I'm building a site on rails and backbone. On the front end I have a simple form:
<form action="/api/users" method="post">
<input type="file" name="profile_image" />
<input type="submit" value="submit" />
<input type="hidden" name="id" value="1">
<input type="hidden" name="method" value="put">
<input type="hidden" name="authenticity_token" value="<%= csrf_token %>">
</form>
When I post this form and print params[:profile_image] from my UsersController the line
logger.debug params[:profile_image].class
just returns
String.
Where's the file?
For what it's worth, I'm using carrierwave, but don't want to mount an uploader. I would just like to pass a file to myUploader.store!.
You need to set enctype on your form in order to submit files. See http://www.w3.org/TR/html401/interact/forms.html#h-17.13.4.2
Example
<form action="/api/users" enctype="multipart/form-data" method="post">
Related
I have the following HTML which works well for subscription payments in my test environment.
<form action="paypalWebAddress" method="post" target="_top">
<input type="hidden" name="cmd" value="_xclick-subscriptions"/>
<input type="hidden" name="business" value="myPaypalAccountId"/>
<input type="hidden" name="paymentaction" value="sale"/>
<input type="hidden" name="item_name" value="Subscription For abc123"/>
<input type="hidden" name="currency_code" value="GBP"/>
<input type="hidden" name="no_note" value="1" />
<input type="hidden" name="a3" value="50"/>
<input type="hidden" name="p3" value="6"/>
<input type="hidden" name="t3" value="M"/>
<input type="hidden" name="src" value="1" />
<input type="hidden" name="srt" value="0" /><!--needs to be never ending-->
<input type="hidden" name="return" value="www."/>
<input type="hidden" name="notify_url" value="www."/>
<input type="hidden" name="cancel_url" value="www."/>
<input type="hidden" name="custom" value="abc123"/>
<input TYPE="hidden" name="charset" value="utf-8">
<input type="hidden" name="bn" value="Me_Subscribe_WPS_UK" />
<input type="submit" name="submit" value="Make Payment"/>
</form>
I'm about to go live and concerned that some one could easily manipulate the DOM and I'm suddenly sending bogus payments. I feel it would be safer to somehow post these values from the code behind so the user can't tamper with the values but, the user will still need to use the PayPal interface in their browser to log in and subscribe.
PayPal-NET-SDK has a quick start and shows how to get going. I have completed this (copied and pasted and ran in debug mode) and it executes fine. However, this doesn't cover subscriptions, probably for the reason explained above (and would probably prevent them accessing the PayPal gui in their browser).
I get the option in the PayPal dashboard area to create a button and reference by button, but, this won't work for me as I need to be able to set the custom field per subscription as a user can subscribe to 1 or more services and each service is unique to that user.
I can't understand how to achieve this
If I understand this right, every subscription is unique per customer in your case and that won't work with the static buttons, so the API seems the only way to go.
The PayPal API does cover subscriptions, they're called Billing Plans. Because each subscription is different, you could create a new Billing Plan for each unique service (or combination of services). This can be done without any intermediate SDK using the HttpClient directly to their API.
Alternatively, the PayPal-NET-SDK you mentioned also seems to cover Billing plans. Their Sample application has quite a lot of examples on how to create, enumerate and issue Billing Plans. Make sure you check out the billing_agreement_tokens collection on the Payment class. You might add multiple "service" tokens there.
No matter how close you are to releasing, a lot of testing still seems to be in order here.
You can try using HttpClient, something like this will help
HttpContent content = new FormUrlEncodedContent(
new List<KeyValuePair<string, string>> {
new KeyValuePair<string, string>("key1",
"value1"),
new KeyValuePair<string,string>("key2","value2")
});
content.Headers.ContentType = new
MediaTypeHeaderValue("application/x-www-form-
urlencoded");
content.Headers.ContentType.CharSet = "UTF-8";
HttpResponseMessage resposne = await
client.PostAsync(new Uri("paypalWebAddress"),
content);
You should not hardcode the values in forms, instead you should create an API in the backend which will return the correspoding values.Then you can dynamically create the form based on the response of the API.
Make sure you create this form after you have received the response from the API.You can have a check like if response is null show some spinner.
