无法获得使用的自定义Stripe表单
无法获得使用的自定义Stripe表单
提问于 2014-10-19 18:07:39
我试图让Stripe与信用卡付款的订阅。
我目前正在得到一个ForbiddenAttributesError,日志在下面。
ActiveModel::ForbiddenAttributesError
Extracted source (around line #10):
def create
@subscription = Subscription.new(params[:subscription])
if @subscription.save_with_payment
redirect_to @subscription, :notice => "Thank you for subscribing!"
else日志:
Processing by SubscriptionsController#create as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"N58ei1EzQ+K4ATyJfSVOFIcZL96vML/wL3AWRuGAgH0=", "subscription"=>{"stripe_card_token"=>"tok_14pO112LeYog8mPkCsNDhIbK"}}
User Load (0.5ms) SELECT "users".* FROM "users" WHERE "users"."id" = 1 ORDER BY "users"."id" ASC LIMIT 1
Completed 500 Internal Server Error in 4ms
ActiveModel::ForbiddenAttributesError (ActiveModel::ForbiddenAttributesError):
app/controllers/subscriptions_controller.rb:10:in `create'
Rendered /home/action/.gem/ruby/2.1.1/gems/actionpack-4.1.0/lib/action_dispatch/middleware/templates/rescues/_source.erb (1.2ms)
Rendered /home/action/.gem/ruby/2.1.1/gems/actionpack-4.1.0/lib/action_dispatch/middleware/templates/rescues/_trace.html.erb (2.0ms)
Rendered /home/action/.gem/ruby/2.1.1/gems/actionpack-4.1.0/lib/action_dispatch/middleware/templates/rescues/_request_and_response.html.erb (1.6ms)
Rendered /home/action/.gem/ruby/2.1.1/gems/actionpack-4.1.0/lib/action_dispatch/middleware/templates/rescues/diagnostics.erb within rescues/layout (28.1ms) subscriptions_controller.rb
class SubscriptionsController < ApplicationController
before_filter :authenticate_user!
def new
@subscription = Subscription.new
end
def create
@subscription = Subscription.new(params[:subscription])
if @subscription.save_with_payment
redirect_to @subscription, :notice => "Thank you for subscribing!"
else
render :new
end
end
def show
@subscription = Subscription.find(params[:id])
end
endsubscription.rb
class Subscription < ActiveRecord::Base
belongs_to :user
attr_accessor :stripe_card_token
before_create :save_with_payment
def save_with_payment
customer = Stripe::Customer.create(
:card => stripe_card_token,
:description => "name",
:plan => 121,
:email => "email")
self.stripe_customer_id = customer.id
self.plan = 121
end
endsubscriptions.js.coffee
# Place all the behaviors and hooks related to the matching controller here.
# All this logic will automatically be available in application.js.
jQuery ->
Stripe.setPublishableKey($('meta[name="stripe-key"]').attr('content'))
subscription.setupForm()
subscription =
setupForm: ->
$('#new_subscription').submit (e) ->
$('input[type=submit]').attr('disabled', true)
subscription.processCard()
return false
processCard: ->
card =
number: $('#card_number').val()
cvc: $('#card_code').val()
expMonth: $('#card_month').val()
expYear: $('#card_year').val()
Stripe.createToken(card, subscription.handleStripeResponse)
handleStripeResponse: (status, response) ->
if status == 200
$('#subscription_stripe_card_token').val(response.id)
$('#new_subscription')[0].submit()
else
$('#stripe_error').text(response.error.message)
$('input[type=submit]').attr('disabled', false)
falsenew.html.erb
<div class='panel panel-default'>
<div class='panel-heading'>
<h2>Subscribe</h2>
</div>
<div class='panel-body'>
<%= form_for @subscription, :html => {:class => 'main-form'} do |f| %>
<%= f.hidden_field :stripe_card_token %>
<div id='stripe_error' class="alert alert-info" style='display:none'>
</div>
<span class="help-block">Nothing is billed to your card for 7 days. <b>Guaranteed. </b>
<br>If you choose to continue after 7 days, only then will you be billed.</span>
<div class='form-group'>
<%= label_tag :card_number, "Credit Card Number" %>
<%= text_field_tag :card_number, nil, name: nil, class: 'form-control input-box', :placeholder => 'Credit Card Number' %>
</div>
<div class='row'>
<div class="col-xs-6">
<%= label_tag :card_code, "Security Code on Card (CVC)" %>
<%= text_field_tag :card_code, nil, name: nil, class: 'form-control input-box', :placeholder => 'Security Code on Card (CVC)' %>
</div>
<div class="col-xs-6">
<%= label_tag :card_month, "Card Expiration" %>
<%= select_month nil, {add_month_numbers: true}, {name: nil, id: "card_month"} %>
<%= select_year nil, {start_year: Date.today.year+1, end_year: Date.today.year+15}, {name: nil, id: "card_year"} %>
</div>
</div>
<div>
<%= f.submit "Subscribe", class: 'btn standard-button' %>
</div>
<% end %>
</div>
</div>回答 1
Stack Overflow用户
回答已采纳
发布于 2014-10-19 18:53:56
你正被强大的参数所挫败。
你不能再做了..。
@subscription = Subscription.new(params[:subscription])(现在)典型的方法是.
@subscription = Subscription.new(subscription_params)有一种方法像..。
def subscription_params
# add all the fields you want to allow to be updated via your form...
# example below is just :name, :email but you get the idea.
params.require(:subscription).permit(:name, :email)
end它在最新的Rails中被改变的原因是,“黑帽子”的家伙不能再黑一个web表单来包含不应该被最终用户更改的属性。
页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/26453734
复制相关文章
相似问题
腾讯云开发者
