Browse files

use strong_params in example

  • Loading branch information...
1 parent bae07dc commit 760662de868c0311f2e40a5e6f8982a521a3d990 @Mik-die Mik-die committed Jul 19, 2013
Showing with 6 additions and 1 deletion.
  1. +6 −1 guides/source/
7 guides/source/
@@ -393,10 +393,15 @@ The form will be making a `POST` request to `/posts/:post_id/comments`, which wi
def create
@post = Post.find(params[:post_id])
- @comment = @post.comments.create(params[:comment])
+ @comment = @post.comments.create(comment_params)
flash[:notice] = "Comment has been created!"
redirect_to posts_path
+def comment_params
+ params.require(:comment).permit(:text)
This is the final part required to get the new comment form working. Displaying the comments however, is not quite right yet. If you were to create a comment right now you would see this error:

0 comments on commit 760662d

Please sign in to comment.