使用RoR将参数从表单传递到控制器
[英]Passing parameters from form to controller using RoR
问题描述
I am new to RoR development and am a little confused about how parameters are passed from a HTML view to the controller. 
我是RoR开发的新手,并对如何将参数从HTML视图传递到控制器感到困惑。 I have seen a few examples online which use a private method like this: 我在网上看到了一些使用私有方法的示例,例如:
private
def message_params
params.require(:message).permit(:content)
end
I have been looking for some clarification online as to what this method does and how it works, but I only encounter posts/articles which use the method rather than explain what it does. 我一直在网上寻找有关此方法的作用及其工作方式的说明,但是我只遇到使用该方法的帖子/文章,而没有解释它的作用。
I was hoping someone could explain how the method takes(/filters?) values passed via the form via a POST request, what the require and permit keywords mean and how would i change this method to fit my own use. 我希望有人能解释该方法如何通过POST请求获取通过表单传递的(/ filters?)值,require和allow关键字的含义以及如何更改此方法以适合自己的用法。
For example if i needed to get data about a new book would i do this: 例如,如果我需要获取有关新书的数据,我会这样做:
private
def book_params
params.require(:book_name).require(:ISBN).require(:Author).permit(:Illustrator)
end
Would the above be valid given that my book object has those fields? 鉴于我的书对象具有这些字段,以上内容是否有效?
Any clarification would be appreciated. 任何澄清将不胜感激。
Thank you. 谢谢。
2 个解决方案
解决方案1
0 2017-08-19 16:58:47
This kind of function is used to whitelist params - ie say you have a message model, and through the controller actions you should only be able to change the content. 这种功能用于将参数列入白名单-即说您有一个消息模型,并且通过控制器操作,您只能更改内容。 Maybe there is also an author field - but even if someone were to pass that through the form, you would not want to update it. 也许还有一个author字段-但是即使有人将其通过表单传递,您也不想更新它。
params.require(:message)
Will return to you params[:message]. 将返回给您params [:message]。 permit means you are allowing only the content field through. 允许表示您只允许内容字段通过。
See: http://edgeguides.rubyonrails.org/action_controller_overview.html#strong-parameters 请参阅: http : //edgeguides.rubyonrails.org/action_controller_overview.html#strong-parameters
I would need to see your model setup, but I would assume given a book model you'd want something more akin to: 我需要查看您的模型设置,但是假设给定了书本模型,您将需要更类似于以下内容的东西:
params.require(:book).permit(:illustrator, :author, :isbn)
解决方案2
0 已采纳 2017-08-19 16:59:23
here is some info (I'm using your sample model Book and BookController), that probably can help you more understand 这是一些信息(我正在使用示例模型Book和BookController),可能可以帮助您更多地了解
when you submit form, rails automatically called create method, inside create method you will see Book.new(book_params), book_params will call private method and will check which field allowed, if there is another field that submitted but not listed inside your permit block then it will be not passed along to save command 提交表单时,rails自动调用create方法,在create方法内部,您将看到Book.new(book_params),book_params将调用private方法并检查允许的字段,如果还有其他字段已提交但未在您的允许框内列出那么它将不会传递到保存命令
class BooksController < ApplicationController
def create
@book = Book.new(book_params)
if @book.save
flash[:success] = 'Data save successfully'
redirect_to books_path
else
render :new
end
end
private
def book_params
params.require(:book).permit(
:book_name,
:isbn,
:author,
:illustrator)
end
end
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.