~michaelforrest/use-case-mapper/trunk

# * <tt>:only_path</tt> - If true, returns the relative URL (omitting the protocol, host name, and port) (<tt>true</tt> by default unless <tt>:host</tt> is specified).

# * <tt>:trailing_slash</tt> - If true, adds a trailing slash, as in "/archive/2005/". Note that this

# is currently not recommended since it breaks caching.

# * <tt>:host</tt> - Overrides the default (current) host if provided.

# * <tt>:protocol</tt> - Overrides the default (current) protocol if provided.

# * <tt>:user</tt> - Inline HTTP authentication (only plucked out if <tt>:password</tt> is also present).

# * <tt>:password</tt> - Inline HTTP authentication (only plucked out if <tt>:user</tt> is also present).

# * <tt>:escape</tt> - Determines whether the returned URL will be HTML escaped or not (<tt>true</tt> by default).

# ==== Relying on named routes

# If you instead of a hash pass a record (like an Active Record or Active Resource) as the options parameter,

# you'll trigger the named route for that record. The lookup will happen on the name of the class. So passing

# a Workshop object will attempt to use the workshop_path route. If you have a nested route, such as

# admin_workshop_path you'll have to call that explicitly (it's impossible for url_for to guess that route).

# ==== Examples

# <%= url_for(:action => 'index') %>

# # => /blog/

# <%= url_for(:action => 'find', :controller => 'books') %>

# # => /books/find

# <%= url_for(:action => 'login', :controller => 'members', :only_path => false, :protocol => 'https') %>

# # => https://www.railsapplication.com/members/login/

# <%= url_for(:action => 'play', :anchor => 'player') %>

# # => /messages/play/#player

# <%= url_for(:action => 'checkout', :anchor => 'tax&ship') %>

# # => /testing/jump/#tax&ship

# <%= url_for(:action => 'checkout', :anchor => 'tax&ship', :escape => false) %>

# # => /testing/jump/#tax&ship

# <%= url_for(Workshop.new) %>

# # relies on Workshop answering a new_record? call (and in this case returning true)

# # => /workshops

# <%= url_for(@workshop) %>

# # calls @workshop.to_s

# # => /workshops/5

# <%= url_for("http://www.example.com") %>

# # => http://www.example.com

# <%= url_for(:back) %>

# # if request.env["HTTP_REFERER"] is set to "http://www.example.com"

# # => http://www.example.com

# <%= url_for(:back) %>

# # if request.env["HTTP_REFERER"] is not set or is blank

# # => javascript:history.back()

def url_for(options = {})

options ||= {}

url = case options

when String

escape = true

options

when Hash

options = { :only_path => options[:host].nil? }.update(options.symbolize_keys)

escape = options.key?(:escape) ? options.delete(:escape) : true

@controller.send(:url_for, options)

when :back

escape = false

@controller.request.env["HTTP_REFERER"] || 'javascript:history.back()'

else

escape = false

polymorphic_path(options)

