I have a form that allows the user to search for a manufacturer. It
works fine.
Now I am making the site in two languages French and English. I have the
basics of I18ln working as suggested in Agile Web Development book.
However for this particular case there is a problem. If the user chooses
to switch languages after the results come back the information is no
longer being sent as a request.post. In the controller I test for this
to make sure the information is coming from the form for security
reason.
#takes the information entered on the search products box and returns
a list of possible matches.
def search
if request.post?
@manufacturer_matches =
Manufacturer.find_all(params[:manufacturer])
unless @manufacturer_matches[0]
flash[:search] = t('manufacturers.search.flash', :manufacturer
=> params[:manufacturer] )
end
end
end
(find all is a method in the Manufacturers model.)
If i remove the request.post? potential hackers can get in and the
parameters from the search box are not passed so the search returns
nothing.
Any ideas on the best practices to be
--
Posted via http://www.ruby-forum.com/.
_______________________________________________
Railsi18n-discussion mailing list
Railsi18n-discussion@rubyforge.org
http://rubyforge.org/mailman/listinfo/railsi18n-discussion
