Render view from another controller with params

1.1k views Asked by At

I have code in my products_controller.rb

        def create
          @product = Product.new(product_params)
          brand = Brand.find(params[:brand_id])
          @product.brand = brand

          if @product.save
            raise "OK"
          else
            @brand = Brand.find(params[:brand_id])
            render 'brands/show'
          end
        end

After failure of save method, i need to redirect to brands show.html.erb view, which find brand by id and display information about it.

Questions:

  1. Is it right way of doing that
  2. If user manually passed server_id parameter, how can prevent it from executing (SQL injection)? Or how should i check and display error?
  3. How can i display errors in brands/show views outside form ( because i'm storing form in <a data-form="..."> property, so user can't see form until he clicks on link. Even more, i use form_for([@brand,@brand.send(:products).klass.new]))
1

There are 1 answers

5
Pardeep Saini On

use redirect_to brands_path(@brand)