0

Before marking this as duplicate. This answer didn't work for me:

Prevent user going back and viewing previously submitted form Rails

I want to prevent, that the user is able to go back to the payment form he submitted before.

What I am missing? This should be a easy task or not? What's my mistake?

This is some of the form: 

 <%= form_for :job, method: :post, url: {action: "create"} do |f| %>
   <div class="infogroup">
     <h5>Informationen zum Job</h5>
     <p>Was für ein Job bieten Sie?</p>
   </div>
   <div class="form-group">
      <%= label_tag(:jobtitle, "Jobtitel*") %>
      <%= text_field_tag(:jobtitle) %>
   </div>
   <div class="form-group">
     <%= label_tag(:jobtype, "Anstellungsgrad*") %>
     <%= text_field_tag(:jobtype) %>
   </div>
   <div class="form-group">
      <%= label_tag(:place, "Ort*") %>
      <%= text_field_tag(:place) %>
   </div>
[...]

This is the Controller code: 

class JobsController < ApplicationController

  require 'date' 

  def new
      @job = Job.new
  end

  def create
    @job = Job.new(article_params)
    @job.save
    redirect_to @job
  end

  private def article_params

  d = Date.new();
  d.strftime('%a %d %b %Y')
    params.permit(:jobtitle, :jobdescription, :jobtype, :place, :company, :paid, :userid, d)
  end


  def show
    @job = Job.where(id: params[:id])
  end


end
olivier
  • 2,585
  • 6
  • 34
  • 61

2 Answers2

0

I see the following ways to make sure that the payment is not saved again.

  1. Use some job properties and during job creation check them and redirect to show.

  2. Attach a new hidden input when clicking the save button and verify if the param exist. If it exists then redirect

    # JavaScript
$('#the_form button').on('submit', function() {
   this.preventDefault();
   this.parent.append('<input type="hidden" name="human_hit" value="yes" />');
   this.parent.submit();
})

# Controller
def create
  if params[:human_hit]
    redirect_to :show, alert: "Payment already done!"
  else
   # Do save logic
  end
end
mmsilviu
  • 1,211
  • 15
  • 25
0

Here you can use referer header. Simply check that from which page hit is coming.

For example:

User is at payment form and previous page was say user details then referer from it coming will be user details. If user coming other than user details simply redirect some other page as where you want.

Prince Bansal
  • 286
  • 2
  • 5