Preventing incorrect id params in URLs

Do some error handling like such:

  category = Category.find(params[:id])
rescue ActiveRecord::RecordNotFound
   logger.error("Attempt to access invalid catalog #{params[:id]}" )
   flash[:notice] = "Invalid catalog"
   redirect_to :action => :index
    ...what you want to happen when there is a catalog

Hope that helps --K

You can think of creating it in case you find it...


begin / rescue is the ruby way to handle/prevent potential errors.

When you say 'begin' the system tries to do whatever is next. In this
case it tries to find the catalog entry with the passed in id. If it
can not, then it does what is in the 'rescue' block. Else, if it can
find the catalog, it skips over the rescue code and does what is in the
else block. You can then use the catalog variable in the else statement
to do whatever you want the system to do.

Hope that explains it - K