Thank you to anyone who has already donated - your generous donations helped make three months of treatment possible.

My brother Nate continues to fight stage IV Hodgkin's lymphoma. He's just 31, with a wife and baby girl. They have no active income (since he's been unable to return to work), no insurance, and cannot afford the treatment he needs. Nate and his family need your help. Please consider a donation, every dollar helps. Thanks.

Read Nate's story Support Nate by buying an official Pastie t-shirt Hide this message

Document@2x
|
Chain_link@2x
|
Arrow_down@2x
|
Spiral_paper@2x
A A A

Ruby on Rails       Report abuse

application.rb 

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17

  def authorise
    unless User.find_by_id(session[:user_id])
      flash[:notice] = "Please log in"
      redirect_to :controller => :account, :action => :login
    end
  end

  def fetch_user_details
    begin
    # Only attempt to fetch user object if user_id is valid:
    if User.find_by_id(session[:user_id])
      @user = User.find(session[:user_id])
    end
    rescue Exception => ex
      @user = nil
    end
  end

(controllers/account_controller.rb) 

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40

class AccountController < ApplicationController

  #  Before filter
  before_filter :authorise, :except => [:registration, :login]


  # Allows the blog owner to login
  def login

    # Has the form been posted yet?
    if request.post?

      # Check if the user details are valid:
      user = User.authenticate(params[:username], params[:password])
      # Check if current user has their account locked:
      user_locked = AccessLock.is_account_locked?(request.remote_ip)
      # Valid user object returned?
      if user and !user_locked
        # Store the user's id in a session variable:
        session[:user_id] = user.id
        # Ensure that the account lock is clean:
        AccessLock.clear_account request.remote_ip
        # Redirect to the main page
        redirect_to :controller => :post, :action => :view

      else
        # Want to increase the login attempt count, three attempts and the
        # user is locked out.
        if AccessLock.update_login_attempt(request.remote_ip)
          # The user has been locked for a short while...
          flash.now[:notice] = "Account has been locked."
        else
          flash.now[:notice] = "Invalid username or password, please try again."  
        end
      end
    end

  end

end

(controllers/post_controller.rb) 

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16

class PostController < ApplicationController

  # Setup filter
  before_filter :fetch_user_details
  before_filter :authorise, :only => [:create, :edit, :view, :preview]


  # #####################################################################################
  # Allows user to view all posts
  # #####################################################################################
  def view
    @all_posts = Post.paginate :page => params[:page], :per_page => 5, :order => "created_at DESC"
    @all_categories = Category.find(:all)
  end 
end

(views/account/login.rhtml) 

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<%= stylesheet_link_tag 'admin_master' %>
<title>96 Methods - User Login</title>
</head>


<body>
  <div id="wrapper">
    <div id="branding">
      <h1><span></span>96 methods</h1>
      <ul></ul>
    </div>
    <div id="content">
      <h2>Login</h2>
      <% if flash[:notice] -%>
        <p class="warning"><%= flash[:notice] %></p>
      <% end -%>
      <% form_tag do %>
        <p>
          <label for="username">Username:</label>
          <%= text_field_tag :username, params[:username], :class => 'textfield' %>
        </p>
        <p>
          <label for="password">Password:</label>
          <%= password_field_tag :password, nil, :class => 'textfield' %>
        </p>
        <p>
          <%= submit_tag 'Login' %>
        </p>
      <% end %>
      <p class="last"></p>
    </div>
    <div id="sideContent">
      <!--<h2></h2>-->

      <p class="info">You are currently logged out</p>

      <p class="last"></p>
    </div>

  </div> <!-- wrapper -->
</body>
</html>

(views/post/view.rhtml) - uses admin_layout (below) 

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44

<% @title = "View Posts" %>

<div id="content">
  <h2>All Posts</h2>
  <% if flash[:notice] %>
    <div id="notice">
      <%= flash[:notice] %>
    </div>
  <% end %>
  <table>
    <thead>
      <tr>
        <th class="title">Title</th>
        <th class="category">Categories</th>        
        <th class="status">Status</th>
        <th class="date">Date</th>
        <th colspan="2" class="comment">Comments Waiting</th>
        <th colspan="2" class="action">Actions</th>

