rails:2659
From: makoto kobori <kobori@c...>
Date: Mon, 28 Apr 2008 02:51:30 +0900
Subject: [rails:2659] Re: Rails ¥Ú¡¼¥¸À©¸æÊýË¡
¤³¤Ü¤ê¤Ç¤¹
¤¢¤ê¤¬¤È¤¦¤´¤¶¤¤¤Þ¤¹¡£
¶µ¤¨¤Æ¤¤¤¿¤À¤¤¤¿¤ä¤êÊý¤Ç»î¤·¤Ç¼ÂÁõ¤·¤Æ¤ª¤ê¤Þ¤¹¡£
¤¬¡¢¾¯¡¹¤¤¤¤º¤Þ¤Ã¤Æ¤ª¤ê¤Þ¤¹¡£
-----------------------------------------
£±¡¥ÆþÎϲèÌÌ:¥Õ¥¡¥¤¥ë̾¡§ask_q
¡¦¥È¡¼¥¯¥ó¡Ê¥é¥ó¥À¥à¤ÊŤ¤Ê¸»úÎó¡Ë¤òÀ¸À®¤·¤ÆsessionÊÑ¿ô¤ËÇÛÎó¤ÇÊݸ
¡¦º£ºî¤Ã¤¿token¤òform¤Ëhidden¤Ç»ý¤¿¤»¤ë
£²¡¥³Îǧ²èÌÌ¡§confirm_ask_q
¡¦form(¤È¤¤¤¦¤«params)¤Çtoken¤ò¼õ¤±¼è¤ë
¡¦¼õ¤±¼è¤Ã¤¿token¤¬session¤Î¥È¡¼¥¯¥óÇÛÎó¤Ë¸ºß¤·¤Ê¤±¤ì¤Ð¤É¤³¤«¤ØÈô¤Ð¤¹
¡¦¼õ¤±¼è¤Ã¤¿token¤òform¤Ëhidden¤Ç»ý¤¿¤»¤ë
@tk_r=flash[:tk] ¡¡¡¡#flash¤ÇÊݸ¤µ¤»¤Æ
@tk_p_r=params[:token] #hidden¤«¤é
if(@tk_r !=@tk_p_r)
redirect_to :action => "ask_q"
end
£³¡¥´°Î»²èÌÌ
¡¦form(¤È¤¤¤¦¤«params)¤Çtoken¤ò¼õ¤±¼è¤ë
¡¦¼õ¤±¼è¤Ã¤¿token¤¬session¤Î¥È¡¼¥¯¥óÇÛÎó¤Ë¸ºß¤·¤Ê¤±¤ì¤Ð¤É¤³¤«¤ØÈô¤Ð¤¹
¡¦DB¤ËINSERT¤·¤¿¤é¼õ¤±¼è¤Ã¤¿token¤ò¥È¡¼¥¯¥óÇÛÎ󤫤éºï½ü¤¹¤ë
-----------------------------------------
£³¤«¤é¡¢IE¤ÎÌá¤ë¥Ü¥¿¥ó¤ò²¡¤¹¤È£²¤Ë¤¤¤¤Þ¤·¤Æ¡¢
·Ù¹ð : ¥Ú¡¼¥¸¤Î͸ú´ü¸ÂÀÚ¤ì
Í׵ᤷ¤¿¥Ú¡¼¥¸¤Ï¡¢¥Õ¥©¡¼¥à¤ÇÁ÷¿®¤µ¤ì¤¿¾ðÊó¤ò»ÈÍѤ·¤ÆºîÀ®¤µ¤ì¤Þ¤·¤¿¡£¤³¤Î
¥Ú¡¼¥¸¤Ï¡¢¤â¤¦ÍøÍѤǤ¤Þ¤»¤ó¡£¥»¥¥å¥ê¥Æ¥£Êݸî¤Î¤¿¤á¡¢¾ðÊó¤Ï¼«Æ°Åª¤Ë¤ÏºÆ
Á÷¿®¤µ¤ì¤Þ¤»¤ó¡£
¾ðÊó¤òºÆÁ÷¿®¤·¡¢¤³¤Î Web ¥Ú¡¼¥¸¤òɽ¼¨¤¹¤ë¤Ë¤Ï¡¢¥Ä¡¼¥ë ¥Ð¡¼¤Î [¹¹¿·] ¥Ü¥¿
¥ó¤ò¥¯¥ê¥Ã¥¯¤·¤Æ¤¯¤À¤µ¤¤¡£
¤È¤Ç¤Þ¤¹¡¢¤³¤³¤Ç¡¢¡Ö¹¹¿·¡×¤ò¤¹¤ë¤È¡¢¥³¡¼¥É¾å¤Ï¡¢£±¤ËÌá¤ë¤è¤¦¤Ë¤Ê¤Ã¤Æ¤¤¤ë¤Î¤Ç¤¹¤¬¡¢
£±¤Î²èÌ̤¬¤Ç¤Þ¤»¤ó¡£¿¿¤ÃÇò¤Ç¤¹¡£HTTP¥½¡¼¥¹¤Ï°Ê²¼¤Ë¤Ê¤Ã¤Æ¤ª¤ê¤Þ¤·¤¿¡£
