When I try to set csrf_protection in codeigniter to true
$this->config->set_item('csrf_protection', TRUE);
from the controller the token is not generated even if the value is really set to true and in the form the hidden input is set but with the native name value and not with the one I set
$this->config->set_item('csrf_cookie_name', 'cookie_direct')
like if the security library must be reloaded.
I can't use $config['csrf_ignore'] because I want the opposite, all the controllers on
$config['csrf_protection'] = FALSE;
or
$config['csrf_protection'] = true;
with AJAX when the user makes a choice.
Is there any solution?
Related
When there is a failed validation , my form page was redirected to 'localhost' which is the php info page instead of form page to be displayed again. I don't know what's wrong. P. S I'm working with laravel 5.2.35
Try this
return redirect()->back()->with('failAuth', true);
At the page where your form is, you can add this line
<script>
var failAuth = "{{Session:has('failAuth')}}";
if (failAuth)
{
alert("Authentication failed. Please resubmit your form"); //or whatever code you wanna execute
}
</script>
Hope it helps =)
You can use following code to achieve this:
You can refer to this at Laravel Validation
if ($validator->fails()) {
return redirect('your_form_url')
->withErrors($validator)
->withInput($input_variable);//optional
}
You can then display these errors by referencing $errors variable in your view.
Note: The $errors variable is bound to the view by the Illuminate\View\Middleware\ShareErrorsFromSession middleware, which is provided by the web middleware group. When this middleware is applied an $errors variable will always be available in your views, allowing you to conveniently assume the $errors variable is always defined and can be safely used.
from Ajax the controller does get the keyword I want, as it confirms it (because I echo it), and my idea was that on getting that keyword, it should redirect to the page I want. Yet, it does not, and also, while it does change the locale, I have to reload the page, otherwise, it won't show any translation and locale changes on the page. In Firebug when I hover over the POST, I get the correct URL to where I would want to go: sort of http://myweb.com/es but the controller does not change the http URL box of my browser on my web to go there.
I am simplifying the Controller code here, but actually I will want it to go to different URLs depending on the keyword it gets, something that I would do with a switch statement or IF else if etc.
So the controller is as simple as this:
public function changelanguage()
{
$lang = \Input::get('locale');
echo "I got $lang";
Session::put('locale', $lang);
return redirect('/es');
}
If instead of using ajax I use a Form, then I dont need to reload, the Action of the form makes the controller change the locale and translate the page without reloading. But I need to use ajax and in any case, the controller does get correctly the keyword ('en', 'es', 'de' etc ) for languages, so it should take it from there and redirect me to the URL page, but it just doesnt move.
if you are curious about the Ajax, here it is, but it does send the keyword as I said.
$(document).ready(function(){
$('.choose-language').on('click', function(e){
e.preventDefault();
var selectedlanguage = $(this).data('value');
$.ajax({ // so I want to send it to the controller
type:"POST", // via post
url: 'language',
data:{'locale': selectedlanguage},
}); // HERE FINISHES THE $.POST STUFF
}); //HERE FINISHES THE CLICK FUNCTION
}); // HERE FINISHES THE CODE
ROUTES
Route::post('language', array(
'as' =>'language',
'uses' => 'LanguageController#changelanguage'
));
If you’re trying to perform the redirect in the AJAX-requested script, then it won’t work. You can’t redirect from a script request via AJAX otherwise people would be doing all kinds of nefarious redirects.
Instead, set up a “success” handler on your AJAX request that refreshes your page if the request was successful. It can be as simple as:
var url = '/language';
var data = {
locale: $(this).data('value');
};
var request = $.post(url, data)
.success(function (response) {
// Script was successful; reload page
location.reload();
});
I’m not sure how you’re allowing users to select locales, but since you need a reload any way I think AJAX is pointless here. Just have a traditional form that submits the new locale to an action, set the locale in a session/cookie/whatever, and then redirect back to the referring page.
I have the following routes for the news that works like a charm:
$word5 = urlencode('mygreek-keyword-here');
$route[$word5] = "news/displayAllNews";
and this page display all news with the desired keyword in the address bar. But...there is always a but...I have paging on this page, so when i click on next page link...page works but with old non-friendly seo url, that is:
news/displayAllNews/10/10
while I would like to have is: mygreek-keyword-here/10/10
code that i have in my controller for the paging is as follow:
$config['base_url'] = site_url('/news/displayAllNews/'.$limit.'/');
what should i do in routes.php and in my controller to get the desired result?
Regards, John
You could get the string of URI by $this->uri->uri_string() method, and set the pagination config as follows:
$config['base_url'] = site_url($this->uri->uri_string() .'/'. $limit.'/');
Note that the URI library is loaded automatically, it doesn't need to load it manually.
Update:
Change the route rule to:
$route["$word5(.*)"] = "news/displayAllNews$1";
If it doesn't work yet, remove the .'/'. $limit.'/' phrase and let the pagination to add the limit itself by:
$config['per_page'] = 10; // or $limit, default items per page.
$config['use_page_numbers'] = FALSE;
I am using the popular jquery cookie plugin to set a session cookie value via javascript like so:
function ChangeLoginUser(sel) {
var selectedUser = sel.options[sel.selectedIndex].value;
$.cookie("LoginUser", selectedUser);
location.reload(true); //refresh
}
This function is called after user selects from a site global drop-down box option.
Change the value on page1 - the cookie is set CookieName = Value1.
Go to page2 - The cookie is persisting correctly
Change the drop-down value to value2 - Fiddler now shows two cookies by the same name with both values like this:
CookieName = value2
CookieName = value1
I don't understand why this is happening. I need to keep only one cookie of this name. The new value is supposed to replace the old one.
Ok. It looks like the problem was with the cookie path. Each URL can have a separate cookie with the same name. The solution is to set the path to be domain wide like this:
$.cookie("LoginUser", selectedUser, { path: '/' });
or, if you need to narrow it down to only your application you can do it like this:
$.cookie("LoginUser", selectedUser, { path: AppPath });
where AppPath can be set in the beginning of your shared layout
<script type="text/javascript">
var AppPath = '#Url.Content("~/")'
</script>
Usually, I just set a $feedback var or array and then check for that to display in my views.
However, it occurred to me I should perhaps use flashdata instead.
The problem is sometimes - for say an edit record form, I may simply want to reload the form and display feedback - not redirect. when i use flashdata, it shows but then it shows on the next request as well.
What would be the best practice to use here?
CodeIgniter supports "flashdata", or session data that will only be available for the next server request, and are then automatically cleared.
u use hidden field for that
I would use the validation errors from the Form validation class and load those directly to the view in its 2nd argument.
$this->form_validation->set_error_delimiters('<p>', '</p>');
$content_data = array();
if (!$this->form_validation->run()) {
$content_data['errors'] = validation_errors();
}
$this->load->view('output_page', $content_data);
Then check in your view whether $errors isset.
Controller:
$data['message'] = 'some message you want to see on the form';
$this->load->view('yourView', $data);
View:
if (isset ($message)) : echo $message; endif;
...