end

escape ? escape_once(url) : url

end

# Creates a link tag of the given +name+ using a URL created by the set

# of +options+. See the valid options in the documentation for

# url_for. It's also possible to pass a string instead

100

# of an options hash to get a link tag that uses the value of the string as the

101

# href for the link, or use <tt>:back</tt> to link to the referrer - a JavaScript back

102

# link will be used in place of a referrer if none exists. If nil is passed as

103

# a name, the link itself will become the name.

104

105

# ==== Signatures

106

107

# link_to(name, options = {}, html_options = nil)

108

# link_to(options = {}, html_options = nil) do

109

# # name

110

# end

111

112

# ==== Options

113

# * <tt>:confirm => 'question?'</tt> - This will add a JavaScript confirm

114

# prompt with the question specified. If the user accepts, the link is

115

# processed normally, otherwise no action is taken.

116

# * <tt>:popup => true || array of window options</tt> - This will force the

117

# link to open in a popup window. By passing true, a default browser window

118

# will be opened with the URL. You can also specify an array of options

119

# that are passed-thru to JavaScripts window.open method.

120

# * <tt>:method => symbol of HTTP verb</tt> - This modifier will dynamically

121

# create an HTML form and immediately submit the form for processing using

122

# the HTTP verb specified. Useful for having links perform a POST operation

123

# in dangerous actions like deleting a record (which search bots can follow

124

# while spidering your site). Supported verbs are <tt>:post</tt>, <tt>:delete</tt> and <tt>:put</tt>.

125

# Note that if the user has JavaScript disabled, the request will fall back

126

# to using GET. If you are relying on the POST behavior, you should check

127

# for it in your controller's action by using the request object's methods

128

# for <tt>post?</tt>, <tt>delete?</tt> or <tt>put?</tt>.

129

# * The +html_options+ will accept a hash of html attributes for the link tag.

130

131

# Note that if the user has JavaScript disabled, the request will fall back

132

# to using GET. If <tt>:href => '#'</tt> is used and the user has JavaScript disabled

133

# clicking the link will have no effect. If you are relying on the POST

134

# behavior, your should check for it in your controller's action by using the

135

# request object's methods for <tt>post?</tt>, <tt>delete?</tt> or <tt>put?</tt>.

136

137

# You can mix and match the +html_options+ with the exception of

138

# <tt>:popup</tt> and <tt>:method</tt> which will raise an ActionView::ActionViewError

139

# exception.

140

141

# ==== Examples

142

# Because it relies on +url_for+, +link_to+ supports both older-style controller/action/id arguments

143

# and newer RESTful routes. Current Rails style favors RESTful routes whenever possible, so base

144

# your application on resources and use

145

146

# link_to "Profile", profile_path(@profile)

147

# # => <a href="/profiles/1">Profile</a>

148

149

# or the even pithier

150

151

# link_to "Profile", @profile

152

# # => <a href="/profiles/1">Profile</a>

153

154

# in place of the older more verbose, non-resource-oriented

155

156

# link_to "Profile", :controller => "profiles", :action => "show", :id => @profile

157

# # => <a href="/profiles/show/1">Profile</a>

158

159

# Similarly,

160

161

# link_to "Profiles", profiles_path

162

# # => <a href="/profiles">Profiles</a>

163

164

# is better than

165

166

# link_to "Profiles", :controller => "profiles"

167

# # => <a href="/profiles">Profiles</a>

168

169

# You can use a block as well if your link target is hard to fit into the name parameter. ERb example:

170

171

# <% link_to(@profile) do %>

172

# <strong><%= @profile.name %></strong> -- <span>Check it out!!</span>

173

# <% end %>

174

# # => <a href="/profiles/1"><strong>David</strong> -- <span>Check it out!!</span></a>

175

176

# Classes and ids for CSS are easy to produce:

177

178

# link_to "Articles", articles_path, :id => "news", :class => "article"

179

# # => <a href="/articles" class="article" id="news">Articles</a>

180

181

# Be careful when using the older argument style, as an extra literal hash is needed:

182

183

# link_to "Articles", { :controller => "articles" }, :id => "news", :class => "article"

184

# # => <a href="/articles" class="article" id="news">Articles</a>

185

186

# Leaving the hash off gives the wrong link:

187

188

# link_to "WRONG!", :controller => "articles", :id => "news", :class => "article"

189

# # => <a href="/articles/index/news?class=article">WRONG!</a>

190

191

# +link_to+ can also produce links with anchors or query strings:

192

193

# link_to "Comment wall", profile_path(@profile, :anchor => "wall")

194

# # => <a href="/profiles/1#wall">Comment wall</a>

195

196

# link_to "Ruby on Rails search", :controller => "searches", :query => "ruby on rails"

197

# # => <a href="/searches?query=ruby+on+rails">Ruby on Rails search</a>

198

199

# link_to "Nonsense search", searches_path(:foo => "bar", :baz => "quux")

200

# # => <a href="/searches?foo=bar&baz=quux">Nonsense search</a>

201

202

# The three options specific to +link_to+ (<tt>:confirm</tt>, <tt>:popup</tt>, and <tt>:method</tt>) are used as follows:

