27. session[:user] = nil
28. user = User.authenticate(@params["name"], @params["password"])
29.  
30. if user
31. session[:user] = user
32.  
33. redirect_to :controller => "Questions"
34.  
35. else
36. flash[:error] = 'Invalid user name and/or password.'
37. redirect_to :action => "index"
38. end
39. end
40.  
41. def new
42.  
43. end
44.  
45. def register
46. if (@params["name"]!='' && @params["password"]!='')
47. if !User.checkAvailability(@params["name"])
48.  
49. @user = User.new
50. @user.user_name = @params["name"]
51. @user.password = @params["password"]
52. @user.admin_role= 0
53. if @user.save
54. session[:user] = user
55. redirect_to :controller => "Questions"
56. else
57. flash[:error] = 'Problem creating user, please try again'
58. redirect_to :action => "new"
59. end
60. else
61. flash[:error] = 'User name already exists.'
62. redirect_to :action => "new"
63. end
64. else
65. flash[:error] = 'Please make sure you have entered all parameters.'
66. redirect_to :action => "new"
67. end
68. end
69.  
70.  
71. def logout
72. reset_session
73. flash["alert"] = "Logged out"
74. redirect_to :action => "index"
75. end
76. end
77.  
78.  
79.  
80.  
81. class QuestionsController < ActionController::Base
82.  
83. def index
84. # show the secret stuff
85. end
86.  
87. def back
88. redirect_to :action => "index"
89. end
90. def edit
91.  
92.  
93. if session[:user].admin_role
94. flash[:error] = " 'The questiadasddasnot exist. '"
95. redirect_to :action => "index"
96. else
97. flash[:error] = " 'It works?????. '"
98. redirect_to :action => "index"
99. end
100.  
101. @question = Question.find(@params["id"])
102.  
103. rescue Exception => exc
104. flash[:error] = 'The question ID does not exist.'
105. redirect_to :action => "index"
106. end
107.  
108.  
109. def find
110. redirect_to :action => "index"
111. end
112.  
113. def make
114.  
115. end
116.  
117. def update
118. @question = Question.find(@params["id"])
119. @question.question = @params["question"]
120. @question.answer = @params["answer"]
121.  
122. if @question.save
123. flash[:error] = 'Update Successful'
124. redirect_to :action => "index"
125. else
126. flash[:error] = 'Problem updating question, please try again'
127. redirect_to :action => "index"
128. end
129.  
130. rescue Exception => exc
131. flash[:error] = 'The question ID does not exist.'
132. redirect_to :action => "index"
133. end
134.  
135.  
136.  
137. end
138.  
139.  
140.  
141.  
142. # This class represents the user table in the database
143. # Table has five fields: id, admin_role, user_name, password
144.  
145. class User < ActiveRecord::Base
146.  
147. validates_presence_of :user_name
148. validates_uniqueness_of :user_name
149. def validate
150. errors.add_to_base("Missing password") if password.blank?
151. end
152. def self.authenticate(name,password)
153. user = self.find_by_user_name(name)
154. if user
155. if user.password != password
156. user = nil
157. end
158. end
159. user
160. end
161.  
162. def self.checkAvailability(name)
163. find(:first,
164. :conditions => [ "user_name = '%s'", name ]
165. )
166. end
167. end