<form action="paypalWebAddress" method="post" target="_top">
<input type="hidden" name="cmd" value="{response.cmd}"/>
<input type="hidden" name="business" value={response.business}"/>
<input type="hidden" name="paymentaction" value={response.action}/>
<input type="hidden" name="item_name" value="{response.item}"/>
<input type="submit" name="submit" value="Make Payment"/>
</form>
<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
<input type="hidden" name="cmd" value="_xclick">
<input type="hidden" name="business" value="business.test.com">
<input type="hidden" name="item_name" value="Memory Stick">
<input type="hidden" name="item_number" value="MEM32507725">
<input type="hidden" name="amount" value="3">
<input type="hidden" name="tax" value="1">
<input type="hidden" name="quantity" value="1">
<input type="hidden" name="currency_code" value="USD">
<!-- Enable override of buyers's address stored with PayPal . -->
<input type="hidden" name="address_override" value="1">
<!-- Set variables that override the address stored with PayPal. -->
<input type="hidden" name="first_name" value="John">
<input type="hidden" name="last_name" value="Doe">
<input type="hidden" name="address1" value="345 Lark Ave">
<input type="hidden" name="city" value="San Jose">
<input type="hidden" name="state" value="CA">
<input type="hidden" name="zip" value="95121">
<input type="hidden" name="country" value="US">
<input type="image" name="submit"
src="https://www.paypalobjects.com/en_US/i/btn/btn_buynow_LG.gif"
alt="PayPal - The safer, easier way to pay online">
</form>
On Click on buy now :
<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
<!-- Identify your business so that you can collect the payments. -->
<input type="hidden" name="business" value="herschelgomez#xyzzyu.com">
<!-- Specify a Buy Now button. -->
<input type="hidden" name="cmd" value="_xclick">
<!-- Specify details about the item that buyers will purchase. -->
<input type="hidden" name="item_name" value="Premium Umbrella">
<input type="hidden" name="amount" value="50.00">
<input type="hidden" name="currency_code" value="USD">
<!-- Prompt buyers to enter the quantities they want. -->
<input type="hidden" name="undefined_quantity" value="1">
<!-- Display the payment button. -->
<input type="image" name="submit" border="0"
src="https://www.paypalobjects.com/en_US/i/btn/btn_buynow_LG.gif"
alt="Buy Now">
<img alt="" border="0" width="1" height="1"
src="https://www.paypalobjects.com/en_US/i/scr/pixel.gif" >
</form>
I have JamboPay api that i want to integrate with my rails application. It looks something like this;
<form method="post" action="https://www.jambopay.com/JPExpress.aspx" target="_blank">
<input type="hidden" name="jp_item_type" value="cart"/>
<input type="hidden" name="jp_item_name" value="test shop"/>
<input type="hidden" name="order_id" value="455879"/>
<input type="hidden" name="jp_business" value="business#yourdomain.com"/>
<input type="hidden" name="jp_amount_1" value="51"/>
<input type="hidden" name="jp_amount_2" value="0"/>
<input type="hidden" name="jp_amount_5" value="0"/>
<input type="hidden" name="jp_payee" value="email#yourcustomer.com"/>
<input type="hidden" name="jp_shipping" value="company name"/>
<input type="hidden" name="jp_rurl" value="http://www.yourwebsite.com/testpost/Result.aspx?ii=0"/>
<input type="hidden" name="jp_furl" value="http://www.yourwebsite.com/testpost/Result.aspx?ii=1"/>
<input type="hidden" name="jp_curl" value="http://www.yourwebsite.com/testpost/Result.aspx?ii=2"/>
<input type="image" src="https://www.jambopay.com/jambohelp/jambo/rsc/paymentsbyJamboPay.jpg"/>
</form>
I want to be able to send this information from my transactions controller in the create method.
Any ideas how i can pass this form from my controllers because i keep the same form for all payment methods in the views.
Thank you in advance.
You can send this post request using Net::HTTP library all you have to do is to send this information to your controller action and then send post request from action.
I have the following code in my HTML.erb
<form>
<input id="do" type="hidden" value="0" />
<button type="submit" value="Next">SUBTRACT</button>
</form>
<form>
<input id="do" type="hidden" value="1" />
<button type="submit" value="Next" >ADD</button>
</form>
Now When I click the any of the 2 buttons, I want to check the value of the input id="do" inside my Ruby Controller. What would the syntax look like ?
This should optimally be separated into two actions in the controller where each of the forms would submit (using the action attribute).
<form action='add'>
<input id="do" type="hidden" value="0" />
<button type="submit" value="Next">SUBTRACT</button>
</form>
<form action='subtract'>
<input id="do" type="hidden" value="1" />
<button type="submit" value="Next" >ADD</button>
</form>
#in your controller
def add
# do the addition processing
end
def subtract
# do the subtraction processing
end
If you really need to implement them in 1 action, then you could use Rails params object.