203

204

# link_to "Visit Other Site", "http://www.rubyonrails.org/", :confirm => "Are you sure?"

205

# # => <a href="http://www.rubyonrails.org/" onclick="return confirm('Are you sure?');">Visit Other Site</a>

206

207

# link_to "Help", { :action => "help" }, :popup => true

208

# # => <a href="/testing/help/" onclick="window.open(this.href);return false;">Help</a>

209

210

# link_to "View Image", @image, :popup => ['new_window_name', 'height=300,width=600']

211

# # => <a href="/images/9" onclick="window.open(this.href,'new_window_name','height=300,width=600');return false;">View Image</a>

212

213

# link_to "Delete Image", @image, :confirm => "Are you sure?", :method => :delete

214

# # => <a href="/images/9" onclick="if (confirm('Are you sure?')) { var f = document.createElement('form');

215

# f.style.display = 'none'; this.parentNode.appendChild(f); f.method = 'POST'; f.action = this.href;

216

# var m = document.createElement('input'); m.setAttribute('type', 'hidden'); m.setAttribute('name', '_method');

217

# m.setAttribute('value', 'delete'); f.appendChild(m);f.submit(); };return false;">Delete Image</a>

218

def link_to(*args, &block)

219

if block_given?

220

options = args.first || {}

221

html_options = args.second

222

concat(link_to(capture(&block), options, html_options).html_safe!)

223

else

224

name = args.first

225

options = args.second || {}

226

html_options = args.third

227

228

url = url_for(options)

229

230

if html_options

231

html_options = html_options.stringify_keys

232

href = html_options['href']

233

convert_options_to_javascript!(html_options, url)

234

tag_options = tag_options(html_options)

235

else

236

tag_options = nil

237

end

238

239

href_attr = "href=\"#{url}\"" unless href

240

"<a #{href_attr}#{tag_options}>#{name || url}</a>".html_safe!

241

end

242

end

243

244

# Generates a form containing a single button that submits to the URL created

245

# by the set of +options+. This is the safest method to ensure links that

246

# cause changes to your data are not triggered by search bots or accelerators.

247

# If the HTML button does not work with your layout, you can also consider

248

# using the link_to method with the <tt>:method</tt> modifier as described in

249

# the link_to documentation.

250

251

# The generated FORM element has a class name of <tt>button-to</tt>

252

# to allow styling of the form itself and its children. You can control

253

# the form submission and input element behavior using +html_options+.

254

# This method accepts the <tt>:method</tt> and <tt>:confirm</tt> modifiers

255

# described in the link_to documentation. If no <tt>:method</tt> modifier

256

# is given, it will default to performing a POST operation. You can also

257

# disable the button by passing <tt>:disabled => true</tt> in +html_options+.

258

# If you are using RESTful routes, you can pass the <tt>:method</tt>

259

# to change the HTTP verb used to submit the form.

260

261

# ==== Options

262

# The +options+ hash accepts the same options at url_for.

263

264

# There are a few special +html_options+:

265

# * <tt>:method</tt> - Specifies the anchor name to be appended to the path.

266

# * <tt>:disabled</tt> - Specifies the anchor name to be appended to the path.

267

# * <tt>:confirm</tt> - This will add a JavaScript confirm

268

# prompt with the question specified. If the user accepts, the link is

269

# processed normally, otherwise no action is taken.

270

271

# ==== Examples

272

# <%= button_to "New", :action => "new" %>

273

# # => "<form method="post" action="/controller/new" class="button-to">

274

# # <div><input value="New" type="submit" /></div>

275

# # </form>"

276

277

# button_to "Delete Image", { :action => "delete", :id => @image.id },

278

# :confirm => "Are you sure?", :method => :delete

279

# # => "<form method="post" action="/images/delete/1" class="button-to">

280

# # <div>

281

# # <input type="hidden" name="_method" value="delete" />

282

# # <input onclick="return confirm('Are you sure?');"

283

# # value="Delete" type="submit" />

284

# # </div>

285

# # </form>"

286

def button_to(name, options = {}, html_options = {})

