I have a stripe checkout error in my symfony project. Here is my view that uses checkout by default :
<form action="" method="POST">
<script
src="https://checkout.stripe.com/checkout.js" class="stripe-button"
data-key="pk_test_C9N5xzeBHyGplmZwpsbyciS6"
data-amount="9999"
data-name="Demo Site"
data-description="Widget"
data-image="https://stripe.com/img/documentation/checkout/marketplace.png"
data-locale="auto"
data-zip-code="true"
data-currency="eur">
</script>
</form>
The method of my controller:
public function paiementAction(Request $request)
{
\Stripe\Stripe::setApiKey("sk_test_5W9Z1CdBKN2G46sTa2O5KI3T");
$token = $_POST['stripeToken'];
try {
$charge = \Stripe\Charge::create(array(
"amount" => 1000, // Amount in cents
"currency" => "eur",
"source" => $token,
"description" => "Example charge"
));
return $this->redirectToRoute("chk38_platform_confirmation");
} catch (\Stripe\Error\Card $e) {
// The card has been declined
return $this->redirectToRoute("chk38_platform_commande");
}
}`
Error Symfony
Thank you for your help
This issue of $_POST['stripeToken'] not being populated generally occurs when your code isn't creating a Token object via Stripe Checkout prior to running this bit of code.
I would suggest that you check your Stripe account's API logs (https://dashboard.stripe.com/test/logs/overview) and ensure that you are in fact correctly creating a Token object via Stripe Checkout prior to calling this create Charge snippet.
You may also want to read through their Checkout PHP tutorial (https://stripe.com/docs/checkout/php), to get a better understanding of how all of the pieces fit together. If you still have issues after all that, you may want to write in to their support staff via https://support.stripe.com/email since you probably don't want to discuss private account specific things in public.
This is a quick finding I just experienced. If you're using the default <form action="/directory" method="POST"> ... </form> from this stripe example page with your own endpoint make sure to specify down to the index.php file inside the directory folder.
I was getting an odd error where the token was being created but I would get directed to the PHP endpoint and it wasn't a POST event. I had an index.php file in /directory/ and I had to write the complete path not just up to /directory eg. /directory/index.php. Then it worked as expected.
I want to confirm and extend what subalublub said, in that the endpoint can simply be "/charge/" without having to use index.php there.
I ran into this issue and just using "/charge" was not passing in the $_POST values, but when changing to "/charge/" the index.php file inside that folder worked correctly.
Hope this helps someone.
When I log in to my app, and immediately go back when I enter it, and then try to log out, I get the error from the title, how can I fix that?
I was facing same issue with laravel 5.4 .. and then following command works for me :)
chmod 777 storage/framework/sessions/
before this, it was chmod 775 storage/framework/sessions/ ... hence I was facing the issue...
Happy coding
I solved this problem by editing the file config->session.php
'domain' => env('SESSION_DOMAIN', null),
and removing SESSION_DOMAIN from the file (.env)
and finally composer dumpautoload
From Laravel 5.3 docs
The Auth::routes method now registers a POST route for /logout instead of a GET route. This prevents other web applications from logging your users out of your application. To upgrade, you should either convert your logout requests to use the POST verb or register your own GET route for the /logout URI:
Option One:
Route::get('/logout', 'Auth\LoginController#logout');
For more about upgrade please have a look at this https://laravel.com/docs/5.3/upgrade
Option 2
//Insert this on your head section
<!-- CSRF Token -->
<meta name="csrf-token" content="{{ csrf_token() }}">
<!-- Scripts -->
<script>
window.Laravel = <?php echo json_encode([
'csrfToken' => csrf_token(),
]); ?>
</script>
Where you want you logout
<ul class="dropdown-menu" role="menu">
<li>
<a href="{{ url('/logout') }}" onclick="event.preventDefault();
document.getElementById('logout-form').submit();"> Logout
</a>
<form id="logout-form" action="{{ url('/logout') }}" method="POST" style="display: none;">
{{ csrf_field() }}
</form>
</li>
</ul>
Cheers
I faced this issue because I set 'secure' => env('SESSION_SECURE_COOKIE', false), to true for my localhost. The value is in the project-folder/config/session.php file. Since my localhost wasn't https that's why I was facing the issue. After making it false for my localhost the issue disappeared.
I have added SESSION_DOMAIN=localhost in my .env file when my APP_URL is APP_URL=http://localhost. It works for me I use laravel 5.3
Actually i have the same issue in Laravel 5.4, when I upload a file using a form, I sent the token and the file uploads correctly. The issue appears when I upload a file that exceeds the max filesize upload. So, just add an exception in the VerifyCsrfToken.php for the route and the message disapears, but the file doesn't get upload.
use Closure;
use Illuminate\Foundation\Http\Middleware\VerifyCsrfToken as BaseVerifier;
class VerifyCsrfToken extends BaseVerifier {
/**
* Handle an incoming request.
*
* #param \Illuminate\Http\Request $request
* #param \Closure $next
* #return mixed
*/
protected $except = [
'anexoSesion',
];
public function handle($request, Closure $next)
{
return parent::handle($request, $next);
}
}
I had the same problem.
I run Laravel / PHP on a Windows machine with IIS. If you do as well, please make sure, the user IUSR have modify rights on the project directories.
After permitting the user, the error was gone.
This issue will generally occur due to permissions. As Manish noted you can chmod 777 on your sessions folder, however, I would not recommend this ever. First check if you have the same issue with the app using artisan serve (as opposed to serving your app via Nginx or Apache). If you don't then it is a permissions issue and you can change the ownership of the folder accordingly. Most likely it is the www-data user that needs permissions to write to the folder, however, you will want to check your environment to make sure as the user will differ in some cases.
