collection_select ajax.Updater InvalidAuthenticityToken

Hi,

I'm currently using the latest version of rails 2.0.2 with cookies.
My problem is as follows, to which I've not found any help on google
etc.

I have a page which presents the user with two drop-down menus. The
first one, for example, asks for a car manufacurer, and the second,
which by default is blank, will ask for the model. Within my view I
use the following

<%= collection_select(:manufacturer, :manufacturer_id,
@manufacturers, :id, :description, options ={:prompt => "-Select a
Manufacturer"},
           {
             :onChange => "new Ajax.Updater('manufacturer_model_id', '/
models/list_by_manufacturer_id/'+ this[this.selectedIndex].value,
{asynchronous:true, evalScripts:true})"
           }
         ) %>

<%= collection_select(:manufacturer, :model_id,
@models, :id, :description, options ={:prompt => "-Select a model"})%>

The above works fine. When I choose a manufacturer from the first
selection it fires the js but rails then returns an error:

  ActionController::InvalidAuthenticityToken
    in ModelController#list_by_manufacturer_id

I believe the problem might be because I need to pass the
authenticity_token as part of the request, though I'm not sure, and if
so I'm uncertain as to how I go about passing it within the ajax call.

Any help/direction would be greatly appreciated

seems i might be getting a little closer with the following code

<%= collection_select(:manufacturer, :manufacturer_id,
@manufacturers, :id, :description, options ={:prompt => "-Select a
Manufacturer"},
           {
             :onChange =>
link_to_remote("",:update=>"manufacturer_model_id',:url=>{:controller=>:models, :action=>:list_by_manufacturer_id})
           }

         ) %>

This seems to create the HTML etc correctly with the
authenticity_token, but when I click on the select list nothing is
every fired - no ajax call is ever made.

Any ideas?

dispite hoping to use link_to_remote I've ended up manually typing the
following;

<%= collection_select(:manufacturer, :manufacturer_id,
@manufacturers, :id, :description, options ={:prompt => "-Select a
Manufacturer"},
           {
:onChange =>
               "new Ajax.Updater
               ('member_id_selection',
                '/models/list_by_manufacturer_id/'+
this[this.selectedIndex].value,
                {asynchronous:true, evalScripts:true,
                parameters:'authenticity_token='+
encodeURIComponent('"+form_authenticity_token.to_s+"')}
               )"
         ) %>

This actually works but seems but surely the helper method should have
worked. Does anyone knoe whether I could redo this in a far cleaner
way, i.e. using a helper?

thanks

seems i might be getting a little closer with the following code

<%= collection_select(:manufacturer, :manufacturer_id,
@manufacturers, :id, :description, options ={:prompt => "-Select a
Manufacturer"},
          {
            :onChange =>
link_to_remote
("",:update

>
"manufacturer_model_id
',:url=>{:controller=>:models, :action=>:list_by_manufacturer_id})
          }

        ) %>

This seems to create the HTML etc correctly with the
authenticity_token, but when I click on the select list nothing is
every fired - no ajax call is ever made.

link_to_remote actually creates an <a> with an onclick that does the
ajaxy stuff. In this sort of situation you want to use remote_function
(takes basically the same arguments as link_to_remote, barring of
course the first one)

Fred

thanks, that actually worked. I knew i must have been missing
something.

thanks again

hiddenhippo wrote:

thanks, that actually worked. I knew i must have been missing
something.

thanks again

can you show me your controller? i have the same problem too.

thanks

--william

The code in question would lie in the view rather than the
controller. Stealing blindly from what was posted above:

<%= collection_select(:manufacturer, :manufacturer_id,
  @manufacturers, :id, :description,
  {:prompt => "-Select a Manufacturer"},
  { :onChange =>
remote_function(:url=>..., :method=>..., :with=>"manufacturer_id")}
  ) %>

thank you all. my problem is done