Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ##upload_controller.rb (handles new, and picture)
- class UploadController < ApplicationController
- layout "standard"
- before_filter :authorize, :only => [:edit, :destroy]
- !! def index
- !! @picture_pages, @pictures = paginate :pictures, :per_page => 10, :order => 'lastname, fruitname'
- !! end
- def create
- @picture = Picture.new(params[:picture])
- picture.user_id = session[:user_id]
- redirect_to(:action => 'index')
- end
- !! def new
- !! @picture = Picture.new
- !! end
- !! def save
- !! @picture = Picture.new(params[:picture])
- !! if @picture.save
- !! redirect_to(:action => 'show', :id => @picture.id)
- !! else
- !! render(:action => :new)
- !! end
- !! end
- !! def picture
- !! @picture = Picture.find(params[:id])
- !! session[:user_id] = picture.user_id
- !! send_data(@picture.data,
- !! :filename => @picture.name,
- !! :type => @picture.content_type,
- !! :disposition => "inline")
- !! end
- def login
- !! session[:user_id] = nil
- if request.post?
- user = User.authenticate(params[:name], params[:password])
- if user
- !! session[:user_id] = user.id
- redirect_to(:controller => "upload", :action => "userpage")
- else
- redirect_to(:controller => "upload", :action => "list")
- end
- end
- end
- def destroy
- Picture.find(params[:id]).destroy
- redirect_to :action => 'list'
- end
- ## user.rb require 'digest/sha1'
- class User < ActiveRecord::Base
- has_many :pictures
- validates_presence_of :name
- validates_uniqueness_of :name
- attr_accessor :password_confirmation
- validates_confirmation_of :password
- def validate
- errors.add_to_base("Missing password") if hashed_password.blank?
- end
- def self.authenticate(name, password)
- user = self.find_by_name(name)
- if user
- expected_password = encrypted_password(password, user.salt)
- if user.hashed_password != expected_password
- user = nil
- end
- end
- user
- end
- # 'password' is a virtual attribute
- def password
- @password
- end
- def password=(pwd)
- @password = pwd
- return if pwd.blank?
- create_new_salt
- self.hashed_password = User.encrypted_password(self.password, self.salt)
- end
- private
- def self.encrypted_password(password, salt)
- string_to_hash = password + "wibble" + salt # 'wibble' makes it harder to guess
- Digest::SHA1.hexdigest(string_to_hash)
- end
- def create_new_salt
- self.salt = self.object_id.to_s + rand.to_s
- end
- def user_id
- session[:user_id] = picture.user_id
- end
- end
- ## picture.rb
- class Picture < ActiveRecord::Base
- # acts_as_ferret :fields => [:firstname, :lastname, :fruitname]
- belongs_to :user
- validates_format_of :content_type,
- :with => /^image/,
- :message => "-- you can only upload pictures"
- def uploaded_picture=(picture_field)
- self.name = base_part_of(picture_field.original_filename)
- self.content_type = picture_field.content_type.chomp
- self.data = picture_field.read
- end
- def base_part_of(file_name)
- File.basename(file_name).gsub(/[^\w._-]/, '')
- end
- end
- ## new.rhtml
- <table width="90%" cellpadding="5px" align="right" cellspacing="0px">
- <tr>
- <td class="navbar" align="right" valign="bottom" width="100px">
- <span class="showeditdestroy"><%= link_to 'Back to gallery', :action => 'list' %><span class="slashmarks"> / </span><span class="showeditdestroy"><%= link_to 'Search the fruits', :action => 'search' %></span>
- </span>
- </td>
- </tr>
- <tr class="list-line-11" valign="top">
- <td>
- <%= error_messages_for("picture") %>
- <% form_for(:picture,
- :url => {:action => 'save'},
- :html => { :multipart => true }) do |form| %>
- <p class="name">First Name: <%= form.text_field("firstname") %><br/><p>
- <p class="name">Last Name: <%= form.text_field("lastname") %><br/><p>
- <p class="fruitname">Fruit Name: <%= form.text_field("fruitname") %><br/><p>
- <p class="name"><label for="picture_fruitname">Is there anything special you would like to say about your fruit?</label></p>
- <%= text_area 'picture', 'comment' %><br/>
- <p class="name">Upload your Fruit: <%= form.file_field("uploaded_picture") %><br/></p>
- <br />
- <p class="name">What day was your fruit first harvested?<br />
- <% date_select "picture", "update_at" %></p>
- </td>
- </tr>
- <tr>
- <td class="list-line-11" align="center">
- <%= submit_tag("Cheddar Bunnies") %> </span>
- <% end %>
- </td>
- </tr>
- </table>
Add Comment
Please, Sign In to add comment