Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- class ApplicationController < ActionController::Base
- protected
- def authenticate
- unless session[:user]
- redirect_to :controller => "login"
- return false
- end
- end
- end
- class LoginController < ActionController::Base
- #before_filter :authorize, :except => :index
- #before_filter :authorize, :except => :index
- def index
- end
- def authorize
- session[:user] = nil
- user = User.authenticate(@params["name"], @params["password"])
- if user
- session[:user] = user
- redirect_to :controller => "Questions"
- else
- flash[:error] = 'Invalid user name and/or password.'
- redirect_to :action => "index"
- end
- end
- def new
- end
- def register
- if (@params["name"]!='' && @params["password"]!='')
- if !User.checkAvailability(@params["name"])
- @user = User.new
- @user.user_name = @params["name"]
- @user.password = @params["password"]
- @user.admin_role= 0
- if @user.save
- session[:user] = user
- redirect_to :controller => "Questions"
- else
- flash[:error] = 'Problem creating user, please try again'
- redirect_to :action => "new"
- end
- else
- flash[:error] = 'User name already exists.'
- redirect_to :action => "new"
- end
- else
- flash[:error] = 'Please make sure you have entered all parameters.'
- redirect_to :action => "new"
- end
- end
- def logout
- reset_session
- flash["alert"] = "Logged out"
- redirect_to :action => "index"
- end
- end
- class QuestionsController < ActionController::Base
- def index
- # show the secret stuff
- end
- def back
- redirect_to :action => "index"
- end
- def edit
- if session[:user].admin_role
- flash[:error] = " 'The questiadasddasnot exist. '"
- redirect_to :action => "index"
- else
- flash[:error] = " 'It works?????. '"
- redirect_to :action => "index"
- end
- @question = Question.find(@params["id"])
- rescue Exception => exc
- flash[:error] = 'The question ID does not exist.'
- redirect_to :action => "index"
- end
- def find
- redirect_to :action => "index"
- end
- def make
- end
- def update
- @question = Question.find(@params["id"])
- @question.question = @params["question"]
- @question.answer = @params["answer"]
- if @question.save
- flash[:error] = 'Update Successful'
- redirect_to :action => "index"
- else
- flash[:error] = 'Problem updating question, please try again'
- redirect_to :action => "index"
- end
- rescue Exception => exc
- flash[:error] = 'The question ID does not exist.'
- redirect_to :action => "index"
- end
- end
- # This class represents the user table in the database
- # Table has five fields: id, admin_role, user_name, password
- class User < ActiveRecord::Base
- validates_presence_of :user_name
- validates_uniqueness_of :user_name
- def validate
- errors.add_to_base("Missing password") if password.blank?
- end
- def self.authenticate(name,password)
- user = self.find_by_user_name(name)
- if user
- if user.password != password
- user = nil
- end
- end
- user
- end
- def self.checkAvailability(name)
- find(:first,
- :conditions => [ "user_name = '%s'", name ]
- )
- end
- end
Add Comment
Please, Sign In to add comment