[ACCEPTED]-How to create password and confirmation when using form_for?-forms

Accepted answer
Score: 18

Put this in your view form:

<%= f.password_field :password %>
<%= f.password_field :password_confirmation %>

And this in your 5 user model:

validates_confirmation_of :password

Now, to prevent unwanted initializations 4 in your controller, add the following to 3 your model:

attr_accessible :attribute1, attribute2

Now these attributes will be 2 the only attributes that can be set through 1 what is called "mass assignment".

Score: 2

If you have a database column password (of course 3 you would better store a salt and encrypted 2 password), then you could do this:

class User
  attr_accessor :password_confirmation # Note. You do not need this field in database, it's for 1-time use

  # The following 2 lines let you prevent certain fields
  attr_accessible :user_name
  attr_protected :password
  # Note that if you used attr_accessible, and all other fields cannot be assigned through User.new(params[:user[), while if you used attr_protected, only those fields cannot assigned.

 validates_confirmation_of :password # This automatically validates if :password == :password_confirmation

In your 1 view:

<%= f.password_field :password %>
<%= f.password_field :password_confirmation %>

More Related questions