(07-13-2017, 11:36 AM)pippuccio76 Wrote: (07-13-2017, 10:52 AM)Paradinight Wrote: (07-13-2017, 10:44 AM)pippuccio76 Wrote: (07-13-2017, 09:44 AM)pippuccio76 Wrote: (07-13-2017, 09:13 AM)pippuccio76 Wrote: It's a free host this is the page :
link with ajax problem
I change the code of metdod with a value (costant) instead a $_POST value , the problem is the same , but if i visit the link :
link
the method work correctly
Problem partially solved :
if i set $config['csrf_protection'] = FALSE;
the ajax call work , but is it secure ?
How can i secure the script ?
you need to return a new token.
https://www.codeigniter.com/user_guide/l...rgery-csrf
return a json string with the html and the token
I use form_open() but i don't understand wath i have to do ....
This is my new code :
Code:
$(document).ready(function() {
$("#regione_id").change(function(){
$("#comune_id").html('<option value="" selected="selected">-- seleziona --</option>');
var regione_id = $("#regione_id").val();
console.log(regione_id);
$.ajax({
type: "POST",
url: "<?php echo site_url(); ?>/user/get_province",
data: {
func: 'getNewLocations',
'<?php echo $this->security->get_csrf_token_name(); ?>' :
'<?php echo $this->security->get_csrf_hash(); ?>',
regione:regione_id},
dataType: "html",
success: function(msg)
{
$("#province_id").html(msg);
},
error: function()
{
alert("Chiamata fallita, si prega di riprovare...");
}
});
});
The first call it's ok , the second the same error