287

html_options = html_options.stringify_keys

288

convert_boolean_attributes!(html_options, %w( disabled ))

289

290

method_tag = ''

291

if (method = html_options.delete('method')) && %w{put delete}.include?(method.to_s)

292

method_tag = tag('input', :type => 'hidden', :name => '_method', :value => method.to_s)

293

end

294

295

form_method = method.to_s == 'get' ? 'get' : 'post'

296

297

request_token_tag = ''

298

if form_method == 'post' && protect_against_forgery?

299

request_token_tag = tag(:input, :type => "hidden", :name => request_forgery_protection_token.to_s, :value => form_authenticity_token)

300

end

301

302

if confirm = html_options.delete("confirm")

303

html_options["onclick"] = "return #{confirm_javascript_function(confirm)};"

304

end

305

306

url = options.is_a?(String) ? options : self.url_for(options)

307

name ||= url

308

309

html_options.merge!("type" => "submit", "value" => name)

310

311

"<form method=\"#{form_method}\" action=\"#{escape_once url}\" class=\"button-to\"><div>" +

312

method_tag + tag("input", html_options) + request_token_tag + "</div></form>".html_safe!

313

end

314

315

316

# Creates a link tag of the given +name+ using a URL created by the set of

317

# +options+ unless the current request URI is the same as the links, in

318

# which case only the name is returned (or the given block is yielded, if

319

# one exists). You can give link_to_unless_current a block which will

320

# specialize the default behavior (e.g., show a "Start Here" link rather

321

# than the link's text).

322

323

# ==== Examples

324

# Let's say you have a navigation menu...

325

326

# <ul id="navbar">

327

# <li><%= link_to_unless_current("Home", { :action => "index" }) %></li>

328

# <li><%= link_to_unless_current("About Us", { :action => "about" }) %></li>

329

# </ul>

330

331

# If in the "about" action, it will render...

332

333

# <ul id="navbar">

334

# <li><a href="/controller/index">Home</a></li>

335

# <li>About Us</li>

336

# </ul>

337

338

# ...but if in the "index" action, it will render:

339

340

# <ul id="navbar">

341

# <li>Home</li>

342

# <li><a href="/controller/about">About Us</a></li>

343

# </ul>

344

345

# The implicit block given to link_to_unless_current is evaluated if the current

346

# action is the action given. So, if we had a comments page and wanted to render a

347

# "Go Back" link instead of a link to the comments page, we could do something like this...

348

349

# <%=

350

# link_to_unless_current("Comment", { :controller => 'comments', :action => 'new}) do

351

# link_to("Go back", { :controller => 'posts', :action => 'index' })

352

# end

353

# %>

354

def link_to_unless_current(name, options = {}, html_options = {}, &block)

355

link_to_unless current_page?(options), name, options, html_options, &block

356

end

357

358

# Creates a link tag of the given +name+ using a URL created by the set of

359

# +options+ unless +condition+ is true, in which case only the name is

360

# returned. To specialize the default behavior (i.e., show a login link rather

361

# than just the plaintext link text), you can pass a block that

362

# accepts the name or the full argument list for link_to_unless.

363

364

# ==== Examples

365

# <%= link_to_unless(@current_user.nil?, "Reply", { :action => "reply" }) %>

366

# # If the user is logged in...

367

# # => <a href="/controller/reply/">Reply</a>

368

369

# <%=

370

# link_to_unless(@current_user.nil?, "Reply", { :action => "reply" }) do |name|

371

# link_to(name, { :controller => "accounts", :action => "signup" })

372

# end

373

# %>

374

# # If the user is logged in...

375

# # => <a href="/controller/reply/">Reply</a>

376

# # If not...

377

# # => <a href="/accounts/signup">Reply</a>

378

def link_to_unless(condition, name, options = {}, html_options = {}, &block)

379

if condition

380

if block_given?

