It's out of my skill range in Ruby on Rails but I look forward to implementing some of this stuff when I get around to it. Still learning Illustrator and After Effects at the moment :/
Great stuff!
I was wondering if you could do an episode in this series for a SaaS model subscription or a one time payment instead of the shopping cart model.
Im trying to implement this and its really hard to get my head around the variables that PayPal requires for this.
Its always easier when someone explains them so.. :D
Hope you can meet me somewhere half way on that at least.
Thanks!
Thank for this series on PayPal and Active Merchant. Can't wait until next week episode, please keep them coming. I'm starting my first e-commerce project with Rails for a friend. This is a great look inside laying that important foundation.
One more note: Thank you for the screen casts over at Pragmatic Studio. I have learned a lot from both of them.
So great episode. Just wanted to mention that I couldn't get this via iTunes. I keep getting an unknown error (-50) when I try to get this episode under the (iPod &Apple TV) group. Thanks again for all the great info.
"So great episode. Just wanted to mention that I couldn't get this via iTunes. I keep getting an unknown error (-50) when I try to get this episode under the (iPod &Apple TV) group. Thanks again for all the great info."
Awesome screen cast as usual! I'd also like to point out that some credit card companies like Visa prohibit storage of CVV values in any form or manner. Not sure if this is company policy or actual law though.
I've seen this value getting stored in the logs of some of the applications I've worked on in the past, and thought that it might be great if you can point this out to some of the new comers to ecommerce.
It's not just CVV that Visa cares about, it's what is called PII (Person Identifiable Information). Anyone that codifies applications that process credit card data should familiarize themselves with what is known as the PCI DSS Security Standards found over at https://www.pcisecuritystandards.org
This series is absolutely fantastic. CC processing is just one of those black arts that nobody ever discusses well, so your episodes here are very valuable.
I'm especially looking forward to the recurring billing episode so I can implement it within my own rails app that I want to start charging a subscription for.
I'll be donating something your way shortly to say thanks for your hard work.
Hey Ryan,
This is good stuff but I did notice a problem. It happened when I used attr_accessor myself. At 9:25, you submit the form and validator displays the errors - but it doesn't highlight the problem fields. How can we fix this? It's the one thing that's keeping my application from going into production.
Great article, especially the layout of the models. Could you do one on how to extend active merchant so that we can all contribute to the code base? I'd love to learn how to write another gateway, or extend AM to do recurring billing or tagged transactions.
I have already implemented ActiveMerchant on my site using the Braintree gateway, but I think a separate screencast on recurring billing using their vault would be especially helpful, even if it is with a different gateway.
BTW: Your code is super CLEAN. Very readable. You always produce the BEST screencasts.
As a suggestion for future episodes, one thing that is rather near and dear to me right now is that activerecord is actually getting in my way.
What I mean by that specifically is, I want to use native data types in a PostgreSQL database. However, it seems Activerecord is written to make this not only difficult, but more or less impossible without major changes throughout the database layer.
Why would I want to break database agnostic activerecord? Efficiency, both in terms of processing, searching the database, and the ability to use user-defined data types for speed and space improvements.
I'm currently storing around 30 million records in a single table, and without using the cidr and inet types it would be a nightmare.
I have the same problem as Patrick above. When you submit the form and the validations fails, none of the Credit Card fields get tagged with class="fieldWithErrors". Does anyone know how to get them to?
I need to create a payment form which have the "name on card" field and I don't have the field "CVV", can the field "name on card" be sent with the payment and also can the field "CVV" be discarted?
I'm trying to implement much of this code into an application I'm working on and I get this error:
The error occurred while evaluating nil.month
When I try to place an order... Any thoughts?
@Dave Reid
You are calling the method month an an object that contains nil class. Try using debugger to find out where your object becomes nil or call debugger conditional.
Great tutorial as always. Quick question regarding second submittals. If a user gets the error message (which i've added) but then needs to resubmit their order again, I assume they go to the new action again. but doesn't this create another Order record in the DB? should we redirect them to an EDIT method, so we can reuse that same line in the Order table?
Excellent railscast. Thanks for doing these. I was up and running with Linkpoint/FirstData in no time.
