diff --git a/app/controllers/admin/patents_controller.rb b/app/controllers/admin/patents_controller.rb index 731f8fa..82a366f 100644 --- a/app/controllers/admin/patents_controller.rb +++ b/app/controllers/admin/patents_controller.rb @@ -53,7 +53,7 @@ class Admin::PatentsController < OrbitMemberController end def new - @member = Array(MemberProfile.find_by(:uid=>params['uid'])) rescue nil + @member = Array(MemberProfile.find_by(:uid=>params['uid'].to_s)) rescue nil @patent = Patent.new if params[:desktop] @@ -203,7 +203,7 @@ class Admin::PatentsController < OrbitMemberController end def frontend_setting - @member = MemberProfile.find_by(:uid=>params['uid']) rescue nil + @member = MemberProfile.find_by(:uid=>params['uid'].to_s) rescue nil @intro = PatentIntro.find_by(:member_profile_id=>@member.id) rescue nil @intro = @intro.nil? ? PatentIntro.new({:member_profile_id=>@member.id}) : @intro end diff --git a/app/controllers/personal_patents_controller.rb b/app/controllers/personal_patents_controller.rb index af58c96..376f0ba 100644 --- a/app/controllers/personal_patents_controller.rb +++ b/app/controllers/personal_patents_controller.rb @@ -95,7 +95,8 @@ class PersonalPatentsController < ApplicationController choice = choice.map { |value| value.inject :merge } select_text = t('personal_patent.search_class') search_text = t('personal_patent.word_to_search') - csrf_value = (0...46).map { ('a'..'z').to_a[rand(26)] }.join + @_request = OrbitHelper.request + csrf_value = form_authenticity_token { 'patents' => patent_list, 'extras' => { 'widget-title' => t('module_name.personal_patent'), @@ -112,7 +113,7 @@ class PersonalPatentsController < ApplicationController def show params = OrbitHelper.params - plugin = Patent.where(is_hidden: false).find_by(uid: params[:uid]) + plugin = Patent.where(is_hidden: false).find_by(uid: params[:uid].to_s) fields_to_show = %w[ patent_title patent_no