Good Day, i am trying to update the rating of a user using form_for to populate the text_field of its current rating and then update it to user entered value. So far, its seems all simple but something doesn't seem well and i am getting this error. Help will be highly appreciated!
user controller:
def edit_rating
@ad = Ad.find(params[:id])
@user = User.find(@ad.user_id)
if @user.update_attributes(user_params)
flash[:notice] = "User Updated Successfully"
redirect_to(:action => 'index')
else
end
end
def user_params
params.require(:user).permit(:firstName, :lastName, :email , :password , :location, :rating)
end
edit_rating view:
<h2>
Edit User Rating
</h2>
<h4>
Name: <%= @user.firstName %>
</h4>
<p>
Current Rating: <%= @user.rating%>
</p>
<%=form_for(:user , :url => {:action => 'edit_rating' , :id => @user.id}) do |f| %>
<p>
Updated Rating: <%= f.text_field(:rating) %>
</p>
<%= submit_tag("Update Rating") %>
<% end%>
This is the error that i am getting.
You can do the reverse not to permit you can only use the params you only want to use:
@user.update_attributes(rating: params[:user][:rating])
Collected from the Internet
Please contact [email protected] to delete if infringement.
Comments