I had the same question as pjammer. If the transaction fails I guess we need to implement the update action for the order controller. My only concern with this is that it might inhibit debugging of transaction problems since the order database will change as the user makes corrections.. but then again most of the information they are sending that would cause an error is private so probably not an issue.
Thanks again.
My linkpoint setup notes are here
http://tonycode.com/wiki/index.php?title=First_Data_Ruby_on_Rails_GEM
fyi, I recently posted a screencast on my new SaasRamp plugin for doing recurring billing for software as a service (saas)
http://www.vaporbase.com/postings/SaasRamp_Screencast
Great screencast. One small point / question for Ryan.
You are using a CART model for recording a line item selected for purchase. I am assuming you would have a CART -> LINE_ITEM type relationship.
You are then basically recording that "this cart has been purchased" with the relationship to the ORDER table.
Im curious if this is your preferred structure for an eCommerce app? Spree, for example, does not have a cart. Everything goes into an ORDER -> LINE_ITEM type relationship and then you eventually mark an order as "complete" when purchased.
Im really REALLY struggling with the best eCommerce structure and was hoping you could provide some direction towards what you've done.
Josh, that's a great question. I've had the exact same one in scouring the web for rails ecom solutions. Right now I have a single cart per user, and multiple orders which are created based on the cart's contents. Once an order is complete, the cart is cleared.
However, now that I'm actually integrating the paypal code, this isn't going to work, as a unique "invoice id" is required for every express checkout. Which leaves me wondering if I should be creating a new cart every time, and making that the order, or as you say, starting with orders which seems to be a cleaner solution rather than having bizarre order <-> cart relationships.
Hey guys. Hoping someone might still be reading these comments. I am not having any luck getting through to paypal and its driving me nuts. Everything works perfectly if I use the railscasts paypal_options from github (username, password, api sig). But if I use my own, I get "This transaction cannot be processed due to an invalid merchant configuration."
I have no idea what's broken. I have a valid sandbox account with a test seller account, which has a bank account and API credentials. Anyone?
Whew, figured it out. Lets just say the paypal sandbox has become a good deal more onnerous since this railscast was first posted. Be sure and create a test seller account and a test website payments pro account from the same screen. Then log in to your seller account, click on profile to get the API sig, then make sure you agree to the wpp billing agreement. Otherwise your transactions will fail. Oh, and ignore every instance where paypal says it will set up api creds/bak accounts/etc for you automatically. It never works.
Thanks for the great casts. I just wonder, When I use standard checkout, why balance in my paypal sandbox doesnot reduced even my transaction is success?
The code for the config/environment/development.rb didn't work for me because it would result in a 'wrong number of arguments' exception when my development environment was loading. It seems to have been caused by assigning the Base.mode to true directly.
The solution for me was to set the :test option directly in PayPalGateway.new like I did here:
Thanks for the screencast. How do I display the message from transaction associated with particular order? I would like to output the error in flash message.
This definitely clarified some questions I have about the differences between activemerchant, spree and some other systems. It seems that with active merchant you'll need to build out your order<->line item<-->products model. I think this is more suited for adding a /shop section on a blog or site that doesn't have ecommerce as a priority. Of course, this could be used to build fully fledge e-commerce solution, but why would one use this over spree?
When I use "errors[:base] << message" it returns:
- errors
- errors
- errors
- errors
When I use "errors.add :base, message" it returns the exact validation errors:
- First name cannot be empty
- Last name cannot be empty
- Number is required
- Verification value is required"
Storing this data means your application must meet certain security requirements. In the United States, this also means that you would most likely be legally liable if the information was ever stolen from you.
in the OrderTransaction class there is an exception rescue but if the exception is triggered by the gateway, there is no way you can catch that into the transaction, am I wrong?
I am working on a maintenance project which is in Rails 3.2.3. Here for payments they are using Active Merchant gem for Paypal integration. As per the code review I did, mostly the code is written based on this railscast.
When I enter a credit card number, it is saved as a "xxxx-xxx-xxx-1234. It is fine in local but in production, it is storing in plain text sometimes. Does Active Merchant have any mechanism to encrypt this card number? or Is there any way to store this card number as "xxxx-xxx-xxx-1234"?
