• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
View located in different default folder

#11
(01-12-2018, 12:24 PM)jreklund Wrote: Totally forgot you will need to access your Segway class this way.
http://localhost/sma/segway/show_grid
http://localhost/sma/index.php/segway/show_grid

Codeigniter only loads the index() function on default.
You can overwrite the default function by placing this in your route.
PHP Code:
$route['segway'] = 'segway/show_grid'

I thought you got a "real" 404 and not Codeigniters 404 messages. But had a look at my dev machine at home now.

Hello, it's working fine; now I have a problem with .htaccess file about ubication.

I have two .htaccess files located so...
1- .htaccess in root folder:


Code:
DirectoryIndex index.php index.html

<IfModule mod_rewrite.c>

RewriteEngine On
# RewriteBase /sma/
# RewriteCond $1 !^(index\.php|assets|install|update) 
# RewriteCond $1 !^(index\.php|assets|files|update|updatepos|robots\.txt)
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d

# For godady Shared Hosting Server uncomment the line below
# RewriteRule ^(.*)$ index.php?/$1 [L]


# Please comment this if you have uncommented the above
RewriteRule ^(.*)$ index.php/$1 [NC,L,QSA]

</IfModule>

2- .htaccess in APP folder:


Code:
<IfModule authz_core_module>
    Require all denied
</IfModule>
<IfModule !authz_core_module>
    Deny from all
</IfModule>

Then I'm getting error to CRUD operations:
Failed to load resource: the server responded with a status of 403 (Forbidden)

Thanks by your help!
Reply

#12
Please try to disable csrf protection, so we know the cause of the problem.
app\config\config.php
PHP Code:
$config['csrf_protection'] = FALSE

If it's working, you will need to turn on csrf protection again and pass the csrf token and cookie name with your ajax request. There are plenty of solution for this problem, so a quick search on this forum will solve that.
Reply

#13
(01-13-2018, 12:42 AM)jreklund Wrote: Please try to disable csrf protection, so we know the cause of the problem.
app\config\config.php
PHP Code:
$config['csrf_protection'] = FALSE

If it's working, you will need to turn on csrf protection again and pass the csrf token and cookie name with your ajax request. There are plenty of solution for this problem, so a quick search on this forum will solve that.

Working if

PHP Code:
$config['csrf_protection'] = FALSE

Then talk me about it, because would security risk?

Thanks
Reply

#14
Yes, it's a security risk. So now you need to patch the form that generates that error.
If you are using a standard <form> tag, you can add the hidden field from the manual or start using the Form Helper.
If you are using Ajax/Javascript, search this forum. There are plenty of information about that topic already.

Codeigniter manual: Cross-site request forgery (CSRF)
The Open Web Application Security Project: Cross-Site Request Forgery (CSRF)
Reply


Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


Users browsing this thread:
1 Guest(s)


  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2018 MyBB Group.