Tweaked the controller to use 'protect_from_forgery' properly

[feedcatcher.git] / app / controllers / feed_controller.rb

diff --git a/app/controllers/feed_controller.rb b/app/controllers/feed_controller.rb
index 0339706833e51ea93d659faabaa5a7fe04d74a85..2fd0bd60064b49552ddf3796bff41acc8eb59dcb 100644 (file)
--- a/app/controllers/feed_controller.rb
+++ b/app/controllers/feed_controller.rb
@@ -1,9 +1,8 @@
 class FeedController < ApplicationController
   
-  skip_before_filter :verify_authenticity_token
+  # skip_before_filter :verify_authenticity_token
 
   def index
-    # @feeds = FeedItem.find(:all, :select => 'DISTINCT feed_name')
     @feeds = FeedItem.select(:feed_name).distinct
     respond_to do |format|
       format.html
@@ -17,7 +16,7 @@ class FeedController < ApplicationController
       @feed_name = params[:feed_name]
       @feed_items = FeedItem.in_feed(@feed_name)
       respond_to do |format|
-        if @feed_items == []
+        if @feed_items.empty?
           flash[:notice] = "No items in feed #{@feed_name}"
           format.html { redirect_to index_path }
           format.rss  { render :layout => false }
@@ -58,10 +57,10 @@ class FeedController < ApplicationController
   end
   
 
-  private
+  # private
 
 
-  def create_item
+  private def create_item
     item = FeedItem.new(:feed_name => params[:feed_name],
       :title => params[:title],
       :description => params[:description])
@@ -80,7 +79,7 @@ class FeedController < ApplicationController
   end
 
 
-  def update_item(item)
+  private def update_item(item)
     if item.update_attribute(:description, params[:description])
       flash[:notice] = "Element #{params[:title]} updated"
       respond_to do |format|
@@ -97,7 +96,7 @@ class FeedController < ApplicationController
   end
 
 
-  def destroy_item(item)
+  private def destroy_item(item)
     if item.destroy
       flash[:notice] = "Element #{params[:title]} deleted"
       respond_to do |format|