Ahoy,
I made this pager,
" def list
@item_pages = Paginator.new self, Item.count, 10,
@params[''page'']
@items = Item.find :all, :conditions => "category_id =
#{params[:condition]}",
:limit => @item_pages.items_per_page,
:offset => @item_pages.current.offset
@categories = Category.find_all
end"
And have this code to switch categories
"<table>
<tr>
<td><%= link_to ''all'', :action =>
''list'' %></td>
<% @categories.each do |category| %>
<td><%= link_to category.name, :action =>
''list'', :condition =>
category.id %></td>
<% end %>
<td><%= link_to ''New category'', :controller =>
''categories'', :action
=> ''new'' %></td>
</tr>
</table>"
It works when any of the looped categories are selected because they
pass their ID to the condition of the pager, now, how do I let the
"ALL"
link work? Do I need multiple pagers?
Sorry, still on 2nd day rails.
--
Posted via http://www.ruby-forum.com/.
check this out http://www.ruby-forum.com/topic/50290#17201 Would like to know what ppl think of this. Is it good rails practice? -- Posted via http://www.ruby-forum.com/.
Jeff Gordon wrote:> check this out http://www.ruby-forum.com/topic/50290#17201 > > Would like to know what ppl think of this. Is it good rails practice?Thanks for pointing that out, learned a few more things. could someone w/ experience chime in here? -- Posted via http://www.ruby-forum.com/.
Will Jessup wrote:> Ahoy, > > I made this pager, > > " def list > @item_pages = Paginator.new self, Item.count, 10, @params[''page''] > @items = Item.find :all, :conditions => "category_id = > #{params[:condition]}", > :limit => @item_pages.items_per_page, > :offset => @item_pages.current.offset > @categories = Category.find_all > end" > > And have this code to switch categories > > "<table> > <tr> > <td><%= link_to ''all'', :action => ''list'' %></td> > <% @categories.each do |category| %> > <td><%= link_to category.name, :action => ''list'', :condition => > category.id %></td> > <% end %> > <td><%= link_to ''New category'', :controller => ''categories'', :action > => ''new'' %></td> > </tr> > </table>" > > It works when any of the looped categories are selected because they > pass their ID to the condition of the pager, now, how do I let the "ALL" > link work? Do I need multiple pagers? > > Sorry, still on 2nd day rails.Can I ask why you''re not using the standard paginate method? @item_pages, @items = paginate :items, :conditions => "category_id = #{params[:condition]}" Would do pretty much the same as what you''re describing here, wouldn''t it? You can optionally choose not to send the :conditions parameter if you want to show all the records. O. -- Posted via http://www.ruby-forum.com/.
because i didn''t see the :conditions in the documentation for that method at the time. (>_<). How do I optionally choose not to send the parameter? -- Posted via http://www.ruby-forum.com/.
Not a seasoned expert or anything here, but wouldn''t this be vulnerable to a SQL injecton attack?>From what I''ve come to understand, it''s better to say this as@item_pages, @items = paginate :items, :conditions => ["category_id = ?", params[:category_id]] And incidentally, the paginate should take pretty much any parameters you''d want to use with a find, including :order, which is for sorting the results. http://api.rubyonrails.com/classes/ActiveRecord/Base.html#M000860 Jeff Coleman wrote:> > Can I ask why you''re not using the standard paginate method? > > @item_pages, @items = paginate :items, :conditions => "category_id = > #{params[:condition]}" > > Would do pretty much the same as what you''re describing here, wouldn''t > it? > > You can optionally choose not to send the :conditions parameter if you > want to show all the records.-- Posted via http://www.ruby-forum.com/.
Yea, one thing at a time. Still looking how to optionally not send that parameter. -- Posted via http://www.ruby-forum.com/.
Will Jessup wrote:> Yea, one thing at a time. Still looking how to optionally not send that > parameter.One simple way: if params[:category] && params[:category] == "all" @item_pages, @items = paginate: items else @item_pages, @items = paginate :items, :conditions => "category_id #{params[:category]}" end You''d need to amend your view so that one of the table headings includes the category parameter "all": <td><%= link_to ''all'', :action => ''list'', :category => ''all'' %></td> I''d recommend using the parameter name "category" instead of "condition", since it''s more descriptive--you''re sending the name of a category, so params[:category] would describe that perfectly. Jeff Coleman -- Posted via http://www.ruby-forum.com/.
Jeff Coleman wrote:> Will Jessup wrote: >> Yea, one thing at a time. Still looking how to optionally not send that >> parameter. > > One simple way: > > if params[:category] && params[:category] == "all" > @item_pages, @items = paginate: items > else > @item_pages, @items = paginate :items, :conditions => "category_id > #{params[:category]}" > end > > You''d need to amend your view so that one of the table headings includes > the category parameter "all": > > <td><%= link_to ''all'', :action => ''list'', :category => ''all'' %></td> > > I''d recommend using the parameter name "category" instead of > "condition", since it''s more descriptive--you''re sending the name of a > category, so params[:category] would describe that perfectly. > > Jeff ColemanAnd yes, the previous poster was exactly right about SQL injection--definitely use the form of the statement he recommended. @item_pages, @items = paginate :items, :conditions => ["category_id ?", params[:category_id]] Jeff -- Posted via http://www.ruby-forum.com/.
Jeff, Thanks a bunch. I knew about the SQL injection (read it in the API later that night after I posted) I wasn''t sure that its OK to put that logic in the controller, so that is fine? THanks! -- Posted via http://www.ruby-forum.com/.
Will Jessup wrote:> Jeff, > > Thanks a bunch. I knew about the SQL injection (read it in the API later > that night after I posted) > > I wasn''t sure that its OK to put that logic in the controller, so that > is fine? > > THanks!That kind of logic is exactly right for the controller. Hope it works out! Jeff Coleman -- Posted via http://www.ruby-forum.com/.
Jeff, What about this.
I now have my paginator attached to a sorter.
def list
@sorter = SortingHelper::Sorter.new self, %w(id name created_on
category_id), @params[''sort''],
@params[''order''], ''id'',
''ASC''
@pages = Paginator.new self, Item.count, 10,
@params[''page'']
if (params[:category])
@items = Item.find(:all, :conditions => [ "items.category_id
= ?", params[:category]]), @sorter.to_sql, @pages.current.to_sql
else
@items = Item.find_all nil, @sorter.to_sql,
@pages.current.to_sql
end
end
This doesn''t return any results, it seems. I get an error on the next
page when trying to call <%= item.name %> says ''name''
doesn''t exist.
How can i check how many results are returned? (like mysql_num_rows)?
--
Posted via http://www.ruby-forum.com/.