问题
Hi experts can you give me a suggestion, why I am getting this 403 forbidden on my code igniter currently running on my localhost.
403 forbidden
The process is like this:
I am using ajax for easy and smoothly access and retrieving of data from model, controller to the view the image below is my code in my views to controller.
<div class="modal-header s-example-modal-sm" aria-labelledby="mySmallModalLabel">× New Question Modal function question_save(){
$.ajax({ url : "<?php echo base_url('Mainx/insert_question_header');?>", crossDomain: true, contentType: "application/x-www-form-urlencoded", method: "POST", data: { name: 'question_header'}, dataType: 'json', '<?php echo $this->security->get_csrf_token_name(); ?>' : '<?php echo $this->security->get_csrf_hash(); ?>', success: function(data){ //alert('data save'); }, error: function (jqXHR, textStatus, errorThrown){ alert('Error adding'); } }); }Question Header:
And lastly from my controller and display the value that i type in my input under my view.
public function insert_question_header(){
$insert_header = array(
'question_header'=> $this->input->post("question_header")
);
//$this->db->insert('tb_question_header', $insert_header);
echo json_encode($insert_header);
redirect('Mainx/question_form/success' );
}
回答1:
hey guys just found the answer. Thank you for all your suggestions and advice.
<script type="text/javascript">
function q_header() {
var question = document.getElementById('question').value;
$.ajax({
url: "<?php echo base_url('Mainx/insert_question_header');?>",
type: "post",
data: {'<?php echo $this->security->get_csrf_token_name(); ?>':'<?php echo $this->security->get_csrf_hash(); ?>',"question":question},
success: function(){
alert("success");
},
error:function(){
alert("failure");
}
});
}
</script>
I try this code and instead using question_header i change it to question. This also work even when you set your $config[csrf_protection]=TRUE; or $config[csrf_generate]=TRUE; this is my updated answer.
回答2:
As in Docs Try with In your Config file Set
$config['csrf_regenerate'] = FALSE;
回答3:
Try it with this:
$.ajax({
url : "<?php echo base_url('Mainx/insert_question_header');?>",
crossDomain: true,
contentType: "application/x-www-form-urlencoded",
method: "POST",
data: { name: 'question_header', '<?php echo $this->security->get_csrf_token_name(); ?>' : '<?php echo $this->security->get_csrf_hash(); ?>' },
dataType: 'json',
success: function(data){
//alert('data save');
},
error: function (jqXHR, textStatus, errorThrown){
alert('Error adding');
}
});
So you have to place the CSRF token to the data: section.
回答4:
You have a couple of issues here. First you are sending a parameter with the key "name" and value "question_header", and later you are referencing the input parameter by its value, not its name. This will not resolve the issue but is the first mistake.
Secondly, in your controller method, you are displaying some JSON data and calling redirect afterwards. This could be causing your error. If you push a redirect here, you will only redirect the AJAX call, and not the browser rendered page.
If you wish to redirect the visitor, you have to inform your AJAX response handler by outputting valid JSON that contains data for the redirect and then parse that JSON response and redirect with JavaScript.
来源:https://stackoverflow.com/questions/36761009/post-url-403-forbidden-in-codeigniter-3