HTTP Post request for a link

jturney · July 10, 2008, 7:38pm

<%= link_to image_tag(product.url), :action => :add_to_cart, :method =>
:delete, :id => product %>

Hi,

Did I implement this link correctly to send an HTTP Post request?

Thanks

jturney · July 10, 2008, 8:19pm

Looks good if you want the http protocol to be delete… I think what
you want is :method => :post

:method => symbol of HTTP verb - This modifier will dynamically create
an HTML form and immediately submit the form for processing using the
HTTP verb specified. Useful for having links perform a POST operation
in dangerous actions like deleting a record (which search bots can
follow while spidering your site). Supported verbs are :post, :delete
and :put. Note that if the user has JavaScript disabled, the request
will fall back to using GET. If you are relying on the POST behavior,
you should check for it in your controller‘s action by using the
request object‘s methods for post?, delete? or put?.

jturney · July 10, 2008, 11:19pm

If you are relying on the POST behavior,
you should check for it in your controllerï¿½s action by using the
request objectï¿½s methods for post?, delete? or put?.

I don’t understand that =) Can you explain in more detail please

jturney · July 10, 2008, 11:23pm

Also, I’m trying to use sessions in my database…but after I did rake
db:sessions:create, rake db:migrate, I got this error:

ActionController::InvalidAuthenticityToken in Store#index

Showing store/index.html.erb where line #9 raised:

No :secret given to the #protect_from_forgery call. Set that or use a
session store capable of generating its own keys (Cookie Session Store).

Extracted source (around line #9):

6:

<%=h product.title %>

7: <%= product.description %>

8: <%= number_to_currency(product.price)
%>
9: <%= button_to(“Add to Cart”, :action => :add_to_cart, :id =>
product) %>
10:

11:
12: <% end %>

Thanks for the help!

jturney · July 11, 2008, 4:53am

Hi Justin,

Justin To wrote:

Also, I’m trying to use sessions in my database…but after I did
rake db:sessions:create, rake db:migrate, I got this error:

ActionController::InvalidAuthenticityToken in Store#index

Showing store/index.html.erb where line #9 raised:

No :secret given to the #protect_from_forgery call. Set that or use a
session store capable of generating its own keys (Cookie Session Store).

Did you change the settin in environment.rb?

HTH,
Bill

jturney · July 11, 2008, 5:37am

I figured it out: named the file wrong. I’m new, so I’m unfamiliar with
the rails conventions.

Thanks