1

For example, suppose I had a blog and anybody could read the articles, read the comments, and flag any comment as inappropriate. How do I prevent non-signed-in users from clicking the "Flag Comment" link more than once?

The "Flag Comment" link would be tied directly to a controller method for a Comment model.

I'm new to the idea of sessions and cookies (as well as Rails in general). I've read this on Sessions but I'm afraid I'm still a little confused.

I've considered creating a Base class called Guest, but I was wondering if I could avoid this and instead utilize session or cookies temp data.

Thanks in advance.

John Bullhuo
  • 71
  • 1
  • 8

1 Answers1

2

The basic idea could be the following (sorry, no code yet):

  1. Define which information should be stored in a session and / or a cookie. I think it should be the id of the comment for each flagged comment. Store them in a hash like structure.

  2. Make the link to flagging a comment depending on the content of the cookie. Something like that:

    ...
= link_to('flag comment', flag_comment_path(comment.id)) if ! cookies[:flagged_comments] || ! cookies[:flagged_comments][comment.id]

  3. Set the cookies hash value when a comment is flagged (use here the local variable comment, this has to be set or known somewhere):

    cookies[:flagged_comments] = Hash.new if ! cookies[:flagged_comments]
cookies[:flagged_comments][comment.id] = comment.id

I don't know if the code will work, but the idea should be clear. And yes, do that only to anonymous users (more dependent UI and controller functionality).

One more thing: I don't think you should use the session and the cookies for storing this information. And due to the fact that you have to notice when someone flags a comment in 2 different sessions, go with the cookies only.

mliebelt
  • 15,345
  • 7
  • 55
  • 92
  • Thanks for the tip! I'm going to try incorporating elements of what you said in my code and see how that works! – John Bullhuo Oct 09 '11 at 18:40
  • 1
    Can't get it to work. When I tried cookies[:flagged_comments][id] = id in my controller I kept getting the error "Undefined local variable or method id". Also, can you explain your if statement? To me it looks like the link would be active only if the cookie hash values have been set (shouldn't it be the opposite?). – John Bullhuo Oct 12 '11 at 21:33
  • I have changed the logic (you were right, flag is only allowed if not set previously). The id comes from the comment, so I have added `comment.id` to be clear what id is needed here. – mliebelt Oct 13 '11 at 05:07
  • Still no luck. When I try `cookies[:flagged_comments][@comment.id] = @comment.id` I get error `Can't convert Fixednum into string` so I tried `cookies[:flagged_comments]["#{@comment.id}"] = @comment.id` only to get error `string not matched`. – John Bullhuo Oct 15 '11 at 03:48
  • I even tried `cookies[:flagged_comments] = cookies[:flagged_comments].to_s.split(',').push(params[:id].to_s).join(',')` in the controller action, then `link_to('flag comment', flag_comment_path(comment.id)) if (cookies[:flagged_comments].to_s.split(',')).include?(comment.id)` in the view, but this didn't work (at least no errors). – John Bullhuo Oct 15 '11 at 06:07
  • Perhaps you should step back and first try to store and load a cookie (independent of the status of the user). I do not know what datastructure is allowed in the cookie, perhaps it have to be a string. Check the question http://stackoverflow.com/questions/4576875/rails-3-cookies and the reference http://ruby.railstutorial.org/chapters/sign-in-sign-out#sec%3aremember_me – mliebelt Oct 15 '11 at 09:12
  • Yeah I've read both of those. I wanted to avoid creating a separate cookie per comment, but at least it works. Thanks for all your help! – John Bullhuo Oct 17 '11 at 19:33