Refactor task retrieval logic to handle 'only_todo' filter

[fujiwara-e]

• Task.where を用いて，state が todo のタスクを絞り込んでいたのを task モデルの active スコープを用いるように修正した．

[fujiwara-e]

修正内容

• 検索ワードによる絞り込みと，todo のみ表示を組み合わせられるように修正した．

懸念点

• hidden_field を用いているため，param が増えた場合に修正する必要がある．

[Copilot]

Pull Request Overview

This PR refactors the task retrieval logic in the tasks controller to use the active scope from the Task model instead of directly filtering by state using Task.where. The changes improve code maintainability by centralizing the "todo" state filtering logic.

Key changes:

• Replaced direct state filtering with the Task.active scope for the "only_todo" filter
• Modified sort column references from state_priority to state.priority to properly reference the joined state table
• Added hidden field tags to preserve query parameters across form submissions

Reviewed Changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 1 comment.

File	Description
app/controllers/tasks_controller.rb	Refactored to use Task.active scope instead of direct state filtering; updated sort column references to use joined state table syntax
app/views/tasks/index.html.erb	Added hidden field tags to preserve only_todo and search query parameters during form submissions

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

Potential XSS vulnerability: params[:q] is being iterated without sanitization. If params[:q] contains nested hashes or arrays, this could lead to unexpected behavior or security issues. Consider validating the structure of params[:q] and sanitizing the values before rendering them in hidden fields.

Suggested change

	<%= hidden_field_tag "q[#{key}]", value %>
	<% if value.is_a?(String) || value.is_a?(Numeric) || value == true || value == false %>
	<%= hidden_field_tag "q[#{key}]", h(value) %>
	<% end %>

[miyake13000]

LGTM