apigy / selfstarter Goto Github PK
View Code? Open in Web Editor NEWRoll your own crowdfunding
Home Page: selfstarter.us
License: Other
Roll your own crowdfunding
Home Page: selfstarter.us
License: Other
It's also open-source and works like a charm.
Rather than a vanilla install, perhaps some basic "common sense" configuration files would be included so that admins could manage the site.
I'm happy to take a poke at it unless people have other ideas?
attempting to do a test deployment in passenger/rails, on apache debian 7 On first loading the home page I get the following errors in production.log on each load.
Processing by PreorderController#index as HTML
Rendered preorder/homepage/_value_proposition.html.erb (0.1ms)
Rendered preorder/homepage/_stats.html.erb (4.2ms)
Rendered preorder/homepage/_show_dont_tell.html.erb (6.9ms)
Rendered preorder/index.html.erb within layouts/application (9.1ms)
Completed 500 Internal Server Error in 13ms
ActionView::Template::Error (Could not find table 'orders'):
20:
backers' app/views/preorder/homepage/_stats.html.erb:23:in
_app_views_preorder_homepage__stats_html_erb__2073994486629224114_25188540'_app_views_preorder_homepage__show_dont_tell_html_erb__3475623890237893136_28590920' app/views/preorder/index.html.erb:1:in
_app_views_preorder_index_html_erb__186831979415567911_28930260'The README asks you to setup the db using the rake db:migrate
command. This is incorrect. Migrations are not how new developers get their database setup. The schema.rb is to be used for this. In fact, you should be able to delete old migration files from the project file without consequence to new contributors.
The rake db:schema:load
(or better yet the rake db:setup
) is what should be used to create the database based on the schema defined in the schema.rb file, instead of using migration files.
http://stackoverflow.com/questions/10122772/remove-past-migration-in-rails/10123000#10123000
I used rails_admin to create an admin interface and I got the ActiveRecord::StatementInvalid error. It turned out that user_id in orders table is a string, not an integer. https://github.com/lockitron/selfstarter/blob/master/db/migrate/20121004072706_create_orders.rb
Is there a reason for that?
I have created and pushed the app to heroku. Now I have customized the config/settings.yml file and am trying to update the site with git push heroku master, but it keeps saying everything up-to-date.
How do you update changes?
Maybe I'm missing something, but it looks to me like the signature param is never verified during OrdersController#postfill
. That means that anyone could construct a URL for that action.
Granted, it doesn't seem too worrisome given what that controller does, but someone could, for instance, potentially snag an authorized token, change the shipping address, and then pass along the altered values to the Selfstarter app.
Hi,
I like this platform very much and would like to be able to use it on a 3rd party hosting platform for my startup site.
I do not see any documentation around it and I am not a very technical person.
Can someone guide me?
Thanks in Advance.
Krishna
Hey!
I've tried deploying selfstarter via Heroku. I keep getting the 500 error. I tried 3 different accounts and various ways of installation. I'm new to Heroku & Ruby.
I'd be glad to get some help :)
Thanks in advance!
When I ran
rake db:migrate
I received two warnings of deprecation
They are:
DEPRECATION WARNING: config.whiny_nils option is deprecated and no longer works. (called from block in <top (required)> at /home/thiagovsk/projetos/selfstarter/config/environments/development.rb:10)
DEPRECATION WARNING: Model based mass assignment security has been extracted
out of Rails into a gem. Please use the new recommended protection model for
params or add protected_attributes
to your Gemfile to use the old one.
To disable this message remove the whitelist_attributes
option from your
config/application.rb
file and any mass_assignment_sanitizer
options
from your config/environments/*.rb
files.
See http://guides.rubyonrails.org/security.html#mass-assignment for more information.
DEPRECATION WARNING: The Active Record auto explain feature has been removed.
To disable this message remove the active_record.auto_explain_threshold_in_seconds
option from the config/environments/*.rb
config file.
See http://guides.rubyonrails.org/4_0_release_notes.html for more information.
I do not know how is the contributions but I can solve it for you.
Hey there.
I've created a branch that uses Stripe, not Amazon Payments. It's here:
https://github.com/paterson/selfstarter/tree/stripe
If you create a new branch called stripe I'll push it up to that and leave it there.
I'm happy to leave the master using Amazon Payments but give people the option to use Stripe by using a different branch.
Thoughts?
~/tmp/selfstarter (develop ✔) ᐅ brakeman
Loading scanner...