You need to set the name attributes, the name attributes get sent to the controller in the params hash
<form>
<input id="do" name="subtract" type="hidden" value="0" />
<button type="submit" value="Next">SUBTRACT</button>
</form>
<form>
<input id="do" name="add" type="hidden" value="1" />
<button type="submit" value="Next" >ADD</button>
</form>
In the controller,
the params[:subtract] or params[:add] will have the value depending on subtract clicked or add clicked .
I build the form tag by myself and when I post the form to server it give me a InvalidAuthenticityToken error, so I want to know how to add it in my own in current situation:
<form accept-charset="UTF-8" action="/crops/update" method="post">
<input id="crop_x" name="crop_x" size="30" type="text" /><br />
<input id="crop_y" name="crop_y" size="30" type="text" /><br />
<input id="crop_w" name="crop_w" size="30" type="text" /><br />
<input id="crop_h" name="crop_h" size="30" type="text" /><br />
<input id="crop" name="crop" type="submit" value="Crop!" />
</form>
Response error is:
ActionController::InvalidAuthenticityToken in CropsController#update
ActionController::InvalidAuthenticityToken
Rails.root: /home/mlzboy/my/crop2
Application Trace | Framework Trace | Full Trace
There is a view helper called form_authenticity_token that returns the current session's authenticity token.
In your view.html.erb:
<form action="/blah" method="POST">
<input name="authenticity_token" value="<%= form_authenticity_token %>" type="hidden">
<input name="first_name" type="text">
</form>
This answer is first for rails form token tag in Google so to keep it simpler for future googling generations: just use token_tag, it's a helper defined in ActionView::Helpers::UrlHelper that returns hidden input with form_authenticity_token as default value.
To generate the token you have to use the method: form_authenticity_token as it was correctly noted by #flitzwald. Since it is rediced in a active controller's concern, you must include the module into a controller expclicitly before using as follows:
include ActionController::RequestForgeryProtection
# use
def set_csrf_header
response.headers['X-CSRF-Token'] = form_authenticity_token
end
I have a fairly simple ASP.Net site that uses google checkout (I have an imagebutton with the PostBackUrl set to the Google address passing values of hidden fields) which works fine.
I've been moving this app to MVC and I'm not sure how to handle this. I thought about using jQuery form but I don't believe this would work in this situation because there are times when they're redirected to the google pages. Has anyone used google checkout in an asp.net MVC app?
You can do the same thing as you were doing before, just you end up doing it manually.
Sounds like you're using just the basic version, yes?
You create an HTML form that has the Action set to the Google checkout process, add in the proper Hidden fields (the model your controller passes down would be populated w/ the correct values for those) and then you have a submit button (or image if you prefer).
So, an example off Google's Basic HTML page, modified for some MVC-ish-ness would be something like this:
<form method="POST"
action="https://checkout.google.com/api/checkout/v2/checkoutForm/Merchant/<%= Model.MerchantId %>"
accept-charset="utf-8">
<input type="hidden" name="item_name_1" value="<%= Model.Item.Name %>"/>
<input type="hidden" name="item_description_1" value="<%= Model.Item.Description %>>
<input type="hidden" name="item_quantity_1" value="<%= Model.Item.Quantity %>"/>
<input type="hidden" name="item_price_1" value="<%= Model.Item.Price %>"/>
<input type="hidden" name="item_currency_1" value="<%= Model.Item.Currency %>"/>
<input type="hidden" name="ship_method_name_1" value="<%= Model.Shipping.Price %>"/>
<input type="hidden" name="ship_method_price_1" value="<%= Model.Shipping.Price %>"/>
<input type="hidden" name="ship_method_currency_1" value="<%= Model.Shipping.Currency %>"/>
<input type="hidden" name="tax_rate" value="<%= Model.Tax.Rate %>"/>
<input type="hidden" name="tax_us_state" value="<%= Model.Tax.State %>"/>
<input type="hidden" name="_charset_"/>
<input type="image" name="Google Checkout" alt="Fast checkout through Google"
src="http://checkout.google.com/buttons/checkout.gif?merchant_id=<%= Model.MerchantId %>&w=180&h=46&style=white&variant=text&loc=en_US"
height="46" width="180"/>
</form>
Obviously, you could make all that even more MVC-ish by using the form helper Html.Hidden and so on, but that shows the really basic version of what you need to do.