I'm trying to save a customer with credit card details and charge it later.
So far I was able to do the following:
Get the card token to Stripe (I see it in the logs in stripe and in my Rails console)
Create a customer, send it to Stripe and save the customer id in my database.
When I try to charge the customer I get the following error:
Stripe::CardError (Cannot charge a customer that has no active card)
Maybe the card token is not assigned to the customer properly? How can I solve it? maybe it's something simple that I'm missing but I've been trying to get a solution for a while.
application.rb:
class Application < ActiveRecord::Base
attr_accessor :stripe_card_token
def save_with_payment
if valid?
customer = Stripe::Customer.create(
description: id,
email: self.user.email,
source: self.stripe_card_token
)
self.stripe_customer_token = customer.id
save!
end
rescue Stripe::InvalidRequestError => e
logger.error "Stripe error while creating customer: #{e.message}"
errors.add :base, "There was a problem with your credit card."
false
end
applications.js.coffee:
jQuery ->
Stripe.setPublishableKey($('meta[name="stripe-key"]').attr('content'))
application.setupForm()
application =
setupForm: ->
$('#new_application').submit ->
$('input[type=submit]').attr('disabled', true)
if $('#card_number').length
application.processCard()
false
else
true
processCard: ->
card =
number: $('#card_number').val()
cvc: $('#card_code').val()
exp_month: $('#card_month').val()
exp_year: $('#card_year').val()
Stripe.createToken(card, application.handleStripeResponse)
handleStripeResponse: (status, response) ->
if status == 200
$('#application_stripe_card_token').val(response.id)
$('#new_application')[0].submit() ->
return true if($form.find('.application_stripe_card_token').val())
else
$('#stripe_error').text(response.error.message)
$('input[type=submit]').attr('disabled', false)
applications_controller.rb
class ApplicationsController < ApplicationController
before_action :set_application, only: [:show, :edit, :update, :confirmation, :charge]
after_action :charge, only: [:create]
def new
#listing = Listing.find(params[:listing_id])
#application = Application.new
if Guarantor.where(application_id: #application.id).first.blank?
#guarantor = Guarantor.new(params[:guarantor])
end
end
def create
#listing = Listing.find(params[:listing_id])
#application = current_user.applications.create(application_params)
if params[:btnSubmit]
redirect_to confirmation_listing_application_path(#application.listing_id, #application.id)
elsif #application.save_with_payment
if params[:application][:roommates_attributes].present?
params[:application][:roommates_attributes].values.each do |a|
#email = a[:email]
end
#user = User.where(email: #email).first
if #user.blank?
flash[:error] = "The email address doesn't exist in our records"
redirect_to new_listing_application_path(#application.listing_id)
#application.destroy
else
redirect_to confirmation_listing_application_path(#application.listing_id, #application.id), :notice => "Thank you for applying!"
end
else
redirect_to confirmation_listing_application_path(#application.listing_id, #application.id), :notice => "Thank you for applying!"
end
end
end
def charge
Stripe::Charge.create(
:amount => 1500,
:currency => "usd",
:customer => #application.stripe_customer_token
)
end
private
def set_application
#application = Application.find(params[:id])
end
def application_params
params.require(:application).permit(
:_destroy,
:user_id,
:listing_id,
:stripe_customer_token,
:st_address,
:unit,
:city,
:state
)
end
end
form.html.erb
<%= form_for [#listing, #application], html: {id: "new_application", multipart: true} do |f| %>
<%= f.hidden_field :stripe_card_token %>
<% if #application.stripe_customer_token.present? %>
Credit Card has been provided.
<% else %>
<div class="row">
<div class="col-md-6">
<%= label_tag :card_number, "Credit Card Number" %>
<%= text_field_tag :card_number, nil, name: nil, "data-stripe" => "number" %>
</div>
</div>
<div class="row">
<div class="col-md-6">
<%= label_tag :card_code, "Security Code (CVC)" %>
<%= text_field_tag :card_code, nil, name: nil, "data-stripe" => "cvc" %>
</div>
</div>
<div class="row">
<div class="col-md-6">
<%= label_tag :card_month, "Card Expiration" %>
<%= select_month nil, {add_month_numbers: true}, {name: nil, id: "card_month", "data-stripe" => "exp-month" } %>
<%= select_year nil, {start_year: Date.today.year, end_year: Date.today.year+15}, {name: nil, id: "card_year", "data-stripe" => "exp-year"} %>
</div>
</div>
<% end %>
<div id="stripe_error">
<noscript>JavaScript is not enabled and is required for this form. First enable it in your web browser settings.</noscript>
</div>
<div class="nextBackBtns">
<a herf="#" class="btn btn-primary-custom btnBack" data-content="details">Back</a>
<%= f.submit "Save", class: "btn btn-primary" %>
</div>
<% end %>
Your application_params() filter method doesn't appear to permit the stripe_card_token that gets submitted from your form. I believe that if you add that to your permit() filter list, you should be able to get the value through to the controller, so that it can be used when it's needed.
