0

How can we add custom form fields in rails 4.

For ex:
User (model)
username
email
hashed_password

Now in the form field for password I would like to have fields like password and password confirm.
But due to the introduction of strong parameters in rails 4, I cannot simply send those fields .
It throws error.

It used to be a piece of cake in prior versions of rails i.e in the model we would add our custom form fields to attr_accessor and we could play with them.

NOTE: I tried this thing few weeks ago and it did'nt work, and I don't remember the exact error but was something like 'no method password on user'.
I know it is very stupid of me to not provide you with the exact error messages.
My apologies, can't help I deleted the application.

I was following this tutorial (it's for rails 3) http://www.sitepoint.com/rails-userpassword-authentication-from-scratch-part-i/

Improve this question
1
  • 2
    Why? params.require(:user).permit(:password, :password_confirm) should work well Commented Mar 5, 2014 at 18:16

2 Answers 2

Reset to default
2

Check out How is attr_accessible used in Rails 4? for using strong parameters in rails 4

Protecting attributes is now done in the Controller.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

I'm using attr_accessor in model in Rails 4.

In forms I have

<%= text_field_tag 'param_name' %>

And in controller

@model.param_name = params[:param_name]

It works ok and can solve your problem, I think. BUT! I'm not sure it is secure to use it this way. If someone can explain, why it is not appropriate for security reasons and suggest a better way, I'll appreciate it (as the author, I think).

Improve this answer

3 Comments

attr_accessor is no longer available in rails 4, it has been extracted to a gem.
Ok. But I'm using it (in Rails 4.0.2), and I don't have protected_attributes gem in my Gemfile. You mean, that it throws you an error, when you use attr_accessor in your model file?
I didn't even bother using attr_accessor coz i knew it's not gonna help. Nor did I tried 'protected_attributes' coz i didn't want to depend on something which is deprecated. I got this error in the controller from the params.require(:user).permit(:password, :password_confirm)

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.