Hey Tom, Instead of encrypting/decrypting some data, one typical approach to do this type of thing is to employ (cryptographic) hashing to verify that some requested action is valid, as well as to try and discourage malicious request attempts.
You could try something like: ### in routes: ... map.connect '/ unsubscribe/:user_id/:dt/:hd', :controller=>'test', :action=>'unsubscribe' map.connect '/ unsubscribe/:user_id', :controller=>'test', :action=>'unsubscribe' ... ### in controller: require 'digest/sha2' ... UNSUBSCRIBE_SECRET = "somelongrandomstring" UNSUBSCRIBE_URL_PRE = "http://testapp.foo.com/unsubscribe"; ... def unsubscribe user_id = params[:user_id].to_i dt = params[:dt].to_i hd = params[:hd] # user doesn't exist in db? if user_id < 1 or User.count(:conditions=>["id=?", user_id]) < 1 # log it and redirect to .... end # email unsubscribe link to user? if dt < 1 or hd.blank? dt = Time.now.to_i hd = unsubscribe_hd(user_id, dt) unsubscribe_url = "#{UNSUBSCRIBE_URL_PRE}/#{user_id}/#{dt}/#{hd}" # email url to user and redirect to .... end # invalid hd? expected_hd = unsubscribe_hd(user_id, dt) if hd != expected_hd # log it and redirect to .... end # unsubscribe the user and redirect to ... end ... protected def unsubscribe_hd(user_id, dt) secret_hd = Digest::SHA256.hexdigest(UNSUBSCRIBE_SECRET) return Digest::SHA256.hexdigest("#{user_id}#{dt}#{secret_hd}") end ... Jeff On Sep 28, 12:12 pm, TomRossi7 <[email protected]> wrote: > I want to provide a link for users to unsubscribe to our newsletter. > I don't want the actual email address to show up in the url. So I > would like it something like /unsubscribe/wx313asdf31. What is the > simplest method of encrypting the email to a URL compliant string? > > Thanks, > Tom --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