Related
Currently my code is not creating an actual subscription item in the DB however it is creating the subscription on Stripe.
I've checked the logs and I can't see any item create being called when the subscription form is completed. I played around and changed the Stripe code from before_create to after_create and that seemed to work, however that is pointless as we can only give the user a subscription if they have subscribed through Stripe.
Any ideas? Thanks!
subscriptions_controller.rb
class SubscriptionsController < ApplicationController
before_filter :authenticate_user!
def new
#subscription = Subscription.new
end
def create
#subscription = Subscription.new(params[:subscription])
if #subscription.save_with_payment
redirect_to #subscription, :notice => "Thank you for subscribing!"
else
render :new
end
end
def show
#subscription = Subscription.find(params[:id])
end
def subscription_params
params.require(:subscription).permit(:stripe_card_token)
end
end
subscription.rb
class Subscription < ActiveRecord::Base
belongs_to :user
attr_accessor :stripe_card_token
before_create :save_with_payment
def save_with_payment
customer = Stripe::Customer.create(
:card => stripe_card_token,
:description => "name",
:plan => 121,
:email => "email")
self.stripe_customer_id = customer.id
self.plan = 121
end
end
subscriptions.js.coffee
# Place all the behaviors and hooks related to the matching controller here.
# All this logic will automatically be available in application.js.
jQuery ->
Stripe.setPublishableKey($('meta[name="stripe-key"]').attr('content'))
subscription.setupForm()
subscription =
setupForm: ->
$('#new_subscription').submit (e) ->
$('input[type=submit]').attr('disabled', true)
subscription.processCard()
return false
processCard: ->
card =
number: $('#card_number').val()
cvc: $('#card_code').val()
expMonth: $('#card_month').val()
expYear: $('#card_year').val()
Stripe.createToken(card, subscription.handleStripeResponse)
handleStripeResponse: (status, response) ->
if status == 200
$('#subscription_stripe_card_token').val(response.id)
$('#new_subscription')[0].submit()
else
$('#stripe_error').text(response.error.message)
$('input[type=submit]').attr('disabled', false)
false
new.html.erb
<div class='panel panel-default'>
<div class='panel-heading'>
<h2>Subscribe</h2>
</div>
<div class='panel-body'>
<%= form_for #subscription, :html => {:class => 'main-form'} do |f| %>
<%= f.hidden_field :stripe_card_token %>
<div id='stripe_error' class="alert alert-info" style='display:none'>
</div>
<span class="help-block">Nothing is billed to your card for 7 days. <b>Guaranteed. </b>
<br>If you choose to continue after 7 days, only then will you be billed.</span>
<div class='form-group'>
<%= label_tag :card_number, "Credit Card Number" %>
<%= text_field_tag :card_number, nil, name: nil, class: 'form-control input-box', :placeholder => 'Credit Card Number' %>
</div>
<div class='row'>
<div class="col-xs-6">
<%= label_tag :card_code, "Security Code on Card (CVC)" %>
<%= text_field_tag :card_code, nil, name: nil, class: 'form-control input-box', :placeholder => 'Security Code on Card (CVC)' %>
</div>
<div class="col-xs-6">
<%= label_tag :card_month, "Card Expiration" %>
<%= select_month nil, {add_month_numbers: true}, {name: nil, id: "card_month"} %>
<%= select_year nil, {start_year: Date.today.year+1, end_year: Date.today.year+15}, {name: nil, id: "card_year"} %>
</div>
</div>
<div>
<%= f.submit "Subscribe", class: 'btn standard-button' %>
</div>
<% end %>
</div>
</div>
I was able to resolve this by removing the following:
before_create :save_with_payment
I am setting up a form so users can add a new Stripe credit card. I receive a First argument in form cannot contain nil or be empty on the form to <%= form_for #subscription do |f| %>
What exactly am I missing so I can have the form up and submitting to Stripe?
