API tools faq
paste
Guest User

Untitled

a guest
Mar 7th, 2018
95
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 7.80 KB | None | 0 0
raw download clone embed print report
  1. ## controller
  2.  
  3. class UploadController < ApplicationController
  4.  
  5. layout "standard"
  6. before_filter :need_auth, :only => [:edit, :destroy]
  7.  
  8. !! def create
  9. @picture = Picture.new(params[:picture])
  10. @picture.user_id = Current_user.id
  11. @picture.save!
  12. redirect_to(:action => 'index')
  13. !! end
  14. def new
  15. @picture = Picture.new
  16. end
  17. !! def index
  18. @picture_pages, @pictures = paginate :pictures, :per_page => 10, :order => 'lastname, fruitname'
  19. !! end
  20. def save
  21. @picture = Picture.new(params[:picture])
  22. if @picture.save
  23. redirect_to(:action => 'show', :id => @picture.id)
  24. else
  25. render(:action => :new)
  26. end
  27. end
  28. def picture
  29. @picture = Picture.find(params[:id])
  30. send_data(@picture.data,
  31. :filename => @picture.name,
  32. :type => @picture.content_type,
  33. :disposition => "inline")
  34. end
  35. def show
  36. @picture = Picture.find(params[:id])
  37. end
  38. !! def login
  39. session[:user_id] = nil
  40. if request.post?
  41. user = User.authenticate(params[:name], params[:password])
  42. if user
  43. session[:user_id] = user.id
  44. redirect_to(:controller => "upload", :action => "userpage")
  45. else
  46. redirect_to(:controller => "upload", :action => "list")
  47. end
  48. end
  49. !! end
  50. # def userpage
  51. # @page = User.find(params[:id])
  52. # @pictures = Picture.find(params[:user_id])
  53. # end
  54. def add_user
  55. @user = User.new(params[:user])
  56. if request.post? and @user.save
  57. flash.now[:notice] = "User #{@user.name} created"
  58. @user = User.new
  59. end
  60. end
  61. def list_users
  62. @all_users = User.find(:all)
  63. end
  64. def logout
  65. session[:user_id] = nil
  66. flash[:notice] = "Logged out"
  67. redirect_to(:action => "login")
  68. end
  69. !! def edit
  70. @picture = Picture.find(params[:id])
  71. if @picture.user_id and Current_user.id.same?
  72. end
  73. end
  74. def destroy
  75. Picture.find(params[:id]).destroy
  76. redirect_to :action => 'list'
  77. !! end
  78. def list_pictures
  79. @all_pictures = User.find(:all)
  80. end
  81. def update
  82. @picture = Picture.find(params[:id])
  83. if @picture.update_attributes(params[:picture])
  84. redirect_to :action => 'list'
  85. else
  86. render :action => 'edit'
  87. end
  88. end
  89. def search
  90. @results = Picture.find(:all, :conditions =>['firstname LIKE ? or lastname LIKE ? or fruitname LIKE ?', params[:query], params[:query], params[:query]], :order => 'lastname, fruitname')
  91. if @results.empty? and !params[:query].blank?
  92. flash.now[:notice] = "For some reason, your fruit was not found. Refine the name, or try a different one."
  93. end
  94. end
  95. def start
  96. end
  97. end
  98.  
  99.  
  100.  
  101.  
  102.  
  103.  
  104. ## picture.rb, model
  105.  
  106.  
  107. class Picture < ActiveRecord::Base
  108.  
  109. # acts_as_ferret :fields => [:firstname, :lastname, :fruitname]
  110.  
  111. belongs_to :user
  112.  
  113. validates_format_of :content_type,
  114. :with => /^image/,
  115. :message => "-- you can only upload pictures"
  116. def uploaded_picture=(picture_field)
  117. self.name = base_part_of(picture_field.original_filename)
  118. self.content_type = picture_field.content_type.chomp
  119. self.data = picture_field.read
  120. end
  121. def base_part_of(file_name)
  122. File.basename(file_name).gsub(/[^\w._-]/, '')
  123. end
  124. end
  125.  
  126.  
  127.  
  128.  
  129.  
  130. ## user.rb, other model
  131.  
  132.  
  133. require 'digest/sha1'
  134.  
  135.  
  136. class User < ActiveRecord::Base
  137.  
  138. has_many :pictures
  139.  
  140. validates_presence_of :name
  141. validates_uniqueness_of :name
  142.  
  143. attr_accessor :password_confirmation
  144. validates_confirmation_of :password
  145.  
  146. def validate
  147. errors.add_to_base("Missing password") if hashed_password.blank?
  148. end
  149.  
  150.  
  151.  
  152. def self.authenticate(name, password)
  153. user = self.find_by_name(name)
  154. if user
  155. expected_password = encrypted_password(password, user.salt)
  156. if user.hashed_password != expected_password
  157. user = nil
  158. end
  159. end
  160. user
  161. end
  162.  
  163.  
  164. # 'password' is a virtual attribute
  165.  
  166. def password
  167. @password
  168. end
  169.  
  170. def password=(pwd)
  171. @password = pwd
  172. return if pwd.blank?
