Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ## controller
- class UploadController < ApplicationController
- layout "standard"
- before_filter :need_auth, :only => [:edit, :destroy]
- !! def create
- @picture = Picture.new(params[:picture])
- @picture.user_id = Current_user.id
- @picture.save!
- redirect_to(:action => 'index')
- !! end
- def new
- @picture = Picture.new
- end
- !! def index
- @picture_pages, @pictures = paginate :pictures, :per_page => 10, :order => 'lastname, fruitname'
- !! end
- def save
- @picture = Picture.new(params[:picture])
- if @picture.save
- redirect_to(:action => 'show', :id => @picture.id)
- else
- render(:action => :new)
- end
- end
- def picture
- @picture = Picture.find(params[:id])
- send_data(@picture.data,
- :filename => @picture.name,
- :type => @picture.content_type,
- :disposition => "inline")
- end
- def show
- @picture = Picture.find(params[:id])
- end
- !! def login
- session[:user_id] = nil
- if request.post?
- user = User.authenticate(params[:name], params[:password])
- if user
- session[:user_id] = user.id
- redirect_to(:controller => "upload", :action => "userpage")
- else
- redirect_to(:controller => "upload", :action => "list")
- end
- end
- !! end
- # def userpage
- # @page = User.find(params[:id])
- # @pictures = Picture.find(params[:user_id])
- # end
- def add_user
- @user = User.new(params[:user])
- if request.post? and @user.save
- flash.now[:notice] = "User #{@user.name} created"
- @user = User.new
- end
- end
- def list_users
- @all_users = User.find(:all)
- end
- def logout
- session[:user_id] = nil
- flash[:notice] = "Logged out"
- redirect_to(:action => "login")
- end
- !! def edit
- @picture = Picture.find(params[:id])
- if @picture.user_id and Current_user.id.same?
- end
- end
- def destroy
- Picture.find(params[:id]).destroy
- redirect_to :action => 'list'
- !! end
- def list_pictures
- @all_pictures = User.find(:all)
- end
- def update
- @picture = Picture.find(params[:id])
- if @picture.update_attributes(params[:picture])
- redirect_to :action => 'list'
- else
- render :action => 'edit'
- end
- end
- def search
- @results = Picture.find(:all, :conditions =>['firstname LIKE ? or lastname LIKE ? or fruitname LIKE ?', params[:query], params[:query], params[:query]], :order => 'lastname, fruitname')
- if @results.empty? and !params[:query].blank?
- flash.now[:notice] = "For some reason, your fruit was not found. Refine the name, or try a different one."
- end
- end
- def start
- end
- end
- ## picture.rb, model
- class Picture < ActiveRecord::Base
- # acts_as_ferret :fields => [:firstname, :lastname, :fruitname]
- belongs_to :user
- validates_format_of :content_type,
- :with => /^image/,
- :message => "-- you can only upload pictures"
- def uploaded_picture=(picture_field)
- self.name = base_part_of(picture_field.original_filename)
- self.content_type = picture_field.content_type.chomp
- self.data = picture_field.read
- end
- def base_part_of(file_name)
- File.basename(file_name).gsub(/[^\w._-]/, '')
- end
- end
- ## user.rb, other model
- require 'digest/sha1'
- class User < ActiveRecord::Base
- has_many :pictures
- validates_presence_of :name
- validates_uniqueness_of :name
- attr_accessor :password_confirmation
- validates_confirmation_of :password
- def validate
- errors.add_to_base("Missing password") if hashed_password.blank?
- end
- def self.authenticate(name, password)
- user = self.find_by_name(name)
- if user
- expected_password = encrypted_password(password, user.salt)
- if user.hashed_password != expected_password
- user = nil
- end
- end
- user
- end
- # 'password' is a virtual attribute
- def password
- @password
- end
- def password=(pwd)
- @password = pwd
- return if pwd.blank?
