pagination helpers: convert to strong params.
This commit is contained in:
evazion
@@ -4,11 +4,11 @@ module PaginationHelper
|
||||
|
||||
if records.any?
|
||||
if params[:page] =~ /[ab]/ && !records.is_first_page?
|
||||
html << '<li>' + link_to("< Previous", params.merge(:page => "a#{records[0].id}"), :rel => "prev") + '</li>'
|
||||
html << '<li>' + link_to("< Previous", nav_params.merge(:page => "a#{records[0].id}"), :rel => "prev") + '</li>'
|
||||
end
|
||||
|
||||
unless records.is_last_page?
|
||||
html << '<li>' + link_to("Next >", params.merge(:page => "b#{records[-1].id}"), :rel => "next") + '</li>'
|
||||
html << '<li>' + link_to("Next >", nav_params.merge(:page => "b#{records[-1].id}"), :rel => "next") + '</li>'
|
||||
end
|
||||
end
|
||||
|
||||
@@ -29,7 +29,7 @@ module PaginationHelper
|
||||
window = 4
|
||||
|
||||
if records.current_page >= 2
|
||||
html << "<li class='arrow'>" + link_to("<<", params.merge(:page => records.current_page - 1), :rel => "prev") + "</li>"
|
||||
html << "<li class='arrow'>" + link_to("<<", nav_params.merge(:page => records.current_page - 1), :rel => "prev") + "</li>"
|
||||
else
|
||||
html << "<li class='arrow'><span>" + "<<" + "</span></li>"
|
||||
end
|
||||
@@ -69,7 +69,7 @@ module PaginationHelper
|
||||
end
|
||||
|
||||
if records.current_page < records.total_pages && records.size > 0
|
||||
html << "<li class='arrow'>" + link_to(">>", params.merge(:page => records.current_page + 1), :rel => "next") + "</li>"
|
||||
html << "<li class='arrow'>" + link_to(">>", nav_params.merge(:page => records.current_page + 1), :rel => "next") + "</li>"
|
||||
else
|
||||
html << "<li class='arrow'><span>" + ">>" + "</span></li>"
|
||||
end
|
||||
@@ -100,9 +100,15 @@ module PaginationHelper
|
||||
html << "</li>"
|
||||
else
|
||||
html << "<li class='numbered-page'>"
|
||||
html << link_to(page, params.merge(:page => page))
|
||||
html << link_to(page, nav_params.merge(:page => page)) # XXX
|
||||
html << "</li>"
|
||||
end
|
||||
html.join.html_safe
|
||||
end
|
||||
|
||||
private
|
||||
|
||||
def nav_params
|
||||
params.to_unsafe_h # XXX
|
||||
end
|
||||
end
|
||||
|
||||
@@ -5,17 +5,13 @@ module PostsHelper
|
||||
|
||||
def next_page_url
|
||||
current_page = (params[:page] || 1).to_i
|
||||
dup_params = params.dup
|
||||
dup_params[:page] = current_page + 1
|
||||
url_for(dup_params).html_safe
|
||||
url_for(nav_params.merge(page: current_page + 1)).html_safe
|
||||
end
|
||||
|
||||
def prev_page_url
|
||||
current_page = (params[:page] || 1).to_i
|
||||
if current_page >= 2
|
||||
dup_params = params.dup
|
||||
dup_params[:page] = current_page - 1
|
||||
url_for(dup_params).html_safe
|
||||
url_for(nav_params.merge(page: current_page - 1)).html_safe
|
||||
else
|
||||
nil
|
||||
end
|
||||
@@ -135,4 +131,10 @@ module PostsHelper
|
||||
|
||||
html.html_safe
|
||||
end
|
||||
|
||||
private
|
||||
|
||||
def nav_params
|
||||
params.to_unsafe_h # XXX
|
||||
end
|
||||
end
|
||||
|
||||
Reference in New Issue
Block a user