Topic: Jquery+Jquery form plug in=InvalidAuthenticityToken

I have come to the point in my coding life where I am adding Jquery to my RoR code. After a few days of feeling like I wanted to sell my laptop I finally started to get the hang of it. Now I am trying to use the Jquery form plug in to submit comments. At first, it would throw an InvalidAuthenticityToken error. I found out how fix that, but then, it only worked the first time. More clearly...
* reload page
* submit comment (success)
* submit comment (InvalidAuthenticityToken error)

Anybody run across this or have a suggestion?
Thanks for your help

Why prayer when you can fret and worry?

Re: Jquery+Jquery form plug in=InvalidAuthenticityToken

Implementing JQuery should be fairly, uh... unobtrusive... if you implement it using UJS (unobtrusive JS) principles. For example, you shouldn't have to touch your ROR code to submit a form by ajax.

In any case, I've had good luck with jRails, which pretty much makes jQuery a drop-in replacement for Prototype, with all the helper methods you've come to expect. http://ennerchi.com/projects/jrails

Ryan Heneise  |  Art of Mission  |  Now with extra-strong Donor Tools mojo

Re: Jquery+Jquery form plug in=InvalidAuthenticityToken

That's pretty much what I did (dropped in jRails) - and MOSTLY everything works fine. And I am pretty sure it's my inexperience somewhere that is causing the problem. What I have since discovered - and haven't been able to figure out why yet - is the form_authenticity_token is being changed somewhere/how on the server side. When I dig it out, I'll let the faithful know<G>.

Why prayer when you can fret and worry?

Re: Jquery+Jquery form plug in=InvalidAuthenticityToken

Resolved. sigh.
Rails 2 has forgery protection built in and when I uncommented ...
  protect_from_forgery  :secret => 'xxxxxxxxxxxxxxxxxxxxxx'
in the application.rb, apparently every time the form submission hit, the form_authenticity_token got reset. I removed the above, protect_from_forgery? continues to show true, the  form_authenticity_token doesn't mysteriously change, and the whole thing works.

For those who were offering up prayers - I thank you - as do the remaining hairs on my head.
P+

Why prayer when you can fret and worry?