      </tr>
    </thead>
    <tbody>
      <% for post in @all_posts %>
        <tr class="<%= cycle('odd', 'even') %>">
          <td class="title"><%= h(post.title)%></td>
          <td><%= post.categories.collect(&:title).join(", ") %></td>
          <% if post.published %>
            <td>PUBLISHED</td>
          <% else %>
            <td>DRAFT</td>
          <% end %>
          <td><%= post.get_formatted_creation_date %></td>
          <td><%= post.get_count_of_pending_comments %></td>
          <td><%= link_to "View", :controller => :comment, :action => :view, :post_id => post %></td>    
          <td><%= link_to "Edit", :controller => :post, :action => :edit, :post_id => post %></td>
          <td><%= link_to "Preview", :controller => :post, :action => :preview, :post_id => post %></td>    
        </tr>  
      <% end %>
    </tbody>
  </table>
  <%= will_paginate @all_posts %>

  <p class="last"></p>
</div> <!-- content -->

The layout used by view.rhtml (views/layouts/admin_layout.rhtml) 

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<%= stylesheet_link_tag 'admin_master' %>
<title>96 Methods - <%= @title %></title>
</head>


<body>
  <div id="wrapper">
    <div id="branding">
      <h1><span></span>96 methods</h1>
      <ul>
        <li><a href="/admin/blog" class="menu1test"><span></span>BLOG</a></li>
        <li><a href="/admin/news" class="menu2test"><span></span>NEWS</a></li>
        <li><a href="#" class="menu3test"><span></span>ABOUT</a></li>
      </ul>
    </div>

    <%= yield :layout %>
    <div id="sideContent">
      <h2><span></span>Actions</h2>
      <ul>
        <li><%= link_to "Write a new post",
          :controller => :post,
          :action => :create %></li>
        <li><%= link_to "Create a new category",
          :controller => :category,
          :action => :create %></li>    
      </ul>
      <p></p>
      <ul>
        <li><%= link_to "Logout",
          :controller => :account,
          :action => :logout %></li>
      </ul>
      <p class="last"></p>
    </div>
  </div> <!-- wrapper -->
</body>
</html>

config/routes.rb 

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34

ActionController::Routing::Routes.draw do |map|
  # The priority is based upon order of creation: first created -> highest priority.
  map.connect "blog", :controller => "post", :action => "view_recent_posts"
  map.connect "blog/category/:id", :controller => "post", :action => "view_by_category", :id => /\d+/  
  map.connect "blog/:id", :controller => "post", :action => "view_post"  

  map.connect "admin/blog", :controller => "post", :action => "view"
  map.connect "admin/blog/edit/:post_id", :controller => "post", :action => "edit"
  map.connect "admin/blog/preview/:post_id", :controller => "post", :action => "preview"
  map.connect "admin/blog/comment/view/:post_id", :controller => "comment", :action => "view"

  map.connect "admin/blog/comment/add/:post_id", :controller => "comment", :action => "add"


  map.connect "admin/news", :controller => "news", :action => "view"
  map.connect "admin/news/edit/:article_id", :controller => "news", :action => "edit"
  map.connect "admin/new/preview/:article_id", :controller => "news", :action => "preview" 


  map.connect "account/registration", :controller => "account", :action => "registration"
  map.connect "account/login", :controller => "account", :action => "login"
  map.connect "account/logout", :controller => "account", :action => "logout"


  map.connect "news", :controller => "news", :action => "view_recent_articles"
  map.connect "news/:id", :controller => "news", :action => "view_article" 

  map.connect "about", :controller => "about", :action => "about"

  map.connect "post/create", :controller => "post", :action => "create"
  map.connect "category/create", :controller => "category", :action => "create"

  map.connect '', :controller => "post" , :action => "view_recent_posts"
end