ruby - Rails 4 - flash-alert with plain text and ERB -

i'm unsure if way i'm treating issue, or erb.

right when user registers, sent activation email. if haven't activated, , try log in, they're prompted "sorry, you're not authorized." want modify offers them resent email, well.

sessionscontroller

class sessionscontroller < applicationcontroller   def new   end    def create     user = user.find_by(email: params[:session][:email].downcase)     if user && user.authenticate(params[:session][:password])       if user.activated?         log_in user         params[:session][:remember_me] == '1' ? remember(user) : forget(user)         redirect_back_or user       else         message  = "account not activated. "         message += "check email activation link, or click" + <%= link_to "here", :controller => :user, :action => :resend_email  %>+ "to have resent!"         flash[:warning] = message         redirect_to root_url       end     else       flash.now[:danger] = 'invalid email/password combination'       render 'new'     end   end    def destroy     log_out if logged_in?     redirect_to root_url   end  end

within users controller made 'resend_email' function. majority of create one, bit redundant.

userscontroller

class userscontroller < applicationcontroller     before_action :logged_in_user, only: [:index, :edit, :update, :destroy]     before_action :correct_user,   only: [:edit, :update]     before_action :admin_user,     only: :destroy    def index     @users = user.where(activated: true).paginate(page: params[:page])   end    def show     @user = user.find(params[:id])     redirect_to root_url , return unless @user.activated?   end    def new     @user = user.new   end    def create     @user = user.new(user_params)     if @user.save       @user.send_activation_email       flash[:info] = "please check email activate account."       redirect_to root_url     else       render 'new'     end   end    def resend_email      @user.send_activation_email      flash[:info] = "please check email activate account."      redirect_to root_url   else    def edit     @user = user.find(params[:id])   end    def update     @user = user.find(params[:id])     if @user.update_attributes(user_params)       flash[:success] = "profile updated"       redirect_to @user     else       render 'edit'     end   end    def destroy     user.find(params[:id]).destroy     flash[:success] = "user deleted"     redirect_to users_url   end    private      def user_params       params.require(:user).permit(:name, :email, :password,                                    :password_confirmation)     end      # before filters      # confirms logged-in user.     def logged_in_user       unless logged_in?         store_location         flash[:danger] = "please log in."         redirect_to login_url       end     end      # confirms correct user.     def correct_user       @user = user.find(params[:id])       redirect_to(root_url) unless current_user?(@user)     end      def admin_user       redirect_to(root_url) unless current_user.admin?     end  end

i've tried modifying 'message' several different versions , each time response similar

/home/ubuntu/workspace/sample_app/app/controllers/sessions_controller.rb:16: syntax error, unexpected '<' <%= link_to "here", :controlle... ^ /home/ubuntu/workspace/sample_app/app/controllers/sessions_controller.rb:16: syntax error, unexpected ',', expecting keyword_end ...o "here", :controller => :user, :action => :resend_email %> ... ^ /home/ubuntu/workspace/sample_app/app/controllers/sessions_controller.rb:16: syntax error, unexpected '>' ...r, :action => :resend_email %> ... ^

i got syntax previous experience, , people similar needs mine.

so i'm wondering what's best way this, without gem (i did find devise functionality, i'm trying learn how on own)

i read erb , plain text don't work well. however, error message <%= link_to "here", :controller => :user, :action => :resend_email %> well.

i'm unsure if other controllers needed.

edit info

leaving original copy other people issue. after reading max provided in answer below, have modified few things.

changes sessionscontroller

link = view_context.instance_exec   erb.new("<%= link_to 'here', :controller => :users, :action => :resend_activation %>").result(binding) end message  = "account not activated. " message += "check email activation."  message += link  # demo purposes, needed output

user controller

def resend_activation @user = user.find(params[:email]) @user.send_activation_email flash[:info] = "please check email activate account." redirect_to root_url end

partial view warnings

  <% flash.each |message_type, message| %>     <%= content_tag(:div, sanitize(message), class: "alert alert-#{message_type}") %>   <% end %>

up point seeing link expected, , issue when click it.

couldn't find user 'id'= - i've tried different uses of user , told re-search based on email params.

so tried updating routes

routes

rails.application.routes.draw    root 'static_pages#home'   '/home', to: 'static_pages#home'   '/help', to: 'static_pages#help'   '/about', to: 'static_pages#about'   '/contact', to: 'static_pages#contact'   '/signup', to: 'users#new'   post '/signup', to: 'users#create'      '/login',   to: 'sessions#new'   post   '/login',   to: 'sessions#create'   delete '/logout',  to: 'sessions#destroy'   resources :users   resources :account_activations, only: [:edit]   post '/resend_activation:email'  =>  'account_activations#resend_activation',                                         :constraints => { :email => /[^\/]+/ }   # details on dsl available within file, see http://guides.rubyonrails.org/routing.html end

which made progress (i think), , prompts me "no resource found". i'm doing research on when use vs post, , thought went right method. why trying reference path if right after sends email, it's supposed go root_url?

thanks again.

