Rails 4 Using form_tag
I am using rails 4.0.2 framework. I have a picture of the forest and on the show page "picture". I am trying to add a simple inline form to forward this to an email address. After entering the email and clicking the forward button, it should send the current link to the image in an email. But I am struggling to achieve this. I created a "forward_picture" controller with a "create" action and added it as a resource in the config / routes file. Then I created a form as an image as follows.
views / photos / show.html.erb
...
<%= form_tag(:controller => "forward_picture", :action => "create") do %>
<%= hidden_field_tag :picture_id, params[:@picture.id] %>
<%= label_tag :email %>
<%= text_field_tag :email, params[:email] %>
<%= submit_tag "Forward" %>
<% end %>
Is this the correct way to inject the form, pass parameters, and call the appropriate action (create) in forward_picture_controller? How to use parameter access in the controller given the strong parameter policy in rails 4? In the controller, I can create an appropriate URL to send a given email address.
Any help is appreciated.
source to share
It is generally a good idea to create and name routes. In routes.rb file:
post :forward_picture, to: "forward_picture#create", as: :forward_picture
The last attribute defined here:
as: :forward_picture
Creates a "name" for your route and therefore creates a name_path method that can be called from any view. Then your form can use it like this:
<%= form_tag forward_picture_path do %>
As for the parameters, you should be able to get by parameters [: email] or params [: picture_id]. Strong parameters are only used for mass assignment, i.e. Product.create (params [: product]), where parameters can have multiple attributes for the product model. This is when you want to misinform the params [: product] hash to make sure you only allow what you need. This is when you use secure parameters.
source to share