Wrox Programmer Forums

Need to download code?

View our list of code downloads.

Go Back   Wrox Programmer Forums > Open Source > BOOK: Beginning Ruby on Rails
Password Reminder
Register
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read
BOOK: Beginning Ruby on Rails
This is the forum to discuss the Wrox book Beginning Ruby on Rails by Steve Holzner Ph.D.; ISBN: 9780470069158
Welcome to the p2p.wrox.com Forums.

You are currently viewing the BOOK: Beginning Ruby on Rails section of the Wrox Programmer to Programmer discussions. This is a community of tens of thousands of software programmers and website developers including Wrox book authors and readers. As a guest, you can read any forum posting. By joining today you can post your own programming questions, respond to other developers’ questions, and eliminate the ads that are displayed to guests. Registration is fast, simple and absolutely free .
DRM-free e-books 300x50
 
 
Thread Tools Search this Thread Display Modes
  #1 (permalink)  
Old April 13th, 2008, 06:35 PM
Registered User
 
Join Date: Apr 2008
Location: , , .
Posts: 5
Thanks: 0
Thanked 3 Times in 2 Posts
Default Chapter 5 - "get" works, "post" does not

In the first example in Chapter 5, reading from a text box, everything works when my form action line reads like this:

<form action = "\look\at">

It also works like this:

<form action = "\look\at" method = "get">

But it does not work when I use "post", as suggested on p.127:

<form action = "\look\at" method = "post">

I get a very long error in my browser that begins like this:

ActionController::InvalidAuthenticityToken in LookController#

I am running on OS X Leopard, Ruby v.1.8.6, Rails v.2.0.2. It looks like "ruby server/script" runs Mongrel, not WEBrick.

Any idea why "post" won't work?
  #2 (permalink)  
Old June 5th, 2008, 12:56 PM
Registered User
 
Join Date: Jun 2008
Location: , , .
Posts: 5
Thanks: 0
Thanked 0 Times in 0 Posts
Default

I have the same problem running on linux, and using WEBrick.

  #3 (permalink)  
Old June 10th, 2008, 04:21 PM
Registered User
Points: 45, Level: 1
Points: 45, Level: 1 Points: 45, Level: 1 Points: 45, Level: 1
Activity: 0%
Activity: 0% Activity: 0% Activity: 0%
 
Join Date: Jun 2008
Location: , , .
Posts: 9
Thanks: 1
Thanked 0 Times in 0 Posts
Default

The problem is that in Rails 2.0.2, there is some extra authentication taking place. If you use form_tag, it will automatically create this html control for you:

<input name="authenticity_token" type="hidden" value="84fc5f10d45977c87c3ac6b88aabc0e73925cad0" />

But if you just use <form> ... </form>, that will be lacking. Just paste the above in, somewhere in the form, and it should solve the problem. It worked for me, using Rails 2.0.2, Ruby 1.8.6, Safari 3.1.1, and Mac OS X 10.5.3.

Michael

  #4 (permalink)  
Old June 12th, 2008, 05:37 PM
Registered User
 
Join Date: Jun 2008
Location: , , .
Posts: 5
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Hi all,

I was playing around with textfields2 (p. 137) and got it to work with the following input.rhtml:


<html>
  <head>
    <title>
     Using Text Fields (2)
    </title>
  </head>
  <body bgcolor="abcdef">
    <! Comment: Title>
    <h1>
     Using Text Fields (2) to read data from text fields.
    </h1>
    <br><br>
    <! Comment: Content>
    <% form_tag '/look/at' do -%>
      <div><%= submit_tag 'Save' %></div>
      Please enter your name,
      <br>
      <%= text_field_tag 'text1', "", :size => 30 %>
      <br><br>
      <input type="submit" />
    <% end -%>
  </body>

So post worked and replacing deprecated shortcuts worked. Hurray!

I then went back to text fields and using the same code for input.html worked. I then copied the source from the webpage and inserted it into input.html. It looks like this:

<html>
  <head>
    <title>
     Using Text Fields with Post
    </title>
  </head>

  <body bgcolor="ccddee">
    <! Comment: Title>
    <h1>
     Working with Text Fields using POST
    </h1>
    <br><br>
    <! Comment: Content>
    This Ruby on Rails application lets you read data from text fields using the POST method.
    <br>
    <form action="/look/at" method="post">
    <input name="authenticity_token" type="hidden" value="2f7c0cc1a11182f149e34c4f438f7eee94f0d6c7" />
      Please enter your name,
      <br>
      <input id="text1" name="text1" size="30" type="text" value="" />
      <br><br>
      <input type="submit" />
    </form>
  </body>
</html>

It does NOT work. ActionController::InvalidAuthenticityToken error

If you see something wrong, please let me know. Since shortcuts work, I don't really need this, but it might provide some insight.

Thanks.

  #5 (permalink)  
Old October 23rd, 2008, 09:43 PM
Registered User
 
Join Date: Oct 2008
Location: , , Korea.
Posts: 1
Thanks: 0
Thanked 1 Time in 1 Post
Default

Turn off CSRF (Cross-Site Request Forgery), it's function for security in Rails2.0.

Insert into your controller this line.
skip_before_filter :verify_authenticity_token

for example,
class LookController < ApplicationController
     def at
           @data = params[:text1]
     end
     skip_before_filter :verify_authenticity_token
end

There's another solution.

It's that use the form helper method in Rails instead of <FORM> tag.

The Following User Says Thank You to lizzy For This Useful Post:
patrickst1 (January 9th, 2010)
 


Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Code that works !! for chapter 3 dawsonje44 BOOK: Beginning PHP4/PHP 5 ISBN: 978-0-7645-4364-7; v5 ISBN: 978-0-7645-5783-5 0 March 2nd, 2007 04:33 PM
how does this sample works? dsmportal ASP.NET 2.0 Professional 0 August 3rd, 2006 08:15 PM
works bryan.lugo Excel VBA 0 April 19th, 2006 02:47 PM



All times are GMT -4. The time now is 02:10 PM.


Powered by vBulletin®
Copyright ©2000 - 2019, Jelsoft Enterprises Ltd.
© 2013 John Wiley & Sons, Inc.