• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Problems with ajax

#1
My setup is Windows 10, Wamp version 3.0.6 and Codeigniter 3.0.6. I am trying to use the Calendar class to generate a calendar that will permit content updating by clicking on a particular date. I am following an old tutorial by Burak Guzel (https://www.youtube.com/watch?v=qMsEAtXtE2g) who uses ajax. The calendar appearance on the page seems correct. My jquery code, copying his (apart from the csrf elements), is:
Code:
    $('.calendar .day').click(function() {

        var name = '<?php echo $this->security->get_csrf_token_name(); ?>'
        var hash = '<?php echo $this->security->get_csrf_hash(); ?>'

        day_num = $(this).find('.day_num').html();
        day_data = prompt('Enter stuff', $(this).find('.content').html());
        if (day_data != null) {
            $.ajax({
                url: window.location,
                type: 'post',
                data: {
                    day: day_num,
                    data: day_data,
                    name: hash
                },
                success: function(msg) {
                    location.reload();
                }
            });
        }
    });

The prompt appears correctly when I click on a date and Firefox developer tools console shows the POST with the correct url but with a 403 Forbidden error. I'm guessing this is a csrf issue but when I try to test this by setting 'csrf_protection' to FALSE the console shows no POST taking place at all. I'm also wondering whether Codeigniter 3 which I am using differs significantly in this respect from the version he was using and so the ajax code syntax is wrong?

Can anyone suggest what might be going on?
Reply

#2
Between the debugger and the network panel, you should have all you need to figure this out.

When setting csrf_protection to FALSE, if there is no AJAX POST request, then what is there? JS errors?
Reply

#3
When I turn off csrf, there appear to be no reported js errors. The console is blank
Reply

#4
What do you see in the network panel? You may have to set logging to persist between page loads, but you should see some clues somewhere.
Reply

#5
Now I am seeing a change when I turn off csrf. In the Console Net window, instead of '403 Forbidden' I'm getting '500 Internal Server Error'. There is still a csrf prob as I would obviously want to have it on but the server error is presumably on top of that. Is it perhaps an .htaccess issue? Here is my .htaccess code:

Code:
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$  index.php?/$1 [L]

Incidentally, this is only an ajax prob - I can still POST with a form.
Reply


Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


  Theme ¬© 2014 iAndrew  
Powered By MyBB, © 2002-2020 MyBB Group.