381

block.arity <= 1 ? yield(name) : yield(name, options, html_options)

382

else

383

name

384

end

385

else

386

link_to(name, options, html_options)

387

end

388

end

389

390

# Creates a link tag of the given +name+ using a URL created by the set of

391

# +options+ if +condition+ is true, in which case only the name is

392

# returned. To specialize the default behavior, you can pass a block that

393

# accepts the name or the full argument list for link_to_unless (see the examples

394

# in link_to_unless).

395

396

# ==== Examples

397

# <%= link_to_if(@current_user.nil?, "Login", { :controller => "sessions", :action => "new" }) %>

398

# # If the user isn't logged in...

399

# # => <a href="/sessions/new/">Login</a>

400

401

# <%=

402

# link_to_if(@current_user.nil?, "Login", { :controller => "sessions", :action => "new" }) do

403

# link_to(@current_user.login, { :controller => "accounts", :action => "show", :id => @current_user })

404

# end

405

# %>

406

# # If the user isn't logged in...

407

# # => <a href="/sessions/new/">Login</a>

408

# # If they are logged in...

409

# # => <a href="/accounts/show/3">my_username</a>

410

def link_to_if(condition, name, options = {}, html_options = {}, &block)

411

link_to_unless !condition, name, options, html_options, &block

412

end

413

414

# Creates a mailto link tag to the specified +email_address+, which is

415

# also used as the name of the link unless +name+ is specified. Additional

416

# HTML attributes for the link can be passed in +html_options+.

417

418

# mail_to has several methods for hindering email harvesters and customizing

419

# the email itself by passing special keys to +html_options+.

420

421

# ==== Options

422

# * <tt>:encode</tt> - This key will accept the strings "javascript" or "hex".

423

# Passing "javascript" will dynamically create and encode the mailto: link then

424

# eval it into the DOM of the page. This method will not show the link on

425

# the page if the user has JavaScript disabled. Passing "hex" will hex

426

# encode the +email_address+ before outputting the mailto: link.

427

# * <tt>:replace_at</tt> - When the link +name+ isn't provided, the

428

# +email_address+ is used for the link label. You can use this option to

429

# obfuscate the +email_address+ by substituting the @ sign with the string

430

# given as the value.

431

# * <tt>:replace_dot</tt> - When the link +name+ isn't provided, the

432

# +email_address+ is used for the link label. You can use this option to

433

# obfuscate the +email_address+ by substituting the . in the email with the

434

# string given as the value.

435

# * <tt>:subject</tt> - Preset the subject line of the email.

436

# * <tt>:body</tt> - Preset the body of the email.

437

# * <tt>:cc</tt> - Carbon Copy addition recipients on the email.

438

# * <tt>:bcc</tt> - Blind Carbon Copy additional recipients on the email.

439

440

# ==== Examples

441

# mail_to "me@domain.com"

442

# # => <a href="mailto:me@domain.com">me@domain.com</a>

443

444

# mail_to "me@domain.com", "My email", :encode => "javascript"

445

# # => <script type="text/javascript">eval(decodeURIComponent('%64%6f%63...%27%29%3b'))</script>

446

447

# mail_to "me@domain.com", "My email", :encode => "hex"

448

# # => <a href="mailto:%6d%65@%64%6f%6d%61%69%6e.%63%6f%6d">My email</a>

449

450

# mail_to "me@domain.com", nil, :replace_at => "_at_", :replace_dot => "_dot_", :class => "email"

451

# # => <a href="mailto:me@domain.com" class="email">me_at_domain_dot_com</a>

452

453

# mail_to "me@domain.com", "My email", :cc => "ccaddress@domain.com",

454

# :subject => "This is an example email"

455

# # => <a href="mailto:me@domain.com?cc=ccaddress@domain.com&subject=This%20is%20an%20example%20email">My email</a>

456

def mail_to(email_address, name = nil, html_options = {})