Subscription Controller:
def new
plan = Plan.find(params[:plan_id])
#subscription = plan.subscriptions.build
if params[:PayerID]
#subscription.paypal_customer_token = params[:PayerID]
#subscription.paypal_payment_token = params[:token]
#subscription.email = #subscription.paypal.checkout_details.email
end
end
def create
#subscription = Subscription.new(params[:subscription])
if #subscription.save_with_payment
redirect_to #subscription, :notice => "Thank you for subscribing!"
else
render :new
end
end
def show
#subscription = Subscription.find(params[:id])
end
def paypal_checkout
plan = Plan.find(params[:plan_id])
subscription = plan.subscriptions.build
redirect_to subscription.paypal.checkout_url(
return_url: new_subscription_url(:plan_id => plan.id),
cancel_url: root_url
)
end
def updatesubscription
#user = current_user
#customer = Stripe::Customer.retrieve(#user.subscription.stripe_customer_token)
#customer.update_subscription(:plan => "1", :prorate => true)
current_user.save!
flash.alert = 'Your subscription has been updated!'
redirect_to root_url
end
def cancelsubscription
#user = current_user
#customer = Stripe::Customer.retrieve(#user.subscription.stripe_customer_token)
#customer.cancel_subscription()
current_user.save!
flash.alert = 'Your subscription has been cancelled successfully!'
redirect_to root_url
end
def create_card_stripe
#user = current_user
#customer = Stripe::Customer.retrieve(#user.subscription.stripe_customer_token)
#customer.cards.create({
:card => #user.subscription.stripe_customer_token
})
#user.update_attribute(:stripe_card_id, customer.active_card.id)
if customer.save
flash.alert = "Credit card updated successfully!"
redirect_to root_url
else
flash.alert = "Error with updating card"
redirect_to root_url
end
end
end
Form:
Add new Credit Card
<%= form_for #subscription do |f| %>
<% if #subscription.errors.any? %>
<div class="error_messages">
<h2><%= pluralize(#subscription.errors.count, "error") %> prohibited this subscription from being saved:</h2>
<ul>
<% #subscription.errors.full_messages.each do |msg| %>
<li><%= msg %></li>
<% end %>
</ul>
</div>
<% end %>
<%= f.hidden_field :plan_id %>
<%= f.hidden_field :stripe_card_token %>
<div class="field">
<%= radio_button_tag :pay_with, :card, true %>
<%= label_tag :pay_with_card do %>
<%= image_tag "visa.png" %>
<%= image_tag "mastercard.png" %>
<%= image_tag "discover.png" %>
<%= image_tag "american_express.png" %>
<%= image_tag "jcb.png" %>
</div>
<% end %>
<div id="billing_fields">
<div class="field">
<%= f.hidden_field :user_id, :value => current_user.id %>
<%= f.label :email %>
<%= f.text_field :email %>
</div>
<% if #subscription.payment_provided? %>
Payment has been provided. Click "Subscribe" to complete the subscription.
<% else %>
<div class="field">
<%= label_tag :card_number, "Credit Card Number" %>
<%= text_field_tag :card_number, nil, name: nil %>
</div>
<div class="field">
<%= label_tag :card_code, "Security Code on Card (CVV)" %>
<%= text_field_tag :card_code, nil, name: nil %>
</div>
<div class="field">
<%= label_tag :card_month, "Card Expiration" %>
<%= select_month nil, {add_month_numbers: true}, {name: nil, id: "card_month"} %>
<%= select_year nil, {start_year: Date.today.year, end_year: Date.today.year+15}, {name: nil, id: "card_year"} %>
</div>
<% end %>
<div id="stripe_error">
<noscript>JavaScript is not enabled and is required for this form. First enable it in your web browser settings.</noscript>
</div>
<div class="actions">
<%= f.submit "New Card" %>
</div>
</div>
<% end %>
You are getting the error because #subscription is nil.
Set the value of #subscription in the Subscription Controller's action which renders this view.
In setting up so users can create a new card on file for Stripe I am getting a Stripe::InvalidRequestError at /subscriptions/changecard. The error message is Missing required param: card and points to the line #customer.cards.create({:card => #user.subscription.stripe_card_token})
If the user has a subscription they should be able to visit /subscriptions/changecard and fill out the form which will add a new card.