Awesome as usual...
I'm always checking out the site for new screen casts and i am never disappointed.
can't wait for the others.
Sweeeeeeeet!
It's out of my skill range in Ruby on Rails but I look forward to implementing some of this stuff when I get around to it. Still learning Illustrator and After Effects at the moment :/
Ryan,
Great stuff!
I was wondering if you could do an episode in this series for a SaaS model subscription or a one time payment instead of the shopping cart model.
Im trying to implement this and its really hard to get my head around the variables that PayPal requires for this.
Its always easier when someone explains them so.. :D
Hope you can meet me somewhere half way on that at least.
Thanks!
Thanks for an incredibly useful screencast. Not only the Active Merchant stuff but how you organize your models, controllers and so on.
Super!
Thank for this series on PayPal and Active Merchant. Can't wait until next week episode, please keep them coming. I'm starting my first e-commerce project with Rails for a friend. This is a great look inside laying that important foundation.
One more note: Thank you for the screen casts over at Pragmatic Studio. I have learned a lot from both of them.
Best episode ever in the series.
Go for recurring billing please!
So great episode. Just wanted to mention that I couldn't get this via iTunes. I keep getting an unknown error (-50) when I try to get this episode under the (iPod &Apple TV) group. Thanks again for all the great info.
GG once again
Magic!
"So great episode. Just wanted to mention that I couldn't get this via iTunes. I keep getting an unknown error (-50) when I try to get this episode under the (iPod &Apple TV) group. Thanks again for all the great info."
+1
I would suggest using filter_parameter_logging to prevent credit card information to be stored in logs.
Anyway, nice episode -- as always!
filter_parameter_logging is deprecated in rails 3.1... instead put this in application.rb
config.filter_parameters << :card_number << :card_verification
thanks Nicolai Seerup.. was facing this problem and you pulled me out.
Thanks for the feedback guys. The iTunes problem should be fixed shortly.
@Pawel, great suggestion. I'll add it to the show notes.
Hi Ryan,
Great episode!
Do you think it will be possible to show the different configurations which will need to be done to use the other gateways?
I would like to see how to do this with 2checkout (since I'm from Trinidad and Tobago, and PayPal isn't an option since we can't withdraw funds)
Thanks.
Hi Ryan,
Awesome screen cast as usual! I'd also like to point out that some credit card companies like Visa prohibit storage of CVV values in any form or manner. Not sure if this is company policy or actual law though.
I've seen this value getting stored in the logs of some of the applications I've worked on in the past, and thought that it might be great if you can point this out to some of the new comers to ecommerce.
@Dillo
It's not just CVV that Visa cares about, it's what is called PII (Person Identifiable Information). Anyone that codifies applications that process credit card data should familiarize themselves with what is known as the PCI DSS Security Standards found over at https://www.pcisecuritystandards.org
Brilliant stuff, really.
This series is absolutely fantastic. CC processing is just one of those black arts that nobody ever discusses well, so your episodes here are very valuable.
I'm especially looking forward to the recurring billing episode so I can implement it within my own rails app that I want to start charging a subscription for.
I'll be donating something your way shortly to say thanks for your hard work.
Hey Ryan,
This is good stuff but I did notice a problem. It happened when I used attr_accessor myself. At 9:25, you submit the form and validator displays the errors - but it doesn't highlight the problem fields. How can we fix this? It's the one thing that's keeping my application from going into production.
Thanks!
Great article, especially the layout of the models. Could you do one on how to extend active merchant so that we can all contribute to the code base? I'd love to learn how to write another gateway, or extend AM to do recurring billing or tagged transactions.
Thanks!
Great screencast, as usual!
I have already implemented ActiveMerchant on my site using the Braintree gateway, but I think a separate screencast on recurring billing using their vault would be especially helpful, even if it is with a different gateway.
BTW: Your code is super CLEAN. Very readable. You always produce the BEST screencasts.
Thanks Ryan!
Chip
Great stuff Ryan! Another vote here for SaaS app recurring billing :)
Excellent work! Can't wait for the next.
As a suggestion for future episodes, one thing that is rather near and dear to me right now is that activerecord is actually getting in my way.