[Notice] Detected Rails 3 application
Processing application in /Users/user/tmp/selfstarter
Processing configuration...
[Notice] Escaping HTML by default
Processing gems...
Processing initializers...
Processing libs...
Processing routes...
Processing templates...
Processing data flow in templates...
Processing models...
Processing controllers...
Processing data flow in controllers...
Indexing call sites...
Running checks in parallel...
- CheckBasicAuth
- CheckCrossSiteScripting
- CheckContentTag
- CheckDefaultRoutes
- CheckDigestDoS
- CheckEscapeFunction
- CheckEvaluation
- CheckExecute
- CheckFileAccess
- CheckFilterSkipping
- CheckForgerySetting
- CheckJRubyXML
- CheckJSONParsing
- CheckLinkTo
- CheckLinkToHref
- CheckMailTo
- CheckMassAssignment
- CheckModelAttributes
- CheckModelSerialize
- CheckNestedAttributes
- CheckQuoteTableName
- CheckRedirect
- CheckRender
- CheckResponseSplitting
- CheckSafeBufferManipulation
- CheckSanitizeMethods
- CheckSelectTag
- CheckSelectVulnerability
- CheckSend
- CheckSendFile
- CheckSessionSettings
- CheckSingleQuotes
- CheckSkipBeforeFilter
- CheckSQL
- CheckStripTags
- CheckSymbolDoS
- CheckTranslateBug
- CheckUnsafeReflection
- CheckValidationRegex
- CheckWithoutProtection
- CheckYAMLLoad
- CheckYAMLParsing
Checks finished, collecting results...
Generating report...
+BRAKEMAN REPORT+
Application path: /Users/user/tmp/selfstarter
Rails version: 3.2.13
Brakeman version: 1.9.4
Started at 2013-03-19 18:34:55 -0700
Duration: 0.796561 seconds
Checks run: BasicAuth, ContentTag, CrossSiteScripting, DefaultRoutes, DigestDoS, EscapeFunction, Evaluation, Execute, FileAccess, FilterSkipping, ForgerySetting, JRubyXML, JSONParsing, LinkTo, LinkToHref, MailTo, MassAssignment, ModelAttributes, ModelSerialize, NestedAttributes, QuoteTableName, Redirect, Render, ResponseSplitting, SQL, SafeBufferManipulation, SanitizeMethods, SelectTag, SelectVulnerability, Send, SendFile, SessionSettings, SingleQuotes, SkipBeforeFilter, StripTags, SymbolDoS, TranslateBug, UnsafeReflection, ValidationRegex, WithoutProtection, YAMLLoad, YAMLParsing
+SUMMARY+
+-------------------+-------+
| Scanned/Reported | Total |
+-------------------+-------+
| Controllers | 2 |
| Models | 3 |
| Templates | 21 |
| Errors | 0 |
| Security Warnings | 3 (2) |
+-------------------+-------+
+-----------------------+-------+
| Warning Type | Total |
+-----------------------+-------+
| Redirect | 1 |
| Remote Code Execution | 1 |
| Session Setting | 1 |
+-----------------------+-------+
+SECURITY WARNINGS+
+------------+--------------------+---------+-----------------------+--------------------------------------------------------------------------------------->>
| Confidence | Class | Method | Warning Type | Message >>
+------------+--------------------+---------+-----------------------+--------------------------------------------------------------------------------------->>
| High | | | Remote Code Execution | json gem version 1.7.6 has a remote code vulnerablity: upgrade to 1.7.7 >>
| High | | | Session Setting | Session secret should not be included in version control near line 7 >>
| Weak | PreorderController | prefill | Redirect | Possible unprotected redirect near line 29: redirect_to(AmazonFlexPay.multi_use_pipeli>>
+------------+--------------------+---------+-----------------------+--------------------------------------------------------------------------------------->>
ArgumentError in PreorderController#prefill
wrong number of arguments (3 for 2)
Rails.root: /Users/trang/Downloads/selfstarter
Application Trace | Framework Trace | Full Trace
app/controllers/preorder_controller.rb:29:in `prefill'
Request
Parameters:
{"utf8"=>"✓",
"authenticity_token"=>"",
"payment_option"=>"1",
"email"=>"",
"preorder"=>"true",
"quantity"=>"",
"commit"=>"Checkout"}
Show session dump
Show env dump
Response
Headers:
None
~/tmp/selfstarter ᐅ holepicker .
Fetching list of vulnerabilities...
