OK I finally am able to get a filereference uploader to send files to
rails from Flash. I had to turn the auth_token off using:
skip_before_filter :verify_authenticity_token, :only => ‘upload_photo’
But, for security I want to turn it back on. But I’m unable to get
Flash to send the vars correctly. I am able to grab the auth token
with some Javascript and I then use:
variables = new URLVariables();
variables.authenticity_token = paramList[“authenticityToken”];
var request = new URLRequest(UPLOAD_URL);
request.method = URLRequestMethod.POST;
request.data = variables;
Is that correct? The variable in an html rails form uses the same var
“authenticity_token” so I would assume it’s the same, but it’s not
working.
I think you’re on the right track; we use:
request=new URLRequest("/line_items");
request.method=URLRequestMethod.POST;
request.data=“authenticity_token=”+authenticity_token+"&design_id="+id;
loader.load(request);
One gotcha I ran into is authenticity_tokens are not URI-safe, which was
causing intermittent failures for me depending on the value of a given
authenticity_token. So when I’m pulling it from the flashvars I do:
var
authenticity_token:String=encodeURIComponent(parameters[“authenticity_token”]);
Glancing at the doc for URLVariables, I don’t think it does that for
you; you need to do it yourself.
HTH,
dwh
Hmm, I tried doing:
request.data = “authenticity_token=”+paramList[“authenticityToken”]
+"&design_id=1";
instead of variables, and still nothing. One thing I did notice… I
made a dynamic field on the stage and put the auth_code in there to
see if it was working. I’m not sure why, but for some reason the field
won’t include any + signs. there’s spaces there, and when I look in
the form field in html on the same page I have my flash, the spaces
are + signs. Not sure if that’s a reason…
I had discussed that in my previous reply. You need to URI-encode the
authenticity_token before sending it back.
dwh
It still won’t work. This issue has been discussed in the past (I know
cos I participated in it and provided a nice course of action to get
it working :-)).
http://www.ruby-forum.com/topic/161291
The post is about integrating SWFUpload with Rails and pass it on to
attachment_fu, but variants such as custom Flash uploaders and
Paperclip instead of attachment_fu should be easy to deduce from my
information.
On 20 May 2009, at 13:09, Denis H. wrote:
instead of variables, and still nothing. One thing I did notice… I
made a dynamic field on the stage and put the auth_code in there to
see if it was working. I’m not sure why, but for some reason the
field
won’t include any + signs. there’s spaces there, and when I look in
the form field in html on the same page I have my flash, the spaces
are + signs. Not sure if that’s a reason…
Best regards
Peter De Berdt
Okay, I was talking about the general case of Flash talking to Rails,
not about file uploading in specific.
What I did works for me 
dwh