What I mean by that specifically is, I want to use native data types in a PostgreSQL database. However, it seems Activerecord is written to make this not only difficult, but more or less impossible without major changes throughout the database layer.
Why would I want to break database agnostic activerecord? Efficiency, both in terms of processing, searching the database, and the ability to use user-defined data types for speed and space improvements.
I'm currently storing around 30 million records in a single table, and without using the cidr and inet types it would be a nightmare.
Hello,
Great episodes on payment, they are very useful. I have just one question you may have address in other rails cast:
How do you do to have https form?
For Rails people interested in commerce you should check out Spree which is an open source rails commerce platform. It uses ActiveMechant.
I have the same problem as Patrick above. When you submit the form and the validations fails, none of the Credit Card fields get tagged with class="fieldWithErrors". Does anyone know how to get them to?
Hi,
How do i go about adding invoice ID. and Item Title to the gateway option?
have you tired this with authorize.net? I'm trying to customize it to make it work with the authorize.net. Ideas?
1. Richard: I believe active merchant already works with authorize.net. The gateway you need to instantiate will need to be different.
2. Did anyone else run into problems with this error on rake gems:install :-
/Library/Ruby/Site/1.8/rubygems.rb:149:in `activate': can't activate
activesupport (>= 1.4.1, runtime), already activated
activesupport-2.1.0 (Gem::Exception)
I searched and searched but found no solution.
Excellent!
+1 recurring billing!
Hi,
I have a question about the fields.
I need to create a payment form which have the "name on card" field and I don't have the field "CVV", can the field "name on card" be sent with the payment and also can the field "CVV" be discarted?
I'm trying to implement much of this code into an application I'm working on and I get this error:
The error occurred while evaluating nil.month
When I try to place an order... Any thoughts?
@Dave Reid
You are calling the method month an an object that contains nil class. Try using debugger to find out where your object becomes nil or call debugger conditional.
if object.nil?
debugger
end
Good luck.
My transactions suddenly seem to be going through to PayPal's development sandbox without any Billing information.
Do other gateways allow actual transactions without billing info (now possibly PayPal again)?
@Tim thanks I figured that one out...
Any thoughts on why the code doesn't pass the purchase_options to paypal?
How to download source code from github?
thx............
that's rather hard to unerstand
Great tutorial as always. Quick question regarding second submittals. If a user gets the error message (which i've added) but then needs to resubmit their order again, I assume they go to the new action again. but doesn't this create another Order record in the DB? should we redirect them to an EDIT method, so we can reuse that same line in the Order table?
or am i missing something?
Excellent railscast. Thanks for doing these. I was up and running with Linkpoint/FirstData in no time.
I had the same question as pjammer. If the transaction fails I guess we need to implement the update action for the order controller. My only concern with this is that it might inhibit debugging of transaction problems since the order database will change as the user makes corrections.. but then again most of the information they are sending that would cause an error is private so probably not an issue.
Thanks again.
My linkpoint setup notes are here
http://tonycode.com/wiki/index.php?title=First_Data_Ruby_on_Rails_GEM
fyi, I recently posted a screencast on my new SaasRamp plugin for doing recurring billing for software as a service (saas)
http://www.vaporbase.com/postings/SaasRamp_Screencast
Great screencast. One small point / question for Ryan.
You are using a CART model for recording a line item selected for purchase. I am assuming you would have a CART -> LINE_ITEM type relationship.
You are then basically recording that "this cart has been purchased" with the relationship to the ORDER table.
Im curious if this is your preferred structure for an eCommerce app? Spree, for example, does not have a cart. Everything goes into an ORDER -> LINE_ITEM type relationship and then you eventually mark an order as "complete" when purchased.
Im really REALLY struggling with the best eCommerce structure and was hoping you could provide some direction towards what you've done.
Josh, that's a great question. I've had the exact same one in scouring the web for rails ecom solutions. Right now I have a single cart per user, and multiple orders which are created based on the cart's contents. Once an order is complete, the cart is cleared.
However, now that I'm actually integrating the paypal code, this isn't going to work, as a unique "invoice id" is required for every express checkout. Which leaves me wondering if I should be creating a new cart every time, and making that the order, or as you say, starting with orders which seems to be a cleaner solution rather than having bizarre order <-> cart relationships.
