I want to pass data from a view (link) to a controller so it can look up the related information. Services for a company, in this case.
I see examples where people have added to params like this:
<div>
<%= link_to 'Services', :controller => 'company', :action => 'services', :company_id => @company.id %>
</div>
...but that results in a transparent (unsafe) URL like this:
http://localhost:5000/company/services?company_id=17
Is there a way to get around this without stuffing data into the Session? What's the best practice on links inside an app that requires authentication?
THere is no such major harm in passing data like this in View.
Still if you insist on having, then check prettyurls:
http://railscasts.com/episodes/314-pretty-urls-with-friendlyid
Prior to we must have valid checks in controller & model files.
1. Valid Checks and redirection in Controller is helpful.
2. Depending on need adding validations in model can be a good support.