[Facebooker-talk] problem doing a CRUD update?

Tres Wong-Godfrey tres.wong-godfrey at saniq.com
Thu Sep 18 03:49:45 EDT 2008 

Usually you see the InvalidAuthenticityToken when stuff is being  
posted directly back to your server when you didn't really want to be.  
You'd need a :canvas => true in your url generation function in order  
to avoid that kind of problem.


I'd really recommend checking out Mike's book http://pragprog.com/titles/mmfacer/developing-facebook-platform-applications-with-rails

It's not on paper yet, but you can get the PDF version right now.

It's well worth the cost -- it will get you up and running faster and  
with less frustration than the oft conflicting tutorials that are out  
there.




On Sep 18, 2008, at 12:09 AM, Allen Walker wrote:

> I'm now trying to do a "destroy". I do this:
>
> <%=link_to("Delete", url_for(:controller => "articles", :action =>  
> "destroy", :id  => article, :_method => :delete), :confirm => 'Are  
> you sure?'  )%>
> When i execute it, i get:
>
>
> ActionController::InvalidAuthenticityToken in  
> ArticlesController#destroy
>
> ActionController::InvalidAuthenticityToken
>
>
> If I comment out "protect_from_forgery  :secret => 'xx'" in  
> application.rb I get when i just try to view the page:
>
> ActionView::TemplateError (No :secret given to the  
> #protect_from_forgery call.  Set that or use a session store capable  
> of generating its own keys (Cookie Session Store).)
>
>
>
>
> Tres Wong-Godfrey wrote:
>>
>> Try something like this:
>> form_for :article, :url => { :action => "update", :id =>  
>> @article }, :html => { :method => :put } do |f|
>>
>> That should give you the 'PUT' method.
>>
>>
>> On Sep 17, 2008, at 11:09 PM, Allen Walker wrote:
>>
>>> This appears to be some kind of routing issue since facebook wraps  
>>> everything in a post... so here's what I'm doing:
>>>
>>> <% form_for :article, :url => { :action => "update", :id =>  
>>> @article } do |f|  
>>> %>                                                    <%=  
>>> render :partial => "form", :locals => { :f => f } %>
>>> <% end -%>
>>> renders:
>>>
>>> <form action="/myapp/articles/7" method="post">
>>>
>>> ....
>>> </form>
>>> The form comes up populated with the model data, but I submit  
>>> though I get:
>>>
>>>
>>> Unknown action
>>>
>>> No action responded to 7
>>>
>>>
>>>
>>> In the rake routes the "update" requires a HTTP "put" so I'm  
>>> wondering if that is causing the problem.
>>>
>>> thanks
>>> _______________________________________________
>>> Facebooker-talk mailing list
>>> Facebooker-talk at rubyforge.org
>>> http://rubyforge.org/mailman/listinfo/facebooker-talk
>>
>>
>
> _______________________________________________
> Facebooker-talk mailing list
> Facebooker-talk at rubyforge.org
> http://rubyforge.org/mailman/listinfo/facebooker-talk

More information about the Facebooker-talk mailing list