[英]Rails 4: How do I prevent logged in user to impute email at checkout?
I was following a tutorial for practice and found an odd issue. 我在跟随一个实践指南,发现一个奇怪的问题。 Currently the way that its setup, any guest can create a shopping cart. 当前,它的设置方式是,任何客人都可以创建购物车。 Once at the checkout, the user has to input personal info including email which will register him as well as get mailing info. 结帐后,用户必须输入个人信息,包括电子邮件,该电子邮件将对其进行注册以及获得邮件信息。
Once the user does this, he/she gets an email stating the order and to set password for their new account using the email they just setup at the checkout. 用户执行此操作后,他/她将收到一封说明订单的电子邮件,并使用他们刚在结帐时设置的电子邮件为新帐户设置密码。 Problem is, if that same user who is logged in goes to checkout another item... they have input the same information including a new email which will create a new account, and the cycle continues. 问题是,如果登录的那个用户去结帐另一个项目...他们输入了相同的信息,包括将创建新帐户的新电子邮件,并且循环继续。
The account email they just setup at the last checkout, is taken and they have to input a new email. 他们刚刚在上次结帐时设置的帐户电子邮件将被接收,他们必须输入新的电子邮件。 You can see how odd this is, theres a continuous setting up of new account whenever someone wants to checkout an account. 您会发现这很奇怪,只要有人想结帐某个帐户,就会不断设置新帐户。
I would like to prevent this so that once a user setups an account, they dont have to constantly setup a new account just to go through the checkout. 我想防止这种情况,以便一旦用户设置了帐户,他们就不必为了结帐而不断设置新帐户。 What can be done about this problem? 该问题该怎么办? Any help would be appreciated, thank you. 任何帮助,将不胜感激,谢谢。
<h1>Checkout</h1>
<h2>You are checking out the following products:</h2>
<ul>
<% @cart.items.each do |item| %>
<li>
<em>
<%= item.quantity %>
</em>
<%= item.product.name %>
<%= number_to_currency item.total_price %>
</li>
<% end %>
</ul>
<p>
<strong>
Total price:
<%= number_to_currency @cart.total_price %>
</strong>
</p>
<%= form_for @order_form, url: orders_path do |f| %>
<%= render "orders/errors" %>
<h3>Some of your personal details</h3>
<%= f.fields_for :user, f.object.user do |u| %>
<div class="form-group">
<p>
<%= u.text_field :name, placeholder: "Name", class: "form-control input-lg" %>
</p>
<p>
<%= u.text_field :email, placeholder: "Email", class: "form-control" %>
<span class="help-block">This will help you track your order more effectively.</span>
</p>
</div>
<div class="form-group">
<div class="row">
<p class="col-md-6">
<%= u.text_field :address, placeholder: "Address", class: "form-control" %>
</p>
<p class="col-md-3">
<%= u.text_field :postal_code, placeholder: "Postal code / Zipcode", class: "form-control" %>
</p>
<p class="col-md-3">
<%= u.text_field :city, placeholder: "City", class: "form-control" %>
</p>
</div>
<p>
<%= u.country_select :country, { priority_countries: [ "GB", "US", "DE", "ES", "PT" ] }, { class: "form-control" } %>
</p>
<p>
<%= u.text_field :phone, class: "form-control", placeholder: "Phone" %>
</p>
</div>
<% end %>
<div id="dropin"></div>
<p>
<%= f.submit "Place order", class: "btn btn-primary" %>
</p>
<% end %>
<script>
braintree.setup("#{@client_token}", 'dropin', {
container: 'dropin'
});
</script>
class OrderTransaction
def initialize order, nonce
@order = order
@nonce = nonce
end
def execute
@result = Braintree::Transaction.sale(
amount: order.total_price,
payment_method_nonce: nonce
)
end
def ok?
@result.success?
end
private
attr_reader :order, :nonce
end
class User < ActiveRecord::Base
# Include default devise modules. Others available are:
# :confirmable, :lockable, :timeoutable and :omniauthable
devise :database_authenticatable, :registerable,
:recoverable, :rememberable, :trackable, :validatable
validates_presence_of :name, :address, :city, :country, :postal_code
def full_address
<<EOF
#{address}
#{postal_code} #{city}
#{country}
EOF
end
end
class OrdersController < ApplicationController
before_filter :initialize_cart
def index
@orders = Order.order(created_at: :desc).all
end
def create
@order_form = OrderForm.new(
user: User.new(order_params[:user]),
cart: @cart
)
if @order_form.save
notify_user
if charge_user
redirect_to root_path, notice: "Thank you for placing the order."
else
flash[:warning] = <<EOF
Your order ID is #{@order_form.order.id}.
<br/>
Something went wrong.
EOF
redirect_to new_payment_order_path(@order_form.order)
end
else
render "carts/checkout"
end
end
def update
@order = Order.find params[:id]
@previous_state = @order.state
if @order.update state_order_params
notify_user_about_state
redirect_to orders_path, notice: "Order was updated."
end
end
def new_payment
@order = Order.find params[:id]
@client_token = Braintree::ClientToken.generate
end
def pay
@order = Order.find params[:id]
transaction = OrderTransaction.new @order, params[:payment_method_nonce]
transaction.execute
if transaction.ok?
redirect_to root_path, notice: "Thank you for placing the order."
else
render "orders/new_payment"
end
end
private
def notify_user
@order_form.user.send_reset_password_instructions
OrderMailer.order_confirmation(@order_form.order).deliver
end
def notify_user_about_state
OrderMailer.state_changed(@order, @previous_state).deliver
end
def order_params
params.require(:order_form).permit(
user: [ :name, :phone, :address, :city, :country, :postal_code, :email ]
)
end
def charge_user(order)
transaction = OrderTransaction.new order, params[:payment_method_nonce]
transaction.execute
transaction.ok?
end
def state_order_params
params.require(:order).permit(:state)
end
end
class OrderMailer < ActionMailer::Base
default from: "sxxxxxx@gmail.com"
def order_confirmation order
@order = order
mail to: order.user.email, subject: "Your order (##{order.id})"
end
def state_changed order, previous_state
@order = order
@previous_state = previous_state
mail to: order.user.email, subject: "Your order (##{order.id}) has changed!"
end
end
Remove the input from the view, with an if statement similar to this one in the controller. 在控制器中使用类似于if的if语句从视图中删除输入。
have a look at devises, user_signed_in? 看看设计,user_signed_in? or current_user methods. 或current_user方法。
Also in the first controller you would proceed like this 同样在第一个控制器中,您将像这样继续
def create
order_user == user_signed_in? ? current_user : User.new(order_params[:user])
@order_form = (
user: order_user,
cart: @cart
)
[...]
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.