------
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=utf-8"></HEAD>
<BODY></BODY></HTML>
-----
HTTP¤Î¥Ø¥Ã¥À¡¼¤ò¤ß¤Æ¤ß¤ë¤È¡¢redirect¤Ï¤·¤Æ¤¤¤ë¤è¤¦¤Ê¤Î¤Ç¤¹¤¬¡¦¡¦
¤Ê¤¼¤Ç¤·¤ç¤¦¤«¡©
----°Ê²¼HTTP¥Ø¥Ã¥À¡¼----
POST /ctl/confirm_ask_q HTTP/1.1
Accept: */*
Referer: http://localhost:3000/ctl/ask_q
Accept-Language: ja
Content-Type: multipart/form-data; boundary=---------------------------7d85d32a07d2
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)
Host: localhost:3000
Content-Length: 900
Connection: Keep-Alive
Cache-Control: no-cache
Cookie: _ask_session_id=290afe02fb158ac27ed3231689fe51c3
-----------------------------7d85d32a07d2
Content-Disposition: form-data; name="question[title]"
test
-----------------------------7d85d32a07d2
Content-Disposition: form-data; name="question[content]"
test
-----------------------------7d85d32a07d2
Content-Disposition: form-data; name="upload[file1]"; filename=""
Content-Type: application/octet-stream
-----------------------------7d85d32a07d2
Content-Disposition: form-data; name="upload[file2]"; filename=""
Content-Type: application/octet-stream
-----------------------------7d85d32a07d2
Content-Disposition: form-data; name="question[tag]"
test
-----------------------------7d85d32a07d2
Content-Disposition: form-data; name="token"
08e77d614b18eac740097107f611b440
-----------------------------7d85d32a07d2
Content-Disposition: form-data; name="commit"
Confirm