To solve this add those two lines in the route file (e.g web.php)
Route::get('/', 'HomeController#index');// so when you logged out it go back
Route::get('/home', 'HomeController#index');
This solved the problem for me. Hope that help.
Illuminate\Foundation\Http\Middleware\VerifyCsrfToken.php
use Closure; // import
protected $except = [
//
];
public function handle($request, Closure $next)
{
$response = $next($request);
if (last(explode('\\',get_class($response))) != 'RedirectResponse') {
$response->header('P3P', 'CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"');
}
return $response;
}
or
for all url
protected $except = [
'*'
];
or
If there is no use
Illuminate\Foundation\Http\Kernel.php
// \App\Http\Middleware\VerifyCsrfToken::class
this line add comment
Out of the box, Laravel comes with web and api middleware groups that contains common middleware you may want to apply to your web UI and API routes
If you check your app/Providers/RouteServiceProvider.php, you will find that by default, a web middleware group is applied to all your routes in routes/web.php.
protected function mapWebRoutes()
{
Route::group([
'middleware' => 'web',
'namespace' => $this->namespace,
], function ($router) {
require base_path('routes/web.php');
});
}
Now, if you go check your app/Http/Kernel.php and take a look at the $middlewareGroups property, you will find a new EncryptCookies middleware. You can read about it, but if you remove this middleware from the web middleware group, your app might not give the TokenMismatchException which you are getting currently.
I am also facing this problem when using laravel5.4 for rest API. Just add the route name to the app/Http/Middleware/VerifyCsrfToken.php file.
protected $except = [
'test/login',
];
After adding the line, then I run the API, it executes successfully.
I faced this kind of problem in version 5.3.29
The following method worked for me.
Just change the following line in your .env file.
APP_KEY=base64:aBCdeFghI+jKLMnOPqRSTuvw1xYzAbCDeFgHiJKL57+4= (example key)
remove the base64: part, and make it like following
APP_KEY=aBCdeFghI+jKLMnOPqRSTuvw1xYzAbCDeFgHiJKL57+4=
go to middleware -> verifycsrftoken.php -> add the urls in the array specified.
Im trying to restrict a route to only users whose roles are admin
Router.route('/admin', {
if(Roles.userIsInRole(Meteor.user(), ['admin'])) {
template: 'admin' };
else
template: 'restricted'
});
returned with unexpected token
The template Iron Router option is for the simple case when you just need to route to a constant template, that will never change nor need any specific parameter.
If your route is more complex (as in your case when you return a different template based on the current user's role), you have to use the action router option instead.
Note that if you are using Iron Router, the new syntax is Router.route('/path', actionFunction)
Managed to get it working thanks to ghybs's suggestion. Ive updated it to
Router.route('/admin', {
action: function() {
if(Roles.userIsInRole(Meteor.user(), ['admin'])) {
this.render('admin') }
else
this.render('denied')
}
});
If someone can provide a more tight & secure code please do input :D Thanks
After reading Discover Meteor, I'm trying to customize microscope to further practice my meteor skills.
I am using accounts-twitter and hope to display the user's twitter profile pic on each of their post submission. I user the following helper to get the post's author id in post_item.js
Template.postItem.helpers({
username: function () {
owner = this.userId;
var user = Meteor.users.findOne({
_id: owner
});
return user;
}
});
And then in post_item.html I use the following to display the profile pic:
<img class="pull-right" src="{{username.profile.avatar}}">
If I've logged in my account, I can see my profile pic next to all of my submitted posts. However, when I log out, all the profile pics will be disappeared.
Sorry for the newbie questions. Any pointers are welcome.
Thanks for your help.
Stupid me. I forgot that by default, Meteor only publishes the logged in user. Hopefully the following answer will help other meteor newbies.
Server:
Meteor.publish("allUsers", function () {
return Meteor.users.find({}, {
fields: {
profile: 1
}
});
});
Client:
Meteor.subscribe('allUsers');
Then you will be able to load all the user's profile pics using the following:
<img src="{{username.profile.avatar}}">
I've asked this before, but in a different way, so I'm hoping asking it like this could get an answer :)
What API call results in this following dialog appearing:
http://dl.dropbox.com/u/222489/publishdialog.png
By using the FB.ui({method: 'stream.publish' ... function all I get is a "Post to Your Wall" dialog, and all great Facebook games get the dialog in the screenshot. So I must be using the wrong function.
I don't understand how you've missed it, it's the first snippet of code in the FB.ui documentation:
FB.ui(
{
method: 'feed',
name: 'Facebook Dialogs',
link: 'http://developers.facebook.com/docs/reference/dialogs/',
picture: 'http://fbrell.com/f8.jpg',
caption: 'Reference Documentation',
description: 'Dialogs provide a simple, consistent interface for applications to interface with users.',
message: 'Facebook Dialogs are easy!'
},
function(response) {
if (response && response.post_id) {
alert('Post was published.');
} else {
alert('Post was not published.');
}
}
);
Result in my test app:
Its known as a Feed Dialogue.. its one of the Three Facebook Dialogues that use user interaction for doing some work...
ItI dosent need a API call (It was possible with Facebook.showFeedDialog but now facebook dosent support it) instead u redirect the user to the Url for these dialogues.
http://www.facebook.com/dialog/feed?<your different attributes as quesry string>
For having this in your own page you Can open it in an iFrameby setting attribute display=iframe but you need an access token for that..
Here is a complete description..
http://developers.facebook.com/docs/reference/dialogs/feed/