use strong_params in example
This commit is contained in:
parent
bae07dcce2
commit
760662de86
@ -393,10 +393,15 @@ The form will be making a `POST` request to `/posts/:post_id/comments`, which wi
|
||||
```ruby
|
||||
def create
|
||||
@post = Post.find(params[:post_id])
|
||||
@comment = @post.comments.create(params[:comment])
|
||||
@comment = @post.comments.create(comment_params)
|
||||
flash[:notice] = "Comment has been created!"
|
||||
redirect_to posts_path
|
||||
end
|
||||
|
||||
private
|
||||
def comment_params
|
||||
params.require(:comment).permit(:text)
|
||||
end
|
||||
```
|
||||
|
||||
This is the final part required to get the new comment form working. Displaying the comments however, is not quite right yet. If you were to create a comment right now you would see this error:
|
||||
|
Loading…
Reference in New Issue
Block a user