Hello,
I have a problem with ajax and csrf. -
this is my code:
view:
Code:
<script>
$('#view').html('<i class="fa fa-spinner fa-spin text_primary"></i>');
$.ajax({
url: "https://site.com/api/view",
type: "POST",
contentType: "application/json",
headers: {'X-Requested-With': 'XMLHttpRequest'},
data: {'<?= csrf_token() ?>':'<?= csrf_hash() ?>'},
cache: false,
success: function(data){
$('#view').html(data);
/* $.each(data, function(i,data){
json_data = '<tr>'+
'<td valign="top">'+
'<div class="feed_title">'+data.name+'</div>'+
'</td>'+
'</tr>';
$(json_data).appendTo('#view');
});*/
},error: function(xhr, status, error){
alert(xhr.responseText);
}
});</script><script><script>
controller:
PHP Code:
public function view() {
if ($this->request->getMethod() == 'post') {
if ($this->Session->get('id') != NULL) {
$data = $this->Resume->where('userID', session()->get('id'))->orderBy('fromY', 'asc')->findAll();
$response[] = array('status' => '200');
foreach($data as $row)
{
$response[] = array(
"id" => $row['userID'],
"name" => $row['name'],
);
}
} else {
$response = [
'status' => '201',
'error' => 'No Data Found'
];
}
} else {
$response = [
'status' => '201',
'error' => 'Request not allowed'
];
}
return $this->response->setJSON($response);
}
error:
Code:
{
"title": "CodeIgniter\\Security\\Exceptions\\SecurityException",
"type": "CodeIgniter\\Security\\Exceptions\\SecurityException",
"code": 403,
"message": "The action you requested is not allowed.",
"file": "/home/X/system/Security/Security.php",
"line": 240,
"trace": [
{
"file": "/home/X/system/Security/Security.php",
"line": 240,
"function": "forDisallowedAction",
"class": "CodeIgniter\\Security\\Exceptions\\SecurityException",
"type": "::"
},
{
"file": "/home/X/system/Filters/CSRF.php",
"line": 57,
"function": "verify",
"class": "CodeIgniter\\Security\\Security",
"type": "->"
},
{
"file": "/home/X/system/Filters/Filters.php",
"line": 181,
"function": "before",
"class": "CodeIgniter\\Filters\\CSRF",
"type": "->"
},
{
"file": "/home/X/system/CodeIgniter.php",
"line": 407,
"function": "run",
"class": "CodeIgniter\\Filters\\Filters",
"type": "->"
},
{
"file": "/home/X/system/CodeIgniter.php",
"line": 336,
"function": "handleRequest",
"class": "CodeIgniter\\CodeIgniter",
"type": "->"
},
{
"file": "/home/X/public_html/index.php",
"line": 36,
"function": "run",
"class": "CodeIgniter\\CodeIgniter",
"type": "->"
}
]
}