Wrox Programmer Forums
Go Back   Wrox Programmer Forums > Open Source > BOOK: Beginning Ruby on Rails
| Search | Today's Posts | Mark Forums Read
BOOK: Beginning Ruby on Rails
This is the forum to discuss the Wrox book Beginning Ruby on Rails by Steve Holzner Ph.D.; ISBN: 9780470069158
Welcome to the p2p.wrox.com Forums.

You are currently viewing the BOOK: Beginning Ruby on Rails section of the Wrox Programmer to Programmer discussions. This is a community of software programmers and website developers including Wrox book authors and readers. New member registration was closed in 2019. New posts were shut off and the site was archived into this static format as of October 1, 2020. If you require technical support for a Wrox book please contact http://hub.wiley.com
 
Old April 13th, 2008, 06:35 PM
Registered User
 
Join Date: Apr 2008
Location: , , .
Posts: 5
Thanks: 0
Thanked 3 Times in 2 Posts
Default Chapter 5 - "get" works, "post" does not

In the first example in Chapter 5, reading from a text box, everything works when my form action line reads like this:

<form action = "\look\at">

It also works like this:

<form action = "\look\at" method = "get">

But it does not work when I use "post", as suggested on p.127:

<form action = "\look\at" method = "post">

I get a very long error in my browser that begins like this:

ActionController::InvalidAuthenticityToken in LookController#

I am running on OS X Leopard, Ruby v.1.8.6, Rails v.2.0.2. It looks like "ruby server/script" runs Mongrel, not WEBrick.

Any idea why "post" won't work?
 
Old June 5th, 2008, 12:56 PM
Registered User
 
Join Date: Jun 2008
Location: , , .
Posts: 5
Thanks: 0
Thanked 0 Times in 0 Posts
Default

I have the same problem running on linux, and using WEBrick.

 
Old June 10th, 2008, 04:21 PM
Registered User
Points: 45, Level: 1
Points: 45, Level: 1 Points: 45, Level: 1 Points: 45, Level: 1
Activity: 0%
Activity: 0% Activity: 0% Activity: 0%
 
Join Date: Jun 2008
Location: , , .
Posts: 9
Thanks: 1
Thanked 0 Times in 0 Posts
Default

The problem is that in Rails 2.0.2, there is some extra authentication taking place. If you use form_tag, it will automatically create this html control for you:

<input name="authenticity_token" type="hidden" value="84fc5f10d45977c87c3ac6b88aabc0e73925cad0" />

But if you just use <form> ... </form>, that will be lacking. Just paste the above in, somewhere in the form, and it should solve the problem. It worked for me, using Rails 2.0.2, Ruby 1.8.6, Safari 3.1.1, and Mac OS X 10.5.3.

Michael

 
Old June 12th, 2008, 05:37 PM
Registered User
 
Join Date: Jun 2008
Location: , , .
Posts: 5
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Hi all,

I was playing around with textfields2 (p. 137) and got it to work with the following input.rhtml:


<html>
  <head>
    <title>
     Using Text Fields (2)
    </title>
  </head>
  <body bgcolor="abcdef">
    <! Comment: Title>
    <h1>
     Using Text Fields (2) to read data from text fields.
    </h1>
    <br><br>
    <! Comment: Content>
    <% form_tag '/look/at' do -%>
      <div><%= submit_tag 'Save' %></div>
      Please enter your name,
      <br>
      <%= text_field_tag 'text1', "", :size => 30 %>
      <br><br>
      <input type="submit" />
    <% end -%>
  </body>

So post worked and replacing deprecated shortcuts worked. Hurray!

I then went back to text fields and using the same code for input.html worked. I then copied the source from the webpage and inserted it into input.html. It looks like this:

<html>
  <head>
    <title>
     Using Text Fields with Post
    </title>
  </head>

  <body bgcolor="ccddee">
    <! Comment: Title>
    <h1>
     Working with Text Fields using POST
    </h1>
    <br><br>
    <! Comment: Content>
    This Ruby on Rails application lets you read data from text fields using the POST method.
    <br>
    <form action="/look/at" method="post">
    <input name="authenticity_token" type="hidden" value="2f7c0cc1a11182f149e34c4f438f7eee94f0d6c7" />
      Please enter your name,
      <br>
      <input id="text1" name="text1" size="30" type="text" value="" />
      <br><br>
      <input type="submit" />
    </form>
  </body>
</html>

It does NOT work. ActionController::InvalidAuthenticityToken error

If you see something wrong, please let me know. Since shortcuts work, I don't really need this, but it might provide some insight.

Thanks.

 
Old October 23rd, 2008, 09:43 PM
Registered User
 
Join Date: Oct 2008
Location: , , Korea.
Posts: 1
Thanks: 0
Thanked 1 Time in 1 Post
Default

Turn off CSRF (Cross-Site Request Forgery), it's function for security in Rails2.0.

Insert into your controller this line.
skip_before_filter :verify_authenticity_token

for example,
class LookController < ApplicationController
     def at
           @data = params[:text1]
     end
     skip_before_filter :verify_authenticity_token
end

There's another solution.

It's that use the form helper method in Rails instead of <FORM> tag.

The Following User Says Thank You to lizzy For This Useful Post:
patrickst1 (January 9th, 2010)




Similar Threads
Thread Thread Starter Forum Replies Last Post
Code that works !! for chapter 3 dawsonje44 BOOK: Beginning PHP4/PHP 5 ISBN: 978-0-7645-4364-7; v5 ISBN: 978-0-7645-5783-5 0 March 2nd, 2007 04:33 PM
how does this sample works? dsmportal ASP.NET 2.0 Professional 0 August 3rd, 2006 08:15 PM
works bryan.lugo Excel VBA 0 April 19th, 2006 02:47 PM





Powered by vBulletin®
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.
Copyright (c) 2020 John Wiley & Sons, Inc.