457

html_options = html_options.stringify_keys

458

encode = html_options.delete("encode").to_s

459

cc, bcc, subject, body = html_options.delete("cc"), html_options.delete("bcc"), html_options.delete("subject"), html_options.delete("body")

460

461

string = ''

462

extras = ''

463

extras << "cc=#{CGI.escape(cc).gsub("+", "%20")}&" unless cc.nil?

464

extras << "bcc=#{CGI.escape(bcc).gsub("+", "%20")}&" unless bcc.nil?

465

extras << "body=#{CGI.escape(body).gsub("+", "%20")}&" unless body.nil?

466

extras << "subject=#{CGI.escape(subject).gsub("+", "%20")}&" unless subject.nil?

467

extras = "?" << extras.gsub!(/&?$/,"") unless extras.empty?

468

469

email_address = email_address.to_s

470

471

email_address_obfuscated = email_address.dup

472

email_address_obfuscated.gsub!(/@/, html_options.delete("replace_at")) if html_options.has_key?("replace_at")

473

email_address_obfuscated.gsub!(/\./, html_options.delete("replace_dot")) if html_options.has_key?("replace_dot")

474

475

if encode == "javascript"

476

"document.write('#{content_tag("a", name || email_address_obfuscated, html_options.merge({ "href" => "mailto:"+email_address+extras }))}');".each_byte do |c|

477

string << sprintf("%%%x", c)

478

end

479

"<script type=\"#{Mime::JS}\">eval(decodeURIComponent('#{string}'))</script>"

480

elsif encode == "hex"

481

email_address_encoded = ''

482

email_address_obfuscated.each_byte do |c|

483

email_address_encoded << sprintf("&#%d;", c)

484

end

485

486

protocol = 'mailto:'

487

protocol.each_byte { |c| string << sprintf("&#%d;", c) }

488

489

email_address.each_byte do |c|

490

char = c.chr

491

string << (char =~ /\w/ ? sprintf("%%%x", c) : char)

492

end

493

content_tag "a", name || email_address_encoded, html_options.merge({ "href" => "#{string}#{extras}" })

494

else

495

content_tag "a", name || email_address_obfuscated, html_options.merge({ "href" => "mailto:#{email_address}#{extras}" })

496

end

497

end

498

499

# True if the current request URI was generated by the given +options+.

500

501

# ==== Examples

502

# Let's say we're in the <tt>/shop/checkout?order=desc</tt> action.

503

504

# current_page?(:action => 'process')

505

# # => false

506

507

# current_page?(:controller => 'shop', :action => 'checkout')

508

# # => true

509

510

# current_page?(:controller => 'shop', :action => 'checkout', :order => 'asc')

511

# # => false

512

513

# current_page?(:action => 'checkout')

514

# # => true

515

516

# current_page?(:controller => 'library', :action => 'checkout')

517

# # => false

518

519

# Let's say we're in the <tt>/shop/checkout?order=desc&page=1</tt> action.

520

521

# current_page?(:action => 'process')

522

# # => false

523

524

# current_page?(:controller => 'shop', :action => 'checkout')

525

# # => true

526

527

# current_page?(:controller => 'shop', :action => 'checkout', :order => 'desc', :page=>'1')

528

# # => true

529

530

# current_page?(:controller => 'shop', :action => 'checkout', :order => 'desc', :page=>'2')

531

# # => false

532

533

# current_page?(:controller => 'shop', :action => 'checkout', :order => 'desc')

534

# # => false

535

536

# current_page?(:action => 'checkout')

537

# # => true

538

539

# current_page?(:controller => 'library', :action => 'checkout')

540

# # => false

541

def current_page?(options)

542

url_string = CGI.unescapeHTML(url_for(options))

543

request = @controller.request

544

# We ignore any extra parameters in the request_uri if the

545

# submitted url doesn't have any either. This lets the function

546

# work with things like ?order=asc

547

if url_string.index("?")

