-
watch on iTunes
-
follow on Twitter
-
follow on Facebook
-
subscribe to RSS feed
watch on iTunes
follow on Twitter
follow on Facebook
subscribe to RSS feed
Brilliant stuff, really.
This series is absolutely fantastic. CC processing is just one of those black arts that nobody ever discusses well, so your episodes here are very valuable.
I'm especially looking forward to the recurring billing episode so I can implement it within my own rails app that I want to start charging a subscription for.
I'll be donating something your way shortly to say thanks for your hard work.
@Dillo
It's not just CVV that Visa cares about, it's what is called PII (Person Identifiable Information). Anyone that codifies applications that process credit card data should familiarize themselves with what is known as the PCI DSS Security Standards found over at https://www.pcisecuritystandards.org
Hi Ryan,
Awesome screen cast as usual! I'd also like to point out that some credit card companies like Visa prohibit storage of CVV values in any form or manner. Not sure if this is company policy or actual law though.
I've seen this value getting stored in the logs of some of the applications I've worked on in the past, and thought that it might be great if you can point this out to some of the new comers to ecommerce.
Hi Ryan,
Great episode!
Do you think it will be possible to show the different configurations which will need to be done to use the other gateways?
I would like to see how to do this with 2checkout (since I'm from Trinidad and Tobago, and PayPal isn't an option since we can't withdraw funds)
Thanks.
Thanks for the feedback guys. The iTunes problem should be fixed shortly.
@Pawel, great suggestion. I'll add it to the show notes.
I would suggest using filter_parameter_logging to prevent credit card information to be stored in logs.
Anyway, nice episode -- as always!
"So great episode. Just wanted to mention that I couldn't get this via iTunes. I keep getting an unknown error (-50) when I try to get this episode under the (iPod &Apple TV) group. Thanks again for all the great info."
+1
Magic!
GG once again
So great episode. Just wanted to mention that I couldn't get this via iTunes. I keep getting an unknown error (-50) when I try to get this episode under the (iPod &Apple TV) group. Thanks again for all the great info.
Best episode ever in the series.
Go for recurring billing please!
Thank for this series on PayPal and Active Merchant. Can't wait until next week episode, please keep them coming. I'm starting my first e-commerce project with Rails for a friend. This is a great look inside laying that important foundation.
One more note: Thank you for the screen casts over at Pragmatic Studio. I have learned a lot from both of them.
Thanks for an incredibly useful screencast. Not only the Active Merchant stuff but how you organize your models, controllers and so on.
Super!
Ryan,
Great stuff!
I was wondering if you could do an episode in this series for a SaaS model subscription or a one time payment instead of the shopping cart model.
Im trying to implement this and its really hard to get my head around the variables that PayPal requires for this.
Its always easier when someone explains them so.. :D
Hope you can meet me somewhere half way on that at least.
Thanks!
It's out of my skill range in Ruby on Rails but I look forward to implementing some of this stuff when I get around to it. Still learning Illustrator and After Effects at the moment :/
Sweeeeeeeet!
Awesome as usual...
I'm always checking out the site for new screen casts and i am never disappointed.
can't wait for the others.
Hi,I am getting this error
uninitialized constant OpenID::Store
Could you please help me to resolve this issue, i have rails 2.0.2 with latest version of OpenId.
Thanks,
Shahroon
What about an episode on SAML
Great screencast! Many thanks. I'm still at loss regarding the SSL/HTTPS IPN callback from Paypal. Can't figure out how to get it right. After all /payment_notification is plain unencrypted HTTP.. Help? Anybody? THx!
Coming late to Rails, I am studying each of the episodes from the start. This one was extremely interesting, but at the same time I was dismayed by the level of noise in the final code.
I found the suggestions from stephan (above) quite brilliant; I adopted them in this way:
1) define a :confirm_or_destroy route (=> :any)
2) keep using the link_to, with :href set to the route above.
3) have the controller action for that route check if request is a delete (js user) or a get (non-js user).
