Home/ Questions/Q 8354751
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-09T09:38:58+00:00

Hi I have a simple application, where I have created a form , using

  • 0

Hi I have a simple application, where I have created a form , using the form_for helper. On submission, when I try to access the model object in the action that’s triggered, I am not getting all the information in that correctly. Some of the attributes are coming blank. I’ve already spent a few hours on trying to debug the problem , but invain. Any help would be greatly appreciated.
Rails 3.2
Ruby 1.9.2

Code for Form is :signup.html.erb

<%= form_for (@user) , :url => { :action => "signup" ,:method=>"post"} do |u| %>
  <p>
    <%= u.label :login %>
    <%= u.text_field :login ,:size => 20 %>
  </p>
  <p>
    <%= u.label :password %>
    <%= u.text_field :password,:size => 20 %>
  </p>
  <p>
    <%= u.label :password_confirmation %>
    <%= u.text_field :password_confirmation,:size => 20 %>
  </p>
  <p>
    <%= u.label :email %>
    <%= u.text_field :email ,:size => 20 %>
  </p>
  <%= u.submit %>
<% end %>

Code for the “signup” action of user_controller.rb is 

 def signup


      @user = User.new(params[:user])

       if request.post?  

        if @user.save!

          session[:user] = User.authenticate(@user.login, @user.password)
          flash[:message] = "Signup successful"
          redirect_to :action => "index"          
        else

          flash[:warning] = "Signup unsuccessful"
        end
      end

    end

When I click the submit button, I get the following error

 ActiveRecord::RecordInvalid in UserController#signup

Validation failed: Password can't be blank, Password doesn't match confirmation

Rails.root: /Users/kabir/ror/mmeter1
Application Trace | Framework Trace | Full Trace

app/controllers/user_controller.rb:42:in `signup'

Request

Parameters:

{"utf8"=>"✓",
 "authenticity_token"=>"yTC5i0HKltD4z40f0AQhir58CF9Pz+19VnKi3lvT6aE=",
 "user"=>{"login"=>"abcde",
 "password"=>"123456",
 "password_confirmation"=>"123456",
 "email"=>"abcde@kk.com"},
 "commit"=>"Create User",
 "method"=>"post"}

The model validations for user are

  validates_presence_of :login, :email, :password, :password_confirmation, :salt
  validates_uniqueness_of :login, :email
  validates_confirmation_of :password

The source code generated for the form a just before submission is 

<form accept-charset="UTF-8" action="/user/signup?method=post" class="new_user" id="new_user" method="post"><div style="margin:0;padding:0;display:inline"><input name="utf8" type="hidden" value="&#x2713;" /><input name="authenticity_token" type="hidden" value="yTC5i0HKltD4z40f0AQhir58CF9Pz+19VnKi3lvT6aE=" /></div>
  <p>
    <label for="user_login">Login</label>
    <input id="user_login" name="user[login]" size="20" type="text" />
  </p>
  <p>
    <label for="user_password">Password</label>
    <input id="user_password" name="user[password]" size="20" type="text" />
  </p>
  <p>
    <label for="user_password_confirmation">Password confirmation</label>
    <input id="user_password_confirmation" name="user[password_confirmation]" size="20" type="text" />
  </p>
  <p>
    <label for="user_email">Email</label>
    <input id="user_email" name="user[email]" size="20" type="text" />
  </p>
  <input name="commit" type="submit" value="Create User" />
</form>

I also logged the value of @user in the signup action of user_controller, and it showed the following values

The user params is {"login"=>"abcde", "password"=>"123456", "password_confirmation"=>"123456", "email"=>"abcde@kk.com"}
The user object is --- !ruby/object:User
attributes:
  id: 
  username: 
  password: 
  created_at: 
  updated_at: 
  login: abcde
  hashed_password: !binary |-
    MzFiNDk4MGRmMTU2OTEwOThhNDdkYzNjOTZhOTFjYWFiOTVkN2NiOA==
  email: abcde@kk.com
  salt: tgCV8xIfxS

Notice that the username and password fields are coming blank. Any help is appreciated.

Here’s the model code

 class User < ActiveRecord::Base
 # prevent the following fields from being updated through a post
 # request. ie, these fields cannot be updated as a result of a form
 # submittion. They can only be updated from within the model itself.
  attr_protected :id, :salt
  attr_accessible :login,:password,:password_confirmation,:email

 # set the basic validation rules for the different attributes of the user
  validates_length_of :login, :within => 3..40
 #  validates_length_of :password, :within => 5..40
  validates_presence_of :login, :email, :password, :password_confirmation, :salt
  validates_uniqueness_of :login, :email
  validates_confirmation_of :password
 #  validates_format_of :email, :with => /^([^@\s]+)@((?:[-a-z0-9]+\.)+[a-z]{2,})$/i, :message => "Invalid email"
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    You did not post your entire model (it’s missing an end), are you sure you do not have additional code? The password has been stored in hashed_password and removed from the password and password_confirmation, and some method is doing that. That’s because it is unsafe to use those two fields, because they are plaintext.

    So, either in your model, or an included gem does alter the saving of a User, and that is breaking your validations.

    Maybe you used code from this page?

    http://www.napcsweb.com/blog/2010/03/11/basic-authentication-in-ruby-on-rails-in-case-you-forgot/

    And hint: in your form use password_fields instead of text_fields…

    • 0