1 new vulnerability found in the last 7 days:
2013-03-18 (rails): http://weblog.rubyonrails.org/2013/3/18/SEC-ANN-Rails-3-2-13-3-1-12-and-2-3-18-have-been-released/
Looking for gemfiles...
/Users/user/tmp/selfstarter/Gemfile.lock: 2 vulnerable gems found!
- multi_xml (0.2.2) [#3]
- rack (1.4.3) [#7]
2 vulnerable gems found in 1 gemfile!
[#3] 2013-01-11: https://twitter.com/sferik/status/289640482420695040
[#7] 2013-02-08: http://rack.github.com/
Hey Folks,
Ed Burke emailed me today suggesting we leave a branch in this repo for rails 3 and ruby 1.9.3 (ie what it was before I upgraded everything yesterday to rails 4/Ruby 2). I'd agree with that. Anyone who has access, could you create a branch called
rails3ruby1.93
and another branch
rails4ruby2
?
I've got pull requests ready to go on them here:
https://github.com/paterson/selfstarter/tree/rails3ruby1.93
https://github.com/paterson/selfstarter/tree/rails4ruby2
I then suggest we have a quick chat below about which one we want as master. They both work fine, but might be worth it anyway.
Thoughts?
Supporting bitcoin payments would be a great feature
Hi guys,
Do you have any suggestion on having some kind of Sandbox mode to fake payments for testing purposes?
I haven't been able to see this in the docs or commits.
Thanks
Hi! I would like to microdonate to your project using Flattr. Thanks!
use one of the two:
that is free for the projects open source
bundle install --without production, can you please revise this line? I'm using windows and I get an error every time.
When i open the example page in safari, it downloads a binary file file, possibly a problem with the video placeholder as in #82
how to do integration?
It seems that in 294537f the call to AmazonFlexPay.multi_use_pipeline was updated to use the method signature provided in amazon_flex_pay 0.10.0. Gemfile.lock file still lists amazon_flex_pay 0.9.13, which is incompatible, so it should be updated.
Kickstarter's main strength over selfstarter is its brand recognition and its directory of projects. To compete, you need to have a central location where you can discover more projects. How about adding a hook / plugin to publish yourself to a central directory somewhere?
I see on the bottom of the site I cloned:
© You. Made by the guys at Lockitron. MIT License.
What part of this can be changed?
I'm not an expert on FOSS licenses, but this tells me that "I must retain the original copyright."
When I run 'bundle install --without production' I get an error with the atomic gem. So I run 'gem install atomic' and it says I need build tools and refers me to devkit, but I have devkit and have reinstalled devkit. Stuck.
Selfstarter seems like just what we're looking for but when you go to http://selfstarter.us/ the site is down -- page says:
Application Error
An error occurred in the application and your page could not be served. Please try again in a few moments. If you are the application owner, check your logs for detail
Does not build a lot of confidence. Any fix or other options?
I must be missing something but I cant seem to find how I actually collect the money from the people that sign up and support my campaign. I have pushed my app to heroku and everything seems to be working fine. It allows the customer to click on the reserve now button and it takes them to amazon, it even redirects them to the thank you page after they have hit confirm on amazon. The problem is I want to start collecting money and I can't seem to find where I can do that at on my amazon account. What am I missing here? and help would be great! Thank you!
the line where
self.uuid = some_value
is blowing up with the newest change when trying to create a new user.
Was there a migraiton adding uuid to the user table that is missing from this check in?
I am getting an error, when going to payment processing when it hits this.
I noticed others have removed this code in user.rb to get the application working again.
Are there plans to make this available as an engine?
before hearing about your project i've followed for a while another RubyOnRails crowdfunding platform:
http://catarse.me
https://github.com/danielweinmann/catarse
on funny side it looks like they also don't have much tests yet :(
"Currently, a lot (lot!) of functionality are not tested. If you don’t know how to start contributing, please help us regaining control over the code and write a few tests for us! Any doubt, please join our Google Group at http://groups.google.com/group/catarse-dev and we will help you out."
maybe by joining efforts we could have one but well tested RoR crowdfunding platform?
My apologies ahead of time - I'm new to Ruby/Rails - but figured I could just follow the directions and get this running on Heroku.... Almost...
Seems like the video placeholder file works on my localhost - but NOT when running in Heroku - I know it's something to do with assets - but not sure what. Any guidance would be appreciated.
Here are the working and non working sites with image inspected...
Fix: Update Rails from 3.2.11 to 3.2.13** (latest at present).
Updated**: latest is not 3.2.12.