4) have the view for that action display the choice to the non-js user (of course, the js-user was redirected).
The code shrinks dramatically and it works perfectly (even in R2.1, with the authentication token, as we reused link_to logic!).
It would be even simpler if link_to did not force the javascript handler to use the url in href (why do that? let the onclick handler and href be independent!). And the new route would only be used by the non-js user.
Very interesting also the posts from nicolash, boccaleone, Jamie Hill (a 'GET representation' of the 'delete', like :new for :create.. I fell from my chair when I realized what he meant!), and others.
Another episode where it is as amazing to read from the posters as from Ryan. Even if an 'old' episode, I found it superb.
Just found that you cannot use the underscore character (and possibly others) in the environment name.
I was after development_home, but had to settle for developmenthome.
I am the author of request-log-analyzer (http://github.com/wvanbergen/request-log-analyzer/), an open-source command line tool to analyze production logs.
It is a bit more advanced than rawk and produces more detailed reports: http://wiki.github.com/wvanbergen/request-log-analyzer/sample-output
Maybe it can be of help if you are trying to find the bottlenecks in your application.
Hi,
Thanks for the Rails cast!
I have integrated this solution seamlessly into my own app with resounding success except for one thing.
If I use the add task link (add member in my case) then all works as it should and I get a 4th row.
Now if I hit the refresh button in my browser the 4th row dissapears.
Is there a solution to this?
Thanks again.
This has been very helpful! I've made a couple tweaks to make this work for a social network, so the invited user gets auto-friended with the person who invited him, and gets pending requests from other people who may have invited him. Maybe once I get everything squared away, I'll post some of my code.
One concern I have is if the invitation's token is guaranteed to be unique. Perhaps I'm being paranoid, but I think I'm going to modify this to use the invitation's id & token to uniquely grab the invite. Thoughts?
Great screencast! I have passenger up and running but when trying to use a scaffold out of the box I get errors on create, update, and destroy actions. Index and show work perfectly and I don't get these errors when running script/server. The error message starts out /!\ FAILSAFE /!\ Status: 500 Internal Server Error can't convert Symbol into String but it doesn't reference any line of code that I have written. You can see the entire trace at http://pastie.org/363327. Thanks in advance for any suggestions.
now this works like this:
http://rails.learnhub.com/lesson/page/6392-action-controller-rescue
class ApplicationController < ActionController::Base
rescue_from ActiveRecord::RecordNotFound, :with => :record_not_found
private
def record_not_found
render :text => "404 Not Found", :status => 404
end
end
If this screencast is not enough, there is another screen cast over at http://www.railsillustrated.com/screencast-endless-page.html which uses a slightly different technique.
@Luvi c.198
Check to make sure the form for on your edit page is this:
- form_for :item, :url => item_path(@item), :html => { :method => 'put' } do |f|
Otherwise it will call the create action instead of the update action.
Thanks again for this great work.
It appears the link to the http_authentication.rb source shown above is no longer valid since the code moved to github.
I assume you might want something like: http://github.com/rails/rails/tree/v2.0.0/actionpack/lib/action_controller/http_authentication.rb
Is it okay that paypal send back data using plain text? Shouldn't the return URL be https://mysite.com/payment_notification ?
I have made a fork of the plugin for jQuery support:
http://github.com/fguillen/exception_logger_jquery/tree/master
I have made just monkey testing.. so I don't know if every thing is correct :)
f.
@Cody,
I didn't mean to come across that you didn't have those requirements, but that they become more extensive if you do store the data. Sorry for not making that more explicit (it sounded right in my head at the time).
The following pastie illustrates the problem mentioned above:
http://pastie.textmate.org/private/5abvempgeb8ytkuqni0pq
Ryan,
as usual a great screencast!
Now, let's assume we'd like to be able enter new comments directly on a form in the article-page (.../articles/1/show).
Since the form will post to the comments-controller create-action, we are not able to redisplay articles-show in case of a validation error.
