Problem with Ajax requests

[eluser]trumnation[/eluser]
Hi guys,

On a page I have a link that simply calls a javascript function which makes an ajax request to the server. My problem is that codeigniter is giving me the "This operation is not allowed" error. I've got this before with forms because of the csrf.. however this is NOT a form, just a link. Does anyone know why this is happening and suggestions on how to fix it? JS Code below. The link calls this function OnClick.

Code:

function approveQuote(quoteId,campus_city,decision,table,place){
    $.ajax({  
        type: "POST",
        url: base+place+"/ajax/"+table+"/",
        data: 'quoteId='+quoteId+'&decision;='+decision+'&campus;_city='+campus_city,
        beforeSend:function() {
        },
        success: function(data) {
            if(data == false){
                commonAlert('There was an error processing your request. Please refresh the page and try again.','Error');
            } else {
                if(decision == 'apr'){
                    $("#quote-"+quoteId).after('<div class="success"><center>Quote #'+data+' Approved.</center></div>');
                    $("#quote-"+quoteId).hide();
                } else if(decision == 'rej'){
                    $("#quote-"+quoteId).after('<div class="error"><center>Quote #'+data+' Rejected.</center></div>');
                    $("#quote-"+quoteId).hide();
                } else if(decision == 'esc'){
                    $("#quote-"+quoteId).after('<div class="notice_small"><center>Quote #'+data+' has been escalated to admin.</center></div>');
                    $("#quote-"+quoteId).hide();
                }
            }
        },
        error: function() {
            commonAlert('The connection to the server was reset, please try again.','Connection Error');
        }
    });
    return false;
}

[eluser]_TubbZ_[/eluser]
Is that the correct way to pass post data with an ajax request in jQuery? I use an array like:

Code:

data : {key : "value", key2 : "value2"}

I would also check to see if the:

Code:

url: base+place+"/ajax/"+table+"/"

is pointing at the correct and valid url.

[eluser]trumnation[/eluser]
Yup, the way I've written it is another way to pass data to the server. This function did work on Codeigniter 1.7.x, I am merely trying to upgrade to 2.0.

[eluser]InsiteFX[/eluser]
Pass it in Json format.

InsiteFX

[eluser]trumnation[/eluser]
Tried changing to passing data using Json, replacing the data line above with the following:

Code:

data: {'quoteId' : quoteId, 'decision' : decision, 'campus_city' : campus_city},

Even with the change, I am still getting the same error. Any other ideas?

Thanks for the help!

[eluser]InsiteFX[/eluser]
I think you also need to pass the csrf token key to it, if you have it set.

InsiteFX

[eluser]trumnation[/eluser]
[quote author="trumnation" date="1300307879"]Hi guys,
I've got this before with forms because of the csrf.. however this is NOT a form, just a link. [/quote]

there is no form on the page so no csrf for me to send with it, hence why
I'm confused about this error.. Unless, is there another way to generate a csrf without a form
open tag??

[eluser]InsiteFX[/eluser]
Try adding this to your html header section:

Code:

<$cript type="text/javascript">
    //&lt;![CDATA[
        var base_url = '&lt;?php echo base_url();?&gt;';
    //]]>
</$cript>

Rplace $ with s in script tags!
Then you can use base_url in your javascript code.

InsiteFX

[eluser]Eric Barnes[/eluser]
[quote author="trumnation" date="1300407409"][quote author="trumnation" date="1300307879"]Hi guys,
I've got this before with forms because of the csrf.. however this is NOT a form, just a link. [/quote]

there is no form on the page so no csrf for me to send with it, hence why
I'm confused about this error.. Unless, is there another way to generate a csrf without a form
open tag??[/quote]

Even with out a form you are posting data so if the csrf protection is enabled then it will not work. So I would recommend either disabling it or sending the csrf token and cookie with the ajax call.

[eluser]Eric Barnes[/eluser]
Since this seems to be a common issue I just wrote a short tutorial on this for all the others
http://ericlbarnes.com/blog/post/codeign..._with_ajax