Hey guys. Hoping someone might still be reading these comments. I am not having any luck getting through to paypal and its driving me nuts. Everything works perfectly if I use the railscasts paypal_options from github (username, password, api sig). But if I use my own, I get "This transaction cannot be processed due to an invalid merchant configuration."
I have no idea what's broken. I have a valid sandbox account with a test seller account, which has a bank account and API credentials. Anyone?
Whew, figured it out. Lets just say the paypal sandbox has become a good deal more onnerous since this railscast was first posted. Be sure and create a test seller account and a test website payments pro account from the same screen. Then log in to your seller account, click on profile to get the API sig, then make sure you agree to the wpp billing agreement. Otherwise your transactions will fail. Oh, and ignore every instance where paypal says it will set up api creds/bak accounts/etc for you automatically. It never works.
Good one. As usual ! Keep them coming :o)
I get an error when from rake setup and rake gems:install:
and suggestions?
Hi Ryan!
Thanks for the great casts. I just wonder, When I use standard checkout, why balance in my paypal sandbox doesnot reduced even my transaction is success?
Thanks, I hope you will glad to reply :)
(Rails 2.3.9, ActiveMerchant 1.9.0)
The code for the config/environment/development.rb didn't work for me because it would result in a 'wrong number of arguments' exception when my development environment was loading. It seems to have been caused by assigning the Base.mode to true directly.
The solution for me was to set the :test option directly in PayPalGateway.new like I did here:
http://gist.github.com/645751
Really useful screencast!
One important note is that you have to filter your logs or else you are still storing all your users credit card information in plaintext.
I would add a "filter_parameters" line to this screencast so that everyone knows about this potential security pitfall.
Hi ryan,
Thanks for the screencast. How do I display the message from transaction associated with particular order? I would like to output the error in flash message.
For example:
if @order.purchase
....
else
flash[:error] = @order.transactions.response
format.html { render :action => "new" }
end
The code above doesn't work though.
Thanks!
You could try @order.transactions.last.message
even better would be to pass the message back or store it directly in the order model so you save yourself a hit to the DB.
This definitely clarified some questions I have about the differences between activemerchant, spree and some other systems. It seems that with active merchant you'll need to build out your order<->line item<-->products model. I think this is more suited for adding a /shop section on a blog or site that doesn't have ecommerce as a priority. Of course, this could be used to build fully fledge e-commerce solution, but why would one use this over spree?
Under the validate_card method you'll have to change:
to
errors.add :base, message
or
errors[:base] << message
I just tried both out of curiosity;
When I use "errors[:base] << message" it returns:
- errors
- errors
- errors
- errors
When I use "errors.add :base, message" it returns the exact validation errors:
- First name cannot be empty
- Last name cannot be empty
- Number is required
- Verification value is required"
So I ended up using: errors.add :base, message
May I have a question: why don't you store card_number and card verification value in database?
Storing this data means your application must meet certain security requirements. In the United States, this also means that you would most likely be legally liable if the information was ever stolen from you.
I am having trouble with doing errors(:base) << message. Could someone please look at my post and see if they could help me out: http://bit.ly/OFthci
Thank you
in the OrderTransaction class there is an exception rescue but if the exception is triggered by the gateway, there is no way you can catch that into the transaction, am I wrong?
As someone named Jake, you sure caught my attention at 1:27.
You are awesome!
terrific. thank you.
Trying to implement this in a Rails 3 app. Anyone know how to translate the following route for Rails 3:
Thanks!
I think it goes something like this
match : current_cart, to: 'cart', :controller => 'carts', :action => 'show', :id => 'current'
I am working on a maintenance project which is in Rails 3.2.3. Here for payments they are using Active Merchant gem for Paypal integration. As per the code review I did, mostly the code is written based on this railscast.
When I enter a credit card number, it is saved as a "xxxx-xxx-xxx-1234. It is fine in local but in production, it is storing in plain text sometimes. Does Active Merchant have any mechanism to encrypt this card number? or Is there any way to store this card number as "xxxx-xxx-xxx-1234"?