Subscriptions controller:
def new
plan = Plan.find(params[:plan_id])
#subscription = plan.subscriptions.build
if params[:PayerID]
#subscription.paypal_customer_token = params[:PayerID]
#subscription.paypal_payment_token = params[:token]
#subscription.email = #subscription.paypal.checkout_details.email
end
end
def create
#subscription = Subscription.new(params[:subscription])
if #subscription.save_with_payment
redirect_to #subscription, :notice => "Thank you for subscribing!"
else
render :new
end
end
def show
#subscription = Subscription.find(params[:id])
end
def paypal_checkout
plan = Plan.find(params[:plan_id])
subscription = plan.subscriptions.build
redirect_to subscription.paypal.checkout_url(
return_url: new_subscription_url(:plan_id => plan.id),
cancel_url: root_url
)
end
def updatesubscription
#user = current_user
#customer = Stripe::Customer.retrieve(#user.subscription.stripe_customer_token)
#customer.update_subscription(:plan => "1", :prorate => true)
current_user.save!
flash.alert = 'Your subscription has been updated!'
redirect_to root_url
end
def cancelsubscription
#user = current_user
#customer = Stripe::Customer.retrieve(#user.subscription.stripe_customer_token)
#customer.cancel_subscription()
current_user.save!
flash.alert = 'Your subscription has been cancelled successfully!'
redirect_to root_url
end
def showcard
#user = current_user
Stripe::Customer.retrieve(#user.subscription.stripe_customer_token).cards.all()
end
def changecard
#user = current_user
#customer = Stripe::Customer.retrieve(#user.subscription.stripe_customer_token)
card = #customer.cards.create({
:card => #user.subscription.stripe_customer_token
})
#customer.default_card = card
#customer.save
end
end
View:
Add new Credit Card
<%= form_for #user do |f| %>
<% if #subscription.errors.any? %>
<div class="error_messages">
<h2><%= pluralize(#subscription.errors.count, "error") %> prohibited this subscription from being saved:</h2>
<ul>
<% #subscription.errors.full_messages.each do |msg| %>
<li><%= msg %></li>
<% end %>
</ul>
</div>
<% end %>
<%= f.hidden_field :plan_id %>
<%= f.hidden_field :stripe_card_token %>
<div class="field">
<%= radio_button_tag :pay_with, :card, true %>
<%= label_tag :pay_with_card do %>
<%= image_tag "visa.png" %>
<%= image_tag "mastercard.png" %>
<%= image_tag "discover.png" %>
<%= image_tag "american_express.png" %>
<%= image_tag "jcb.png" %>
</div>
<% end %>
<div id="billing_fields">
<div class="field">
<%= f.hidden_field :user_id, :value => current_user.id %>
<%= f.label :email %>
<%= f.text_field :email %>
</div>
<% if #subscription.payment_provided? %>
Payment has been provided. Click "Subscribe" to complete the subscription.
<% else %>
<div class="field">
<%= label_tag :card_number, "Credit Card Number" %>
<%= text_field_tag :card_number, nil, name: nil %>
</div>
<div class="field">
<%= label_tag :card_code, "Security Code on Card (CVV)" %>
<%= text_field_tag :card_code, nil, name: nil %>
</div>
<div class="field">
<%= label_tag :card_month, "Card Expiration" %>
<%= select_month nil, {add_month_numbers: true}, {name: nil, id: "card_month"} %>
<%= select_year nil, {start_year: Date.today.year, end_year: Date.today.year+15}, {name: nil, id: "card_year"} %>
</div>
<% end %>
<div id="stripe_error">
<noscript>JavaScript is not enabled and is required for this form. First enable it in your web browser settings.</noscript>
</div>
<div class="actions">
<%= f.submit "New Card" %>
</div>
</div>
<% end %>
Routes:
get "subscriptions/cancelsubscription"
get "subscriptions/updatesubscription"
get "subscriptions/changecard"
resources :charges
resources :subscriptions
resources :plans
get 'paypal/checkout', to: 'subscriptions#paypal_checkout'
I am trying to allow users to deposit money into their account in a Rails app, but I keep getting my error message: "There was a problem with your credit card."
I'm following along with this RailsCast ( http://railscasts.com/episodes/288-billing-with-stripe ), but trying to allow the user to set the amount and it also save a record of it in the corresponding model.