In your example this problem doesn't exist, because if validations fail, you can just re-render the new-action of the comments controller.
Thanks a lot for your kind help!
@Carl,
You're responsible for those requirements as soon as you receive any cardholder data on your servers even if you don't store the card numbers.
Not storing card numbers does save you from section 3 of the PCI DSS, which is a complex section due to all of the encryption requirements, etc. Not having a load of cardholder data on your servers would also hopefully lessen the impact of a security breach on your servers.
@Jeffrey Lee,
PayPal only supports referenced credits, which are based on a previous transaction. Some other gateways do support non-referenced credits by passing in a credit card object as the second argument to the credit() method. You'll have to check with your gateway provider and ActiveMerchant to see what your gateway supports.
@Gustavo,
You have to be careful about storing credit card info in your system (they are many requirements, you can find some info here: http://usa.visa.com/merchants/risk_management/cisp_merchants.html )
The safest way to do reoccurring billing is using something that some providers offer that stores the credit card info on their servers and just returns a sort of key to you that allows you to adjust amounts, remaining payments, etc. I did this for Authorize.net and it was pretty simple.
If you go that route, ActiveMerchant has some methods that make it pretty simple to handle (update_recurring for example). http://github.com/Shopify/active_merchant/blob/2b1c6d8e960b06ac98ea223280ff6e81f30174a1/lib/active_merchant/billing/gateways/authorize_net.rb for reference.
Methods like this are only available if the gateway supports it (and only a few do, and some (all?) charge a bit more for it), so you do have to do some research, but it is worth it if you plan to use reoccurring billing (not every app requires it).
http://wiki.github.com/Shopify/active_merchant/gatewayfeaturematrix
I only have experience with Authorize.net, so I can't speak about the rest, but in general expect another fee every time you turn around ($5/month for reoccurring billing, $5/month as a "statement fee", 2.5%/transaction, $0.20/transaction for this, $0.05/transaction for that, $0.05/transaction for this other thing, $20/month for this, oh, and a $20/month minimum in case that 2.5% is less than that per month, etc. Once you get past that, it's not too bad.
Hey Ryan,
Thank you for the great railscasts.
I am working through this episode, however I realized that if I had a
@line_item = @cart.line_items.build
in my controller. The method will return nil. Any way to get around this?
Great site, thanks for the hard work!
Just a typo probably, but for the record and to encourage proper English usage:
The screen picture above shows the right prepositions (on %B %d at %I %M %p) but the video shows them reversed (at %B %d on %I %M %p).
@alex same doubt as you.
Would be legal or possible to program a monthly "gateway.purchase" of the same value and same credit card?
For those of you interested in Rails commerce, you should check out the open source Spree project[1].
[1] http://spreehq.org
Awesome screencast Ryan. Any chance on recurring billing for software as a service?
@Ryan,
I'm pretty sure you are beyond needing "Beginning Ruby". Unless it is a gift for someone else? Sometimes the things you do on your screencasts still look like magic to me, and I've been writing Ruby for a couple of years now.
For those trying to install sphinx on windows, I found this article to be very helpful.
http://www.expressionlab.com/2008/11/2/thinking-sphinx-on-windows
Some gotcha's to watch out for are:
1. Rails files path with spaces in it, so "My Documents" doesn't work. I created a new directory under c:\ and it worked.
2. Your ruby\bin directory must be in your environment variable "path". Remember to open a new command prompt to take the new settings if your using it for rake tasks.
Hope it helps other users.
Yes, Railscasts brings much joy to an otherwise bland Monday morning :)
Thank you for this detailed information, it is done well.
I am getting a syntax error in task.rhtml: "undefined local variable or method `task' for #<ActionView::Base:0xb692bbf0>"
Why?
I have a problem.
When I try to update the tasks, It's not updated but it's inserted in new row in database.
What's wrong?
@Fluffy
Check to make sure the join table has :id => false so that your join table does not have a primary id column.