similar to: protect_from_forgery

Hi, I have a reeally big problem with understanding how to use ActiveMerchant, Perhaps someone would point me to a different solution to my problem. I need to build a little web shop which will be based in the UK, and my customer wants to use PayPal Express Checkout, because there''s no monthly fee. So far I had only problems with ActiveMerchant examples because: 1) they are way too

I am having a problem using the exception_logger plugin when I have protect_from_forgery enabled. Here is the line from application.rb: protect_from_forgery :secret => ''xxxx'' But I am getting: No :secret given to the #protect_from_forgery call. Set that or use a session store capable of generating its own keys (Cookie Session Store). Now, if I remove the secret and try and

Hi all, I am writing a simple shopping cart which will consist of a single class. There will be no DB table for carts so I do not want to make my Cart a model. But where do I place my Cart class so that I can access it in my controllers? I want to be able do do things like this (for instance in a shop controller): def add_to_cart @session[''cart''].add(article_id, amount)

I''ve almost entirely converted a rails 2.3.5 app to 3pre. I''m having some trouble with protect_from_forgery. I had protect_from_forgery set in application_controller.rb, but run some uploadify ajax stuff in one of my controllers, where I had protect_from_forgery, :except => :add_file set. In rails 3 I''m getting ActionController::InvalidAuthenticityToken on the ajax

I am implementing a system for users to easily create a small shop for themselves. And I''ve run into a route problem. NOTE: I''ve removed a lot from my route.rb file, since I want focus on this particular problem. :-) I currently have a route.rb like this: ActionController::Routing::Routes.draw do |map| map.resources :shops do |shops| shops.resource :cart, :member => {

I am working on a resource planning problem. I like to use a nice drag and drop interface for that. E.g. have a box of persons and a box of projects, now I would like to assign a persom to project by dragging it from the available resources box to a recieving project box. I have studied the amazing drag and drop shopping card code listed here http://demo.script.aculo.us/shop What I need to

What I want to do is share the same session across many Rails applications. All of them are using Rails 2.2.2. I know that, to share the session, it''s (supposedly) just a matter of sharing the same key and secret among the apps, like this: config.action_controller.session = { :session_key => ''_apps_session'', :secret =>

I try to use db-session with protect_from_forgery. But I always get a error msg: ActionController::InvalidAuthenticityToken. application_controller.rb protect_from_forgery #:secret => ''top_secret'' session_store.rb ActionController::Base.session_store = :active_record_store hope you can help me. Best regards -- Posted via http://www.ruby-forum.com/.

Hi all i am following this like for basic paypal http://railscasts.com/episodes/141-paypal-basics and i got this error View: <%= link_to "Checkout", @cart.paypal_url() %> undefined method `paypal_url'' for nil:NilClass despite i have this code in my model called Card Cart Model: class Cart < ActiveRecord::Base def paypal_url(return_url) values = {

All, I''ve just started Rails and Ruby a week or so ago. Please forgive me for my ignorance. I started writing a small test application to test some of my new knowledge and have hit a wall. Would like some best practices. I have 3 tables, as below... CREATE TABLE `carts` ( `id` int(11) NOT NULL auto_increment, `name` varchar(255) NOT NULL, `quantity` int(11) NOT NULL, PRIMARY

Hi Jonah, I support usability. For a great book on it, read Jakob Nielsen''s "Designing Web Usability: The Practice of Simplicity" and, for a great general book on usability, try "The Design of Everyday Things." You''re right. Drag ''n drop is not the best tool for many things. Unless something offers a 50%+ advantage over an existing method of doing

Maybe I am grasping the full usage of this protect_from_forgery function, but it does not seem to work for me. Imagine the following: A simple website with a user that needs to log in to do certain stuff and a closed off admin section that only certain users can access that have the is_admin field set to true. So to be clear, my User model has a login, password and is_admin. When displaying the

We''re currently looking for volunteers on the new RailsCart[1] project. The idea is to build something relatively simple with all of the features that most open source shopping carts seem to be missing. We''ll be using ActiveMerchant for all of our payment gateway needs. We''re not trying to build the ultimate shopping cart. This is designed for Rails developers who need

Just would like to verify: Is protect_from_forgery (in Rails 2.1) == the csrf_killer plugin from Rick Olson? Thanks, Wes -- Posted via http://www.ruby-forum.com/. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to

Hi all I''ve coded a small shop that works well on my dev machine (OSX 10.5). But look at the following page: http://shop.incense.ch/compact_discs/1 When clicking "Reservieren", the page is forwarded to a new page, where the product is added to the shopping cart, and a flash notice is prepare. Then the page is redirected back to the shop page. On my dev machine this works

After switching to active_record_store to host sessions, I now get the following errors: ActionController::InvalidAuthenticityToken in Pages#edit Showing app/views/pages/edit.html.erb where line #5 raised: No :secret given to the #protect_from_forgery call. Set that or use a session store capable of generating its own keys (Cookie Session Store). Extracted source (around line #5): 2: 3:

I am starting to BDD. When specing the controller I want to test for object creation: it "deberia crear una nueva persona en post create" do Usuario.should_receive(:create).with({:nombre => "camilo", :clave => "secreta", :tipo => "administrador"}).and_return(@usuario) post ''create'', {:usuario => {:nombre =>

Hello everyone, I am looking for a way to pass off a simple payment to paypal using our own interface. I understand that this requires making full use of Paypal''s API since we won''t be using their shopping cart or anything. I found the article by Pranav Bihari on his site and in the Wiki on using SOAP4R and the paypal WSDL file to interface with paypal web services, but I

Hi there, I''m at a loss... I was on the #ROR channel last night and spoke to a really helpful person (Defiler) who gave me some direction on building a shopping cart. Unfortunately, I wasn''t able to successfully get to where I need to go. This is the predicament I am currently finding myself in: I''m building a shopping cart for a client''s new website. They

I have a partial, it''s a shopping cart display, it''s designed to appear on several different pages of my site. One of the buttons on the shopping cart empties the cart, and then I want the calling page to redisplay. In other words, the cart controller needs to return the visitor to the same page -- however since the cart could appear on any given page, this has to be