Here's what I have:
Model:
class Deposit < Transaction
attr_accessor :stripe_card_token
def save_with_payment
if valid?
customer = Stripe::Charge.create(amount: 10, currency: "usd", card: stripe_card_token, description: "Deposit for test#example.com")
save!
end
rescue Stripe::InvalidRequestError => e
logger.error "Stripe error while creating deposit: #{e.message}"
errors.add :base, "There was a problem with your credit card."
false
end
end
Controller:
class DepositsController < ApplicationController
before_filter :authenticate_user!
def index
#deposits = Deposit.where(user_id: current_user.id).order(created_at: :desc).all
end
def new
#deposit = Deposit.new
end
def create
#deposit = Deposit.new(deposit_params)
#deposit.user_id = current_user.id
if #deposit.save_with_payment
redirect_to #deposit, :notice => "Thank you"
else
render :new
end
end
private
def deposit_params
params.require(:deposit).permit(:amount, :stripe_card_token) #add attributes in permit
end
end
New Action:
<h1>Make a Deposit</h1>
<%= form_for(#deposit) do |f| %>
<% if #deposit.errors.any? %>
<div id="error_explanation">
<h2><%= pluralize(#deposit.errors.count, "error") %> prohibited this deposit from being saved:</h2>
<ul>
<% #deposit.errors.full_messages.each do |msg| %>
<li><%= msg %></li>
<% end %>
</ul>
</div>
<% end %>
<%= f.hidden_field :stripe_card_token %>
<div class="field">
<%= f.label :amount %><br>
<%= f.text_field :amount %>
</div>
<% if #deposit.stripe_card_token.present? %>
Credit card has been provided.
<% else %>
<div class="field">
<%= label_tag :card_number, "Credit Card Number" %>
<%= text_field_tag :card_number, nil, name: nil %>
</div>
<div class="field">
<%= label_tag :card_code, "Security Code on Card (CVV)" %>
<%= text_field_tag :card_code, nil, name: nil %>
</div>
<div class="field">
<%= label_tag :card_month, "Card Expiration" %>
<%= select_month nil, {add_month_numbers: true}, {name: nil, id: "card_month"} %>
<%= select_year nil, {start_year: Date.today.year, end_year: Date.today.year+15}, {name: nil, id: "card_year"} %>
</div>
<% end %>
<div id="stripe_error">
<noscript>JavaScript is not enabled and is required for this form. First enable it in your web browser settings.</noscript>
</div>
<div class="actions">
<%= f.submit 'Submit', :class => 'btn btn-primary' %>
</div>
<% end %>
CoffeeScript:
jQuery ->
Stripe.setPublishableKey($('meta[name="stripe-key"]').attr('content'))
deposit.setupForm()
deposit =
setupForm: ->
$('#new_deposit').submit ->
$('input[type=submit]').attr('disabled', true)
if $('#card_number').length
deposit.processCard()
false
else
true
processCard: ->
card =
amount: $('#amount').val()
number: $('#card_number').val()
cvc: $('#card_code').val()
expMonth: $('#card_month').val()
expYear: $('#card_year').val()
Stripe.createToken(card, deposit.handleStripeResponse)
handleStripeResponse: (status, response) ->
if status == 200
$('#subscription_stripe_card_token').val(response.id)
$('#new_deposit')[0].submit()
else
$('#stripe_error').text(response.error.message)
$('input[type=submit]').attr('disabled', false)
What am I doing wrong?
I think the likely issue is that your handleStripeResponse callback in your Coffescript file is not setting the stripe token correctly. The railscast you are following has its form inside <%= form_for #subscription do |f| %> whereas yours is <%= form_for(#deposit) do |f| %> so I think your stripe token field should be able to be accessed like this:
$('#deposit_stripe_card_token').val(response.id)
You should be able to verify this either in your console or just by inspecting the DOM directly to see what the ID is on that hidden field.
I'm trying to create a charge with stripe. I get the following error when attempting to create order object, but I have set attr_accessor :stripe_card_token. Does anyone know what I am doing wrong?
