Reputation: 786
Passing params without nil
I want to pass the value of a form to a Controller that should call a method from the Model for searching products.
I want to pass the category_id and the string that the user writes at the textfield.
I would pass to the model even the blank value of params (if the user doesn't write something on the search bar or choose none category)
I want to save even the blank value cause in the model, the SQL blank variable take "all" things.
And this is good a cause if there is something in the params , the SQL will find that thing, BUT if there is nothing in the params, the SQL will take all products.
I'm not able to save the value of params in varibiles cause if params is blank it returns to me this error:
undefined method `[]' for nil:NilClass
I hope you understand me and what I want to do. In other words , I want to use a simple assignment to pass a value (even blank values) to a model to do a SQL query. In one shoot of code I want to program two cases.
Here my code.
In my Controller:
...
if params[:search]
@search_name = params[:search]
end
if params[:category][:name]
@category = params[:category][:name]
end
@products = Product.search(@search_name,@category)
...
In my Model:
def self.search(search_name,category)
ricerca = Product.where("category_id = ? ",category)
ricerca = ricerca.where("title like ? ", "%#{search_name}%")
end
Upvotes: 3
Views: 2087
Answers (6)
Reputation: 786
LAST POST:
PROBLEM FIXED:
In Controller
@stringa_sql = ""
if params[:search]
@nome_ricerca = params[:search]
else
@nome_ricerca = ''
end
@stringa_sql = "title like "+"'%"+@nome_ricerca+"%'"
if params[:category]
if params[:category][:name] != ""
@cat = params[:category][:name]
@stringa_sql += " AND category_id = "+@cat
else
@cat = ''
end
end
@products = Product.search(@stringa_sql)
In Model:
def self.search(stringa_sql)
ricerca = Product.where(stringa_sql)
end
Question: does this solution suffer Sql Injection ?
Thx all :) I Hope this solution will help someone.
Upvotes: 0
Reputation: 786
Ok, i fixed the problem it was (i think) concerning the fact that i used @category as variable name maybe the view gets in confusion for this i call @category in @cat and the problem disappears
But , now the problem is that the SQL query doesn't return all the category if i pass "" in the variable @cat How can i have all the result of a query? with like %% it works but with category_id = "" no. why?
I post the code fixed for others:
In Controller:
if params[:category]
@cat = params[:category][:name]
else
@cat = ''
end
if params[:search]
@nome_ricerca = params[:search]
else
@nome_ricerca = ''
end
@products = Product.search(@nome_ricerca,@cat)
In model:
def self.search(nome_ricerca,categoria)
ricerca = Product.where("title like ? AND category_id = ? ", "%#{nome_ricerca}%",categoria)
end
Upvotes: 0
Reputation: 786
i still have problems , cause when i wrote
if params[:category]
@category = params[:category][:name]
else
@category = " "
end
if params[:search]
@nome_ricerca = params[:search]
else
@nome_ricerca = " "
end
@products = Product.search(@nome_ricerca,@category)
i have this problem:
Showing C:/Bitnami/depot/app/views/store/index.html.erb where line #18 raised: undefined method `name' for "":String
Extracted source (around line #18):
<p>
<%= label_tag :search, 'Search:' %>
<%= text_field_tag :search, params[:search] %>
<%= collection_select :category, :name, Category.all, :id, :name, {:prompt => 'All Categories'} %>
<%= submit_tag "Search", name: nil %>
</p>
what is this?
Upvotes: 0
Reputation: 1404
@Vito, change the line -> @category = params[:category][:name] in your controller by
@category = params[:category].present? ? params[:category][:name]
the issue is when you don't select the category then params[:category] comes nil and you are fetching name from params[:category] that's why error "undefined method `[]' for nil:NilClass" is comming.
Hope this will resolve your problem.
Upvotes: 0
Reputation: 1968
You can get category parameters by defining a method like,
def category_params
params.fetch(:category, {})
end
And, then look up for Products by,
@search_name = params[:search]
@category = category_params[:name]
@products = Product.search(@search_name, @category)
In my opinion, if you are making a direct query on Product, then you should do like,
def product_params
params.fetch(:product, {})
end
@category = product_params[:category_id]
@title = product_params[:title]
@products = Product.search(@category, @title)
And in product model,
def self.search(category, title)
where("category_id = ? AND title LIKE ?", category, "%#{title}%")
end
Upvotes: 1
Reputation: 5514
Try this:
@search_name = params[:search]
@category = (params[:category].blank? ? nil : params[:category][:name])
@products = Product.search(@search_name,@category)
Upvotes: 0
Related Questions
- Rails keeping params DRY
- Rails 4 search Multiple Params
- Rails Search with optional parameters?
- Query string param is always nil
- Passing parameters to ruby methods in Rails
- Rails parameters
- Rails - passing arbitrary parameters into search
- Passing params to the controller rails
- Optional Rails Params in Controller Query
- Params becomming nil