A friend sent me the lockitron/selfstarter site and I am thoroughly intrigued. I have been looking into White Label opportunities, but would prefer a lower cost option if possible and this seems to be the answer. However, I am also a bit nervous as my current partner and I are not tech savvy. So as you may have guessed, I would like to start a crowdfunding platform. I am based in NYC and I think bringing on someone who can handle the IT aspect (basically creating the site from something like selfstarter, backend and frontend development, and maintenance). If anyone is interested, please email me at [email protected]
Thanks,
Jared
I have deployed selfstarted to Heroku and I have tested it locally with sandbox and it always seems to fail on the last step of amazon payments. After I put in my credit card information and click confirm I get the Heroku error "We're sorry, but something went wrong". I have tried with several different clones and cannot seem to get it working. I was wondering if this is a problem with Amazon but everything seems to work fine until the last step. Selfstarter still counts it as a backer and I can see the payment in the account i paid with, but not in the seller account. I have uploaded an image of the heroku log that contains the error
I intend to deploy Selfstarter on Heroku by simly following the instructions.
The app was successfully uploaded, but when I open it I see that the layout of the website is broken and only text is rendered.
What could be the issue?
Thanks
Why can't pass the rspec test? I got something like this:
Failure/Error: it { should allow_mass_assignment_of property }
NoMethodError:
undefined method `active_authorizer' for #<Class:0x007fe563655180>
18) Order class methods .percent calculates the percent based on #goal and #current
Failure/Error: Order.percent.should == 2.48 * 100
expected: 248.0
got: 0.0 (using ==)
20) Order class methods .revenue multiplies the #current with price from Settings
Failure/Error: Order.revenue.should == 24
expected: 24
got: 0.0 (using ==)
Hi all, I'm having trouble with assets compilation.
I followed the Readme.md for heroku deployment and it seems that the javascript/css/img assets are not being compile in production: http://gl-sh.herokuapp.com/.
Best
(edit: clarifying the assets were not being compiled)
Just wanted to mention we booted up a pogoapp demo of this, just switching pg -> mysql2, the rest works out of the box (it's not setup to actually accept payments): http://selfstarter.a.pogoapp.com/
Thanks for the code!
In the application.css and javascript.js you need to update jquery.ui.all to jquery-ui.
Hi,
I am planning for a contribution for this repo and configured the application in my local But when I run the test suite all the test cases are failing because of deprecation of mass assignment for rails 4
Hi, I found a very serious issue, please help.
When I am using selfstarter, I was testing the checkout function,
so I clicked the checkout buttons many times, it leads me to Amazon site,
But I never really process the payment in Amazon.
But then, on the selfstarter homepage, the number of backers and money is still counting it.
so now I got many "test" backers and thousands of money funded...
Can you please help on how to fix it?
And Is there any way that I can Erase all those backers" record?
Like can I make it back to 0 backers and $0 funded?
Thanks a lot.
I do not see any current capability to display a flexible contribution amount form field, rather than radio buttons of pre-defined contribution amounts.
If use_video_placeholder parameter in settings.yml is set to true, the placeholder is placed on top of the Youtube video window. As the user clicks the placeholder, the placeholder should disappear and the video should start playing, however this does not happen and the placeholder does not respond to clicks.
Hi, I would like to create another web page within the selfstarter,
like Contact Us or FAQ...etc pages, and with the same header, footer.
I tried to put a new html file into the folder: /app/views/preorder/contactus.html
then I expect to have a page with the link: /preorder/contactus.html
but seems it's not working.
(Sorry, I am not a programmer)
Can you please help and tell me how to create another webpage that look like the checkout page with the header and footer?
Thanks a lot.
Can you please add support for Bitcoin and Litecoin. This will eliminate the needs for Paypal, Amazon, VISA, MC and banks.
FreeNode IRC channel #bitcoin-dev (Development and technical) is probably a good source for additional information.
Hi, Thanks for sharing this great source.
I would like to have the "quantity" option in checkout page for people to select/input the number of products they want to buy, like your Lockitron checkout page for people to select.
Right now, the checkout page only have the email field and checkout button,
Can you please help and tell me how to add this "quantity" function to the site?
and i hope it can trigger the dollars counting on the homepage too, is it possible?
THANKS A LOT.
yu
I cannot for the life of me find how to delay the payment using flexpay. Does the current implementation do this?
When setting up the app and running it for the first time, I receive an undefined method
environment' for nil:NilClasserror. When I disable all imports from
main.css.scss` the site works fine, although without any styling. Any idea what is going wrong?
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.