548

request_uri = request.request_uri

549

else

550

request_uri = request.request_uri.split('?').first

551

end

552

if url_string =~ /^\w+:\/\//

553

url_string == "#{request.protocol}#{request.host_with_port}#{request_uri}"

554

else

555

url_string == request_uri

556

end

557

end

558

559

private

560

def convert_options_to_javascript!(html_options, url = '')

561

confirm, popup = html_options.delete("confirm"), html_options.delete("popup")

562

563

method, href = html_options.delete("method"), html_options['href']

564

565

html_options["onclick"] = case

566

when popup && method

567

raise ActionView::ActionViewError, "You can't use :popup and :method in the same link"

568

when confirm && popup

569

"if (#{confirm_javascript_function(confirm)}) { #{popup_javascript_function(popup)} };return false;"

570

when confirm && method

571

"if (#{confirm_javascript_function(confirm)}) { #{method_javascript_function(method, url, href)} };return false;"

572

when confirm

573

"return #{confirm_javascript_function(confirm)};"

574

when method

575

"#{method_javascript_function(method, url, href)}return false;"

576

when popup

577

"#{popup_javascript_function(popup)}return false;"

578

else

579

html_options["onclick"]

580

end

581

end

582

583

def confirm_javascript_function(confirm)

584

"confirm('#{escape_javascript(confirm)}')"

585

end

586

587

def popup_javascript_function(popup)

588

popup.is_a?(Array) ? "window.open(this.href,'#{popup.first}','#{popup.last}');" : "window.open(this.href);"

589

end

590

591

def method_javascript_function(method, url = '', href = nil)

592

action = (href && url.size > 0) ? "'#{url}'" : 'this.href'

593

submit_function =

594

"var f = document.createElement('form'); f.style.display = 'none'; " +

595

"this.parentNode.appendChild(f); f.method = 'POST'; f.action = #{action};"

596

597

unless method == :post

598

submit_function << "var m = document.createElement('input'); m.setAttribute('type', 'hidden'); "

599

submit_function << "m.setAttribute('name', '_method'); m.setAttribute('value', '#{method}'); f.appendChild(m);"

600

end

601

602

if protect_against_forgery?

603

submit_function << "var s = document.createElement('input'); s.setAttribute('type', 'hidden'); "

604

submit_function << "s.setAttribute('name', '#{request_forgery_protection_token}'); s.setAttribute('value', '#{escape_javascript form_authenticity_token}'); f.appendChild(s);"

605

end

606

submit_function << "f.submit();"

607

end

608

609

# Processes the _html_options_ hash, converting the boolean

610

# attributes from true/false form into the form required by

611

# HTML/XHTML. (An attribute is considered to be boolean if

612

# its name is listed in the given _bool_attrs_ array.)

613

614

# More specifically, for each boolean attribute in _html_options_

615

# given as:

616

617

# "attr" => bool_value

618

619

# if the associated _bool_value_ evaluates to true, it is

620

# replaced with the attribute's name; otherwise the attribute is

621

# removed from the _html_options_ hash. (See the XHTML 1.0 spec,

622

# section 4.5 "Attribute Minimization" for more:

623

# http://www.w3.org/TR/xhtml1/#h-4.5)

624

625

# Returns the updated _html_options_ hash, which is also modified

626

# in place.

627

628

# Example:

629

630

# convert_boolean_attributes!( html_options,

631

# %w( checked disabled readonly ) )

632

def convert_boolean_attributes!(html_options, bool_attrs)

633

bool_attrs.each { |x| html_options[x] = x if html_options.delete(x) }

634

html_options

635

end

636

end

637

end

638

end

Older »