diff --git a/app/controllers/ajax/answer_controller.rb b/app/controllers/ajax/answer_controller.rb index f15fe671..b55c8856 100644 --- a/app/controllers/ajax/answer_controller.rb +++ b/app/controllers/ajax/answer_controller.rb @@ -1,4 +1,11 @@ class Ajax::AnswerController < ApplicationController + rescue_from(ActionController::ParameterMissing) do |titanic_param| + @status = :parameter_error + @message = "#{titanic_param.param.capitalize} is required" + @success = false + render partial: "ajax/shared/status" + end + def create params.require :id params.require :answer @@ -27,6 +34,14 @@ class Ajax::AnswerController < ApplicationController end end + # this should never trigger because empty params throw ParameterMissing + unless params[:answer].length > 0 + @status = :peter_dinklage + @message = "Answer is too short" + @success = false + return + end + answer = nil begin diff --git a/app/controllers/ajax/comment_controller.rb b/app/controllers/ajax/comment_controller.rb index 7d40b3bd..daa87c05 100644 --- a/app/controllers/ajax/comment_controller.rb +++ b/app/controllers/ajax/comment_controller.rb @@ -1,4 +1,11 @@ class Ajax::CommentController < ApplicationController + rescue_from(ActionController::ParameterMissing) do |param_miss_ex| + @status = :parameter_error + @message = "#{param_miss_ex.param.capitalize} is required" + @success = false + render partial: "ajax/shared/status" + end + def create params.require :answer params.require :comment diff --git a/app/controllers/ajax/friend_controller.rb b/app/controllers/ajax/friend_controller.rb index c6e50fef..51aaf4a6 100644 --- a/app/controllers/ajax/friend_controller.rb +++ b/app/controllers/ajax/friend_controller.rb @@ -1,4 +1,11 @@ class Ajax::FriendController < ApplicationController + rescue_from(ActionController::ParameterMissing) do |param_miss_ex| + @status = :parameter_error + @message = "#{param_miss_ex.param.capitalize} is required" + @success = false + render partial: "ajax/shared/status" + end + def create params.require :screen_name diff --git a/app/controllers/ajax/group_controller.rb b/app/controllers/ajax/group_controller.rb index 366f328f..79fa383f 100644 --- a/app/controllers/ajax/group_controller.rb +++ b/app/controllers/ajax/group_controller.rb @@ -1,4 +1,11 @@ class Ajax::GroupController < ApplicationController + rescue_from(ActionController::ParameterMissing) do |param_miss_ex| + @status = :parameter_error + @message = "#{param_miss_ex.param.capitalize} is required" + @success = false + render partial: "ajax/shared/status" + end + def create @status = :err @success = false @@ -101,7 +108,7 @@ class Ajax::GroupController < ApplicationController @checked = false @message = "Successfully removed user from group." end - + @status = :okay @success = true end diff --git a/app/controllers/ajax/inbox_controller.rb b/app/controllers/ajax/inbox_controller.rb index de146bcd..36ef0124 100644 --- a/app/controllers/ajax/inbox_controller.rb +++ b/app/controllers/ajax/inbox_controller.rb @@ -1,4 +1,11 @@ class Ajax::InboxController < ApplicationController + rescue_from(ActionController::ParameterMissing) do |param_miss_ex| + @status = :parameter_error + @message = "#{param_miss_ex.param.capitalize} is required" + @success = false + render partial: "ajax/shared/status" + end + def create unless user_signed_in? @status = :noauth diff --git a/app/controllers/ajax/moderation_controller.rb b/app/controllers/ajax/moderation_controller.rb index 82b438af..de458089 100644 --- a/app/controllers/ajax/moderation_controller.rb +++ b/app/controllers/ajax/moderation_controller.rb @@ -1,5 +1,11 @@ class Ajax::ModerationController < ApplicationController - + rescue_from(ActionController::ParameterMissing) do |param_miss_ex| + @status = :parameter_error + @message = "#{param_miss_ex.param.capitalize} is required" + @success = false + render partial: "ajax/shared/status" + end + def vote params.require :id params.require :upvote diff --git a/app/controllers/ajax/question_controller.rb b/app/controllers/ajax/question_controller.rb index c3351b47..2be73fc3 100644 --- a/app/controllers/ajax/question_controller.rb +++ b/app/controllers/ajax/question_controller.rb @@ -1,6 +1,13 @@ class Ajax::QuestionController < ApplicationController include MarkdownHelper + rescue_from(ActionController::ParameterMissing) do |param_miss_ex| + @status = :parameter_error + @message = "#{param_miss_ex.param.capitalize} is required" + @success = false + render partial: "ajax/shared/status" + end + def destroy params.require :question diff --git a/app/controllers/ajax/report_controller.rb b/app/controllers/ajax/report_controller.rb index 42ab82da..47a1c581 100644 --- a/app/controllers/ajax/report_controller.rb +++ b/app/controllers/ajax/report_controller.rb @@ -1,4 +1,11 @@ class Ajax::ReportController < ApplicationController + rescue_from(ActionController::ParameterMissing) do |param_miss_ex| + @status = :parameter_error + @message = "#{param_miss_ex.param.capitalize} is required" + @success = false + render partial: "ajax/shared/status" + end + def create params.require :id params.require :type diff --git a/app/controllers/ajax/smile_controller.rb b/app/controllers/ajax/smile_controller.rb index d834d483..e7e10f5c 100644 --- a/app/controllers/ajax/smile_controller.rb +++ b/app/controllers/ajax/smile_controller.rb @@ -1,4 +1,11 @@ class Ajax::SmileController < ApplicationController + rescue_from(ActionController::ParameterMissing) do |param_miss_ex| + @status = :parameter_error + @message = "#{param_miss_ex.param.capitalize} is required" + @success = false + render partial: "ajax/shared/status" + end + def create params.require :id diff --git a/app/controllers/ajax/subscription_controller.rb b/app/controllers/ajax/subscription_controller.rb index 9b07b0c5..40016e64 100644 --- a/app/controllers/ajax/subscription_controller.rb +++ b/app/controllers/ajax/subscription_controller.rb @@ -1,5 +1,11 @@ class Ajax::SubscriptionController < ApplicationController before_filter :authenticate_user! + rescue_from(ActionController::ParameterMissing) do |param_miss_ex| + @status = :parameter_error + @message = "#{param_miss_ex.param.capitalize} is required" + @success = false + render partial: "ajax/shared/status" + end def subscribe params.require :answer