Guest User

Untitled

a guest
Mar 7th, 2018
94
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.65 KB | None | 0 0
  1. ##upload_controller.rb (handles new, and picture)
  2.  
  3. class UploadController < ApplicationController
  4.  
  5. layout "standard"
  6. before_filter :authorize, :only => [:edit, :destroy]
  7.  
  8. !! def index
  9. !! @picture_pages, @pictures = paginate :pictures, :per_page => 10, :order => 'lastname, fruitname'
  10. !! end
  11.  
  12. def create
  13. @picture = Picture.new(params[:picture])
  14. picture.user_id = session[:user_id]
  15. redirect_to(:action => 'index')
  16. end
  17.  
  18. !! def new
  19. !! @picture = Picture.new
  20. !! end
  21.  
  22. !! def save
  23. !! @picture = Picture.new(params[:picture])
  24. !! if @picture.save
  25. !! redirect_to(:action => 'show', :id => @picture.id)
  26. !! else
  27. !! render(:action => :new)
  28. !! end
  29. !! end
  30.  
  31. !! def picture
  32. !! @picture = Picture.find(params[:id])
  33. !! session[:user_id] = picture.user_id
  34. !! send_data(@picture.data,
  35. !! :filename => @picture.name,
  36. !! :type => @picture.content_type,
  37. !! :disposition => "inline")
  38. !! end
  39.  
  40. def login
  41. !! session[:user_id] = nil
  42. if request.post?
  43. user = User.authenticate(params[:name], params[:password])
  44. if user
  45. !! session[:user_id] = user.id
  46. redirect_to(:controller => "upload", :action => "userpage")
  47. else
  48. redirect_to(:controller => "upload", :action => "list")
  49. end
  50. end
  51. end
  52.  
  53. def destroy
  54. Picture.find(params[:id]).destroy
  55. redirect_to :action => 'list'
  56. end
  57.  
  58.  
  59.  
  60.  
  61.  
  62.  
  63. ## user.rb require 'digest/sha1'
  64.  
  65.  
  66. class User < ActiveRecord::Base
  67.  
  68. has_many :pictures
  69.  
  70. validates_presence_of :name
  71. validates_uniqueness_of :name
  72.  
  73. attr_accessor :password_confirmation
  74. validates_confirmation_of :password
  75.  
  76. def validate
  77. errors.add_to_base("Missing password") if hashed_password.blank?
  78. end
  79.  
  80.  
  81.  
  82. def self.authenticate(name, password)
  83. user = self.find_by_name(name)
  84. if user
  85. expected_password = encrypted_password(password, user.salt)
  86. if user.hashed_password != expected_password
  87. user = nil
  88. end
  89. end
  90. user
  91. end
  92.  
  93.  
  94. # 'password' is a virtual attribute
  95.  
  96. def password
  97. @password
  98. end
  99.  
  100. def password=(pwd)
  101. @password = pwd
  102. return if pwd.blank?
  103. create_new_salt
  104. self.hashed_password = User.encrypted_password(self.password, self.salt)
  105. end
  106.  
  107.  
  108.  
  109.  
  110. private
  111.  
  112. def self.encrypted_password(password, salt)
  113. string_to_hash = password + "wibble" + salt # 'wibble' makes it harder to guess
  114. Digest::SHA1.hexdigest(string_to_hash)
  115. end
  116.  
  117.  
  118.  
  119.  
  120. def create_new_salt
  121. self.salt = self.object_id.to_s + rand.to_s
  122. end
  123.  
  124. def user_id
  125. session[:user_id] = picture.user_id
  126. end
  127.  
  128. end
  129.  
  130.  
  131.  
  132.  
  133.  
  134.  
  135. ## picture.rb
  136.  
  137. class Picture < ActiveRecord::Base
  138.  
  139. # acts_as_ferret :fields => [:firstname, :lastname, :fruitname]
  140.  
  141. belongs_to :user
  142.  
  143. validates_format_of :content_type,
  144. :with => /^image/,
  145. :message => "-- you can only upload pictures"
  146. def uploaded_picture=(picture_field)
  147. self.name = base_part_of(picture_field.original_filename)
  148. self.content_type = picture_field.content_type.chomp
  149. self.data = picture_field.read
  150. end
  151. def base_part_of(file_name)
  152. File.basename(file_name).gsub(/[^\w._-]/, '')
  153. end
  154. end
  155.  
  156.  
  157.  
  158.  
  159.  
  160. ## new.rhtml
  161.  
  162.  
  163.  
  164.  
  165. <table width="90%" cellpadding="5px" align="right" cellspacing="0px">
  166. <tr>
  167. <td class="navbar" align="right" valign="bottom" width="100px">
  168. <span class="showeditdestroy"><%= link_to 'Back to gallery', :action => 'list' %><span class="slashmarks"> / </span><span class="showeditdestroy"><%= link_to 'Search the fruits', :action => 'search' %></span>
  169. </span>
  170. </td>
  171. </tr>
  172. <tr class="list-line-11" valign="top">
  173. <td>
  174. <%= error_messages_for("picture") %>
  175.  
  176. <% form_for(:picture,
  177. :url => {:action => 'save'},
  178. :html => { :multipart => true }) do |form| %>
  179.  
  180. <p class="name">First Name: <%= form.text_field("firstname") %><br/><p>
  181. <p class="name">Last Name: <%= form.text_field("lastname") %><br/><p>
  182. <p class="fruitname">Fruit Name: <%= form.text_field("fruitname") %><br/><p>
  183. <p class="name"><label for="picture_fruitname">Is there anything special you would like to say about your fruit?</label></p>
  184. <%= text_area 'picture', 'comment' %><br/>
  185. <p class="name">Upload your Fruit: <%= form.file_field("uploaded_picture") %><br/></p>
  186. <br />
  187. <p class="name">What day was your fruit first harvested?<br />
  188. <% date_select "picture", "update_at" %></p>
  189. </td>
  190. </tr>
  191. <tr>
  192. <td class="list-line-11" align="center">
  193. <%= submit_tag("Cheddar Bunnies") %> </span>
  194. <% end %>
  195. </td>
  196. </tr>
  197. </table>
Add Comment
Please, Sign In to add comment