-----------------------------7d85d32a07d2--
HTTP/1.1 302 Found
Cache-Control: no-cache
Connection: Keep-Alive
Date: Sun, 27 Apr 2008 17:43:34 GMT
Content-Type: text/html; charset=utf-8
Server: WEBrick/1.3.1 (Ruby/1.8.6/2007-03-13)
Content-Length: 97
Location: http://localhost:3000/ctl/ask_q
Set-Cookie: _ask_session_id=290afe02fb158ac27ed3231689fe51c3; path=/
====¤³¤³¤Þ¤Ç
¥Æ¥¹¥È´Ä¶¤Ï¡¢IE¤Î¤ß¤Ç¤¹¡£
Masashi Itoh ¤µ¤ó¤Ï½ñ¤¤Þ¤·¤¿:
> ¥½¥é¥½¥ë¤Î°ËÆ£¤È¿½¤·¤Þ¤¹¡£
>
>
>> ¤³¤³¤Ç¡¢£²èÌ̤«¤é¡¢Ìá¤ë²èÌ̤ǡ¢¢¤Ë¤¤¤Ã¤¿¤é¡¢¼«Æ°¤Ç¡¤ËÈô¤Ö¤È¤¤¤Ã¤¿½èÍý
>> ¡Ê¤Ä¤Þ¤ê¡¢¢¤«¤é£¤Ø¤Î°ìÊýÄ̹ԤΤߵö²Ä¡Ë¤ò¤·¤¿¤¤¤Î¤Ç¤¹¤¬¡¢
>> application.rbÅù¤Ë½ñ¤¯¤È¡¢´Êñ¤Ë¼ÂÁõ¤Ç¤¤ë¤Î¤Ç¤·¤ç¤¦¤«¡©
>>
>
> ¥È¥é¥ó¥¶¥¯¥·¥ç¥ó¥È¡¼¥¯¥ó¡Ê¥ï¥ó¥¿¥¤¥à¥È¡¼¥¯¥ó¡Ë¤Î»ÅÁȤߤ¬
> ³ºÅö¤¹¤ë¤Î¤«¤È»×¤¤¤Þ¤¹¡£
>
> rails¤È¤·¤Æ¤Î»ÅÁȤߤˤÏÆþ¤Ã¤Æ¤Ê¤¤¤Î¤Ç¤Ï¡©
> ²¼µ¤Î¤è¤¦¤Ë¼«ÎϤǼÂÁõ¤¹¤ë·Á¤Ë¤Ê¤ë¤«¤È¡£
>
> £±¡¥ÆþÎϲèÌÌ
> ¡¦¥È¡¼¥¯¥ó¡Ê¥é¥ó¥À¥à¤ÊŤ¤Ê¸»úÎó¡Ë¤òÀ¸À®¤·¤ÆsessionÊÑ¿ô¤ËÇÛÎó¤ÇÊݸ
> ¡¦º£ºî¤Ã¤¿token¤òform¤Ëhidden¤Ç»ý¤¿¤»¤ë
>
> £²¡¥³Îǧ²èÌÌ
> ¡¦form(¤È¤¤¤¦¤«params)¤Çtoken¤ò¼õ¤±¼è¤ë
> ¡¦¼õ¤±¼è¤Ã¤¿token¤¬session¤Î¥È¡¼¥¯¥óÇÛÎó¤Ë¸ºß¤·¤Ê¤±¤ì¤Ð¤É¤³¤«¤ØÈô¤Ð¤¹
> ¡¦¼õ¤±¼è¤Ã¤¿token¤òform¤Ëhidden¤Ç»ý¤¿¤»¤ë
>
> £³¡¥´°Î»²èÌÌ
> ¡¦form(¤È¤¤¤¦¤«params)¤Çtoken¤ò¼õ¤±¼è¤ë
> ¡¦¼õ¤±¼è¤Ã¤¿token¤¬session¤Î¥È¡¼¥¯¥óÇÛÎó¤Ë¸ºß¤·¤Ê¤±¤ì¤Ð¤É¤³¤«¤ØÈô¤Ð¤¹
> ¡¦DB¤ËINSERT¤·¤¿¤é¼õ¤±¼è¤Ã¤¿token¤ò¥È¡¼¥¯¥óÇÛÎ󤫤éºï½ü¤¹¤ë
>
> ¤È¤¤¤¦¼ÂÁõ¤Ë¤Ê¤ë¤«¤È¡£
>
> ¥Ö¥é¥¦¥¶¥Ð¥Ã¥¯¤Ë¤À¤±Âбþ¤¹¤ì¤Ð¤è¤¤¤Î¤Ç¤¢¤ì¤Ð
> ²¼µ¤Î¤è¤¦¤Êºî¤ê¤Ë¤·¤Æ¤ÏÇ¡²¿¤Ç¤·¤ç¤¦¤«¡©
>