- create_new_salt
- self.hashed_password = User.encrypted_password(self.password, self.salt)
- end
- private
- def self.encrypted_password(password, salt)
- string_to_hash = password + "wibble" + salt # 'wibble' makes it harder to guess
- Digest::SHA1.hexdigest(string_to_hash)
- end
- def create_new_salt
- self.salt = self.object_id.to_s + rand.to_s
- end
- end
- ## index.rhtml, where some of these elements should appear
- <div id="picture-index">
- <table width="200px" cellpadding="10px" align="right" cellspacing="0px"> <p></p>
- <% for picture in @pictures %>
- <tr>
- <td class="navbar" align="right" valign="bottom">
- <span class="showeditdestroy"><%= link_to 'Show', :action => 'show', :id => picture %><span class="slashmarks"> / </span><span class="showeditdestroy"><%= link_to 'Search the fruits', :action => 'search' %></span><span class="slashmarks"> / </span><span class="showeditdestroy"><% if session[:user_id] %><%= link_to 'Edit', :action => 'edit', :id => picture %> <% end %></td>
- </tr>
- <tr valign="top" class="<%= cycle('list-line-1', 'list-line-2', 'list-line-3', 'list-line-4', 'list-line-5', 'list-line-6', 'list-line-7', 'list-line-8', 'list-line-9', 'list-line-10') %>">
- <td>
- <span class="fruitname"> <%= h(picture.fruitname)%></span><br />
- <span class="name"><%= h(picture.firstname) %> <%= h(picture.lastname) %></span><br />
- <p align="center"><table width="100px" height="100px"><img class="<%= cycle('picture-1', 'picture-2', 'picture-3', 'picture-4', 'picture-5', 'picture-6', 'picture-7', 'picture-8', 'picture-9', 'picture-10', :name => "border") %>" src="<%= url_for(:action => 'picture', :id => picture.id) %>" ></p>
- <p class="comments"></table><%= h(picture.comment)%></p>
- </td>
- </tr>
- <tr>
- <td>
- <p></p>
- <p></p>
- <p></p>
- </td>
- </tr>
- <% end %>
- <tr>
- <td>
- <p></p>
- <p></p>
- <p></p>
- </td>
- </tr>
- <tr>
- <td>
- <p></p>
- <table align="right" cellpadding="2" class="bottomnav">
- <tr>
- <td>
- <table width="158" border="0" cellpadding="4">
- <tr>
- <th bgcolor="#CC00CC" scope="row"><table width="158" border="0" cellpadding="6">
- <tr>
- <th bgcolor="#FF0099" scope="row"><table width="158" border="0" cellpadding="8">
- <tr>
- <th bgcolor="#FF0033" scope="row"><table width="158" border="0" cellpadding="10">
- <tr>
- <th bgcolor="#FF00CC" scope="row">
- <%= if @picture_pages.current.previous
- link_to("Previous page", { :page => @picture_pages.current.previous })
- end
- %> <br />
- <%= link_to 'New Fancy Fruit', :action => 'new' %> <br />
- <%= if @picture_pages.current.next
- link_to("Next page", { :page => @picture_pages.current.next })
- end
- %>
- </tr>
- </table></th>
- </tr>
- </table></th>
- </tr>
- </table></th>
- </tr>
- </table>
- </tr>
- </td>
- </table>
- </div>
- ## application.rb
- # Filters added to this controller apply to all controllers in the application.
- # Likewise, all the methods added will be available for all controllers.
- class ApplicationController < ActionController::Base
- # Pick a unique cookie name to distinguish our session data from others'
- session :session_key => '_fruit_session_id'
- private
- def need_auth
- logged_in? and @user and authed_user == @user
- end
- def authorize
- unless User.find_by_id(session[:user_id])
- flash[:notice] = "Please log in"
- redirect_to(:controller => "admin", :action => "login")
- end
- end
- end
- ## application_helper.rb
- # Methods added to this helper will be available to all templates in the application.
- module ApplicationHelper
- def edit
- @user = logged_in? and @user and authed_user
- end
- end
Add Comment
Please, Sign In to add comment