CodeIgniter Forums
Setting csrf_regenerate as TRUE - Printable Version

+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: Using CodeIgniter (https://forum.codeigniter.com/forumdisplay.php?fid=5)
+--- Forum: General Help (https://forum.codeigniter.com/forumdisplay.php?fid=24)
+--- Thread: Setting csrf_regenerate as TRUE (/showthread.php?tid=68558)

Pages: 1 2

RE: Setting csrf_regenerate as TRUE - june123 - 07-31-2017

Thanks Martin for your help. I am posting the solution in case someone needs it:

PHP Code:
$('#department_id').change(function() {

    var department_id=$("#department_id").val();
    var domain=$("#domain").val(); 
            
    $.ajax({
        'async'true,
        'type'"POST",
                urldomain "index.php/project/get_scheme",
                data: {department_iddepartment_idcsrf_test_namecsfrData.csrf_test_name},
                dataType'json',
                success
                function(j){
            
                  setCSRF(j.csrfTokenNamej.csrfTokenHash);

                  if(j.schemes.length >= 2) {
                    var options '';
                    for (var 0<= (j.schemes.length-1); i++) {
                            options += '<option value="' j.schemes[i].id '">' j.schemes[i].name '</option>';
                    }
                    $("#scheme_id").html(options);
                    $('#scheme_id option:first').prop('selected''selected');
                  }
                  else if (j.schemes.length == 1){
             
                   options += '<option value="' j.schemes[0].id '">' '------------------------------------' '</option>';
                    $("#scheme_id").html(options);
                    $('#scheme_id option:first').prop('selected''selected');
                  }
                  else{
                    $("#scheme_id").val(j.schemes[1].id);alert(j.schemes.length);
                               
            }
          });
  
   }); 

Like this, other drop-down boxes are filled up through ajax call. 

Now when I try to submit the form, again "Action you have requested is not allowed" message comes up. The hidden csrf field generated by form_open doesnt get updated with the latest csrf token value.

RE: Setting csrf_regenerate as TRUE - Martin7483 - 07-31-2017

(07-31-2017, 12:19 AM)june123 Wrote: Like this, other drop-down boxes are filled up through ajax call. 

Now when I try to submit the form, again "Action you have requested is not allowed" message comes up. The hidden csrf field generated by form_open doesnt get updated with the latest csrf token value.

Just like with the AJAX call you will need to update the CSRF token field and value with the latest CSRF.
You can append a hidden field with the new value, and remove the old one when you hit the submit button