ActiveModel::MassAssignmentSecurity::Error in OrdersController#create
Can't mass-assign protected attributes: stripe_card_token
OrdersController - Create action
def create
#order = current_cart.build_order(params[:order])
#order.ip_address = request.remote_ip
#order.user_id = current_user.id
respond_to do |format|
if #order.save_with_payment
#order.add_line_items_from_cart(current_cart)
Cart.destroy(session[:cart_id])
session[:cart_id] = nil
format.html { render :action => "success", :notice => 'Thank you for your order.' }
format.xml { render :xml => #order, :status => :created, :location => #order }
else
format.html { render :action => "new" }
format.xml { render :xml => #order.errors,
:status => :unprocessable_entity }
end
end
end
OrderModel
class Order < ActiveRecord::Base
# PAYMENT_TYPES = [ "visa", "master card", "Amex", "Discover" ] Controll the payment options via Model
attr_accessible :first_name, :last_name, :ip_address, :cart_id, :house_id
attr_accessor :stripe_card_token
belongs_to :user
belongs_to :house
belongs_to :cart
has_many :transactions, :class_name => "OrderTransaction"
has_many :line_items, :dependent => :destroy
validates :house_id, presence: true
validates :cart_id, presence: true
def price_in_cents
(cart.total_price*100).round
end
def add_line_items_from_cart(cart)
cart.line_items.each do |item|
item.cart_id = nil
line_items << item
end
end
def save_with_payment
if valid?
Stripe::Charge.create(amount: price_in_cents, currency: "cad", description: current_user.name, card: stripe_card_token)
# self.stripe_order_token = order.id
save!
end
rescue Stripe::InvalidRequestError => e
logger.error "Stripe error while creating customer: #{e.message}"
errors.add :base, "There was a problem with your credit card."
false
end
OrderView _Form
<%= f.error_notification %>
<%= f.error_messages %>
<%= f.hidden_field :stripe_card_token %>
<%= f.hidden_field :cart_id%>
<div class="form-inputs">
<p><%#if user does not have a house Make a page (please order a home valuation first) %></p>
<div class="contain">
<h3>Select House</h3>
<%= f.input :house_id, :as => :radio_buttons, :collection => current_user.houses.all.map{|h| [h.address, h.id]}%>
</div>
<%= f.input :first_name %>
<%= f.input :last_name %>
<div class="field">
<%= label_tag :card_number, "Credit Card Number" %>
<%= text_field_tag :card_number, nil, name: nil %>
</div>
<div class="field">
<%= label_tag :card_code, "Security Code on Card (CVV)" %>
<%= text_field_tag :card_code, nil, name: nil %>
</div>
<div class="field">
<%= label_tag :card_month, "Card Expiration" %>
<%= select_month nil, {add_month_numbers: true}, {name: nil, id: "card_month"} %>
<%= select_year nil, {start_year: Date.today.year, end_year: Date.today.year+15}, {name: nil, id: "card_year"} %>
</div>
</div>
<div id="stripe_error">
<noscript>JavaScript is not enabled and is required for this form. First enable it in your web browser settings.</noscript>
</div>
<div class="form-actions">
<%= f.button :submit %>
</div>
Orders.js.coffee
jQuery ->
Stripe.setPublishableKey($('meta[name="stripe-key"]').attr('content'))
order.setupForm()
order =
setupForm: ->
$('#new_order').submit ->
$('input[type=submit]').attr('disabled', true)
if $('#card_number').length
order.processCard()
false
else
true
processCard: ->
card =
number: $('#card_number').val()
cvc: $('#card_code').val()
expMonth: $('#card_month').val()
expYear: $('#card_year').val()
Stripe.createToken(card, order.handleStripeResponse)
handleStripeResponse: (status, response) ->
if status == 200
$('#order_stripe_card_token').val(response.id)
$('#new_order')[0].submit()
else
$('#stripe_error').text(response.error.message)
$('input[type=submit]').attr('disabled', false)
You still need to include :stripe_card_token under attr_accessible in your model
Active record (the layer in your rails stack that provides an interface between your ruby code and your database) protects your database from unwanted end-user assignment using the attr_accessible method. if present in your model it makes sure that a request can't write to your database unless the attribute is listed.
You've got attr_accessible here but don't have :stripe_card_token listed, so you can't save to that field.
attr_accessible :first_name, :last_name, :ip_address, :cart_id, :house_id add , :stripe_card_token
You may have though the attr_accessor :stripe_card_token line would somehow be related, but that just sets the getter and setter methods for the attribute.
The difference is better laid out here
In this question
You can read more about mass-assignment here: http://www.h-online.com/security/news/item/Rails-3-2-3-makes-mass-assignment-change-1498547.html