update # 2:

i able errors stop adding in route switches, , modifying sessions_controller

  def create     user = user.find_by(email: params[:session][:email].downcase)     if user && user.authenticate(params[:session][:password])       if user.activated?         log_in user         params[:session][:remember_me] == '1' ? remember(user) : forget(user)         redirect_back_or user       else         message  = "account not activated. "         message += "check email activation."          message += " #{view_context.link_to "resend activation e-mail", { action: "resend_activation",         controller: "account_activations", email: user.email }, method: :post}"         flash[:warning] = message         redirect_to root_url       end     else       flash.now[:danger] = 'invalid email/password combination'       render 'new'     end   end

but no emails going out, routes login.

heroku logs --tail

tells me

heroku logs

2016-08-24t09:44:48.990703+00:00 app[web.1]: i, [2016-08-24t09:44:48.990609 #5]  info -- : [8cfcee3c-133c-489e-8877-523578821d67] started "/resend_activation/test@example.com" 100.15.65.126 @ 2016-08-24 09:44:48 +0000 2016-08-24t09:44:48.992317+00:00 app[web.1]: i, [2016-08-24t09:44:48.992217 #5]  info -- : [8cfcee3c-133c-489e-8877-523578821d67] processing staticpagescontroller#home  2016-08-24t09:44:48.992394+00:00 app[web.1]: i, [2016-08-24t09:44:48.992349 #5]  info -- : [8cfcee3c-133c-489e-8877-523578821d67]   parameters: {"email"=>"test@example.com"} 2016-08-24t09:44:48.997712+00:00 app[web.1]: i, [2016-08-24t09:44:48.997648 #5]  info -- : [8cfcee3c-133c-489e-8877-523578821d67]   rendering static_pages/home.html.erb within layouts/application 2016-08-24t09:44:48.999032+00:00 app[web.1]: i, [2016-08-24t09:44:48.998965 #5]  info -- : [8cfcee3c-133c-489e-8877-523578821d67]   rendered static_pages/home.html.erb within layouts/application (1.1ms) 2016-08-24t09:44:49.010260+00:00 app[web.1]: i, [2016-08-24t09:44:49.010186 #5]  info -- : [8cfcee3c-133c-489e-8877-523578821d67]   rendered layouts/_shim.html.erb (0.4ms) 2016-08-24t09:44:49.010516+00:00 app[web.1]: i, [2016-08-24t09:44:49.010461 #5]  info -- : [8cfcee3c-133c-489e-8877-523578821d67]   rendered layouts/_shim.html.erb (0.0ms) 2016-08-24t09:44:49.010642+00:00 app[web.1]: i, [2016-08-24t09:44:49.010591 #5]  info -- : [8cfcee3c-133c-489e-8877-523578821d67]   rendered layouts/_headelement.html.erb (7.6ms) 2016-08-24t09:44:49.020206+00:00 app[web.1]: d, [2016-08-24t09:44:49.020136 #5] debug -- : [8cfcee3c-133c-489e-8877-523578821d67]   user load (1.8ms)  select  "users".* "users" "users"."id" = $1 limit $2  [["id", 103], ["limit", 1]] 2016-08-24t09:44:49.020630+00:00 app[web.1]: i, [2016-08-24t09:44:49.020565 #5]  info -- : [8cfcee3c-133c-489e-8877-523578821d67]   rendered layouts/_header.html.erb (3.8ms) 2016-08-24t09:44:49.025024+00:00 app[web.1]: i, [2016-08-24t09:44:49.024957 #5]  info -- : [8cfcee3c-133c-489e-8877-523578821d67]   rendered layouts/_footer.html.erb (0.7ms) 2016-08-24t09:44:49.025337+00:00 app[web.1]: i, [2016-08-24t09:44:49.025273 #5]  info -- : [8cfcee3c-133c-489e-8877-523578821d67] completed 200 ok in 33ms (views: 26.1ms | activerecord: 1.8ms)

it finds member, , renders it, no longer mailing. think it's because of route had establish make 'work'?

with following code:

    message +=        "..."" +       <%= link_to "here", :controller => :user, :action => :resend_email  %> +        "..."

you're trying use erb tags in regular ruby - won't work. can use erb in templates.

normally i'd advise using ruby's standard #{} string interpolation won't solve problem here.

link_to available views default, although can access via view_context object:

link = "#{view_context.link_to 'here', :controller => :user, :action => :resend_email}"

by way, possible use erb in controllers if compile yourself:

link = erb.new("<%= view_context.link_to(...) %>").result(binding)

you can change variables/methods available erb invoking in different context, i.e.:

link = view_context.instance_exec   erb.new("<%= link_to(...) %>").result(binding) end

this works standard #{} string interpolation too:

link = view_context.instance_exec   "#{link_to(...)}" end

it's worth mentioning if make custom html string in controller (like doing here flash), when display text on view need add custom methods make html display real html:

# in controller flash[:test] = "<span>some html</span>"  # in view <%= raw flash[:test].html_safe %>

this way text some html displayed, , not entire string <span>some html</span>

there's reason raw , html_safe necessary, , that's because printing html has security risks , rails designed make more difficult.

say user sets username "<script>alert("hacked")</script>" , string somehow makes on page true html. have exposed users xss (cross site scripting), don't want do. make sure when use raw <string>.html_safe not displaying user-generated.

Search This Blog

celery

ruby - Rails 4 - flash-alert with plain text and ERB -

Comments

Post a Comment

Popular posts from this blog

mysql - Dreamhost PyCharm Django Python 3 Launching a Site -

java - Sending SMS with SMSLib and Web Services -

java - How to resolve The method toString() in the type Object is not applicable for the arguments (InputStream) -