> £±¡¥µ»öÅê¹Æ²èÌÌ¡ÊÆþÎÏ¥Õ¥©¡¼¥à¡Ë
>
> ¢ÆþÎÏ¥Õ¥©¡¼¥à¤òPOST¤ÇÁ÷¿®
>
> £²¡¥³Îǧ²èÌÌ¡ÊÆþÎÏÆâÍƤòsession¤ËÊݸ¡Ë
>
> ¢¡Ö£Ï£Ë¡×¥Ü¥¿¥ó¤¬²¡¤µ¤ì¤ë
>
> £³¡¥DB¤ËINSERT¤·¤Æ¡¢session¾Ã¤·¤Æ£´¤Ø¥ê¥À¥¤¥ì¥¯¥È
> ¡¡¡¡¡Êsession¤¬¾Ã¤¨¤Æ¤¤¤ì¤Ð£±¤Ø¥ê¥À¥¤¥ì¥¯¥È¡Ë
>
> £´¡¥Åê¹Æ½ªÎ»²èÌÌ
>
> £´¤«¤é¥Ö¥é¥¦¥¶¤Î¡ÖÌá¤ë¡×¤ò²¡¤¹¤È£²¤Ç¤Ï¤Ê¤¯¤Æ£³¤ËÁ«°Ü¤·¤Æ
> ·ë²ÌŪ¤Ë£±¤ØÈô¤Ð¤µ¤ì¤Þ¤¹¡£
>
>
>
> On Fri, 25 Apr 2008 01:44:37 +0900
> makoto kobori <kobori@c...> wrote:
>
>
>> ¤ªÀ¤ÏäˤʤäƤޤ¹¡¢¤³¤Ü¤ê¤Ç¤¹
>>
>> µ»öÅê¹Æµ¡Ç½¤Ç¡¢
>>
>> ¡µ»öÅê¹Æ²èÌ̢΢³Îǧ²èÌÌ¡¡¢ª¡¡£Åê¹Æ½ªÎ»²èÌÌ
>>
>> ¤È¤¤¤¦²èÌÌÁ«°Ü¤òºî¤ê¤Þ¤·¤¿¡£
>>
>> ¤³¤³¤Ç¡¢£²èÌ̤«¤é¡¢Ìá¤ë²èÌ̤ǡ¢¢¤Ë¤¤¤Ã¤¿¤é¡¢¼«Æ°¤Ç¡¤ËÈô¤Ö¤È¤¤¤Ã¤¿½èÍý
>> ¡Ê¤Ä¤Þ¤ê¡¢¢¤«¤é£¤Ø¤Î°ìÊýÄ̹ԤΤߵö²Ä¡Ë¤ò¤·¤¿¤¤¤Î¤Ç¤¹¤¬¡¢
>> application.rbÅù¤Ë½ñ¤¯¤È¡¢´Êñ¤Ë¼ÂÁõ¤Ç¤¤ë¤Î¤Ç¤·¤ç¤¦¤«¡©
>>
>> ¤è¤í¤·¤¯¤ª´ê¤¤¤¤¤¿¤·¤Þ¤¹¡£
>>
>> --
>> ML: rails@r...
>> »È¤¤Êý: http://QuickML.com/
>>
>
>
> ----------------------------------
> SORASOL¡¡¥½¥é¥½¥ë³ô¼°²ñ¼Ò
> ¼èÄùÌò
> °ËÆ£¡¡¶©¡ÊMasashi Itoh¡Ë
> msc@s...
>
> ¢©153-0051¡¡Ìܹõ¶è¾åÌܹõ4-41-8
> TEL&FAX¡¡??-????-????
> http://sorasol.jp/
> ----------------------------------
>
>
> --
> ML: rails@r...
> »È¤¤Êý: http://QuickML.com/
>
>
--
ML: rails@r...
»È¤¤Êý: http://QuickML.com/
2655 2008-04-24 18:44 [kobori@c... ] Rails ¥Ú¡¼¥¸À©¸æÊýË¡ @ 2656 2008-04-25 02:54 ¨²[kamei@w... ] 2657 2008-04-25 05:09 ¨±[msc@s... ] -> 2659 2008-04-27 19:51 ¡¡¨±[kobori@c... ] 2660 2008-04-28 04:50 ¡¡¡¡¨±[msc@s... ] 2661 2008-04-28 17:57 ¡¡¡¡¡¡¨±[kobori@c... ]