  173. create_new_salt
  174. self.hashed_password = User.encrypted_password(self.password, self.salt)
  175. end
  176.  
  177.  
  178.  
  179.  
  180. private
  181.  
  182. def self.encrypted_password(password, salt)
  183. string_to_hash = password + "wibble" + salt # 'wibble' makes it harder to guess
  184. Digest::SHA1.hexdigest(string_to_hash)
  185. end
  186.  
  187.  
  188.  
  189.  
  190. def create_new_salt
  191. self.salt = self.object_id.to_s + rand.to_s
  192. end
  193.  
  194.  
  195. end
  196.  
  197.  
  198.  
  199.  
  200.  
  201.  
  202. ## index.rhtml, where some of these elements should appear
  203.  
  204.  
  205.  
  206. <div id="picture-index">
  207. <table width="200px" cellpadding="10px" align="right" cellspacing="0px"> <p></p>
  208. <% for picture in @pictures %>
  209. <tr>
  210. <td class="navbar" align="right" valign="bottom">
  211. <span class="showeditdestroy"><%= link_to 'Show', :action => 'show', :id => picture %><span class="slashmarks"> / </span><span class="showeditdestroy"><%= link_to 'Search the fruits', :action => 'search' %></span><span class="slashmarks"> / </span><span class="showeditdestroy"><% if session[:user_id] %><%= link_to 'Edit', :action => 'edit', :id => picture %> <% end %></td>
  212. </tr>
  213. <tr valign="top" class="<%= cycle('list-line-1', 'list-line-2', 'list-line-3', 'list-line-4', 'list-line-5', 'list-line-6', 'list-line-7', 'list-line-8', 'list-line-9', 'list-line-10') %>">
  214. <td>
  215. <span class="fruitname"> <%= h(picture.fruitname)%></span><br />
  216. <span class="name"><%= h(picture.firstname) %> <%= h(picture.lastname) %></span><br />
  217. <p align="center"><table width="100px" height="100px"><img class="<%= cycle('picture-1', 'picture-2', 'picture-3', 'picture-4', 'picture-5', 'picture-6', 'picture-7', 'picture-8', 'picture-9', 'picture-10', :name => "border") %>" src="<%= url_for(:action => 'picture', :id => picture.id) %>" ></p>
  218. <p class="comments"></table><%= h(picture.comment)%></p>
  219. </td>
  220. </tr>
  221. <tr>
  222. <td>
  223. <p></p>
  224. <p></p>
  225. <p></p>
  226. </td>
  227. </tr>
  228. <% end %>
  229. <tr>
  230. <td>
  231. <p></p>
  232. <p></p>
  233. <p></p>
  234. </td>
  235. </tr>
  236. <tr>
  237. <td>
  238. <p></p>
  239. <table align="right" cellpadding="2" class="bottomnav">
  240. <tr>
  241. <td>
  242. <table width="158" border="0" cellpadding="4">
  243. <tr>
  244. <th bgcolor="#CC00CC" scope="row"><table width="158" border="0" cellpadding="6">
  245. <tr>
  246. <th bgcolor="#FF0099" scope="row"><table width="158" border="0" cellpadding="8">
  247. <tr>
  248. <th bgcolor="#FF0033" scope="row"><table width="158" border="0" cellpadding="10">
  249. <tr>
  250. <th bgcolor="#FF00CC" scope="row">
  251. <%= if @picture_pages.current.previous
  252. link_to("Previous page", { :page => @picture_pages.current.previous })
  253. end
  254. %> <br />
  255. <%= link_to 'New Fancy Fruit', :action => 'new' %> <br />
  256.  
  257. <%= if @picture_pages.current.next
  258. link_to("Next page", { :page => @picture_pages.current.next })
  259. end
  260. %>
  261.  
  262. </tr>
  263. </table></th>
  264. </tr>
  265. </table></th>
  266. </tr>
  267. </table></th>
  268. </tr>
  269. </table>
  270. </tr>
  271. </td>
  272. </table>
  273. </div>
  274.  
  275.  
  276.  
  277.  
  278. ## application.rb
  279.  
  280.  
  281.  
  282. # Filters added to this controller apply to all controllers in the application.
  283. # Likewise, all the methods added will be available for all controllers.
  284.  
  285. class ApplicationController < ActionController::Base
  286. # Pick a unique cookie name to distinguish our session data from others'
  287. session :session_key => '_fruit_session_id'
  288.  
  289. private
  290. def need_auth
  291. logged_in? and @user and authed_user == @user
  292. end
  293. def authorize
  294. unless User.find_by_id(session[:user_id])
  295. flash[:notice] = "Please log in"
  296. redirect_to(:controller => "admin", :action => "login")
  297. end
  298. end
  299. end
  300.  
  301.  
  302.  
  303. ## application_helper.rb
  304.  
  305.  
  306.  
  307.  
  308. # Methods added to this helper will be available to all templates in the application.
  309. module ApplicationHelper
  310.  
  311. def edit
  312. @user = logged_in? and @user and authed_user
  313. end
  314. end
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!