Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Using CodeIgniter Best Practices CSRF + ajax/jquery problem
CSRF + ajax/jquery problem
  • Offline dave friend
    Posting Freak
  • *****
  • Posts: 1,015
    Threads: 15
    Joined: Jun 2015
    Reputation: 50
#2
09-08-2017, 02:44 PM
(This post was last modified: 09-09-2017, 09:41 AM by dave friend.)

You will need to return the new CSRF hash value to your ajax success method and use the value to update the hidden CSRF field.

In the controller you can use the security class to get the CSRF token name and hash like this

PHP Code:
$token $this->security->get_csrf_token_name();
$hash $this->security->get_csrf_hash(); 

Then, assuming you will return json data, echo a json encoded array containing this info... and anything else needed to update the page.

PHP Code:
echo json_encode(array('token' => $token'hash' => $hash'other' => $something'more_stuff' => $more); 

Then, back at the .ajax success function, some javascript along these lines to update the CSRF field

Code:
success: function (results) {
   //find the CSRF field and update with new hash value
   $("input[name=" + results.token + "]").val(results.hash);

  // code for refreshing other stuff...
},
Reply


Messages In This Thread
CSRF + ajax/jquery problem - by fedde - 09-08-2017, 09:58 AM
RE: CSRF + ajax/jquery problem - by dave friend - 09-08-2017, 02:44 PM
RE: CSRF + ajax/jquery problem - by fedde - 09-08-2017, 10:53 PM



Theme © iAndrew 2016 - Forum software by © MyBB