Custom data in delete post

QuestionsCustom data in delete post
Harpreet Singh Sahota asked 10 years ago

Broken Delete functionality: I have included PHPGRID in Codeigniter where I'm using CSFR to secure forms so, when I try delete some record it failed because I'm not able to include CRSF code in delete form. Please let me know how do I include custom values in form like Delete. I have corrected all the remaining functionalities but Delete functionality isn't getting tweaked as per my requirement.

3 Answers
Abu Ghufran answered 10 years ago

You can set following for token:value for Cross-Site Request Forgery (CSRF) —e.g. 'X-CSRF-Token', 'abc'

$grid["loadBeforeSend"] = "function(jqXHR) { jqXHR.setRequestHeader('X-CSRF-Token', 'abc' );}";
$grid["edit_options"]["ajaxEditOptions"]["beforeSend"] = "function(jqXHR) { jqXHR.setRequestHeader('X-CSRF-Token', 'abc' );}";
$grid["edit_options"]["ajaxEditOptions"]["beforeSend"] = "function(jqXHR) { jqXHR.setRequestHeader('X-CSRF-Token', 'abc' );}";
$grid["delete_options"]["ajaxDelOptions"]["beforeSend"] = "function(jqXHR) { jqXHR.setRequestHeader('X-CSRF-Token', 'abc' );}";

$g->set_options($grid);

If you can manage COOKIE based csrf, it would make things more simpler.

Abu Ghufran answered 10 years ago

Thanks Joao for sharing.

Joao Patricio answered 9 years ago

another option would be adding to the header of the request directly via jquery

$.ajaxSetup({ headers: { 'X-CSRF-TOKEN': '<?= your_token_function() ?>' } });

and having your codeigniter method to also look for the X-CSRF-TOKEN value

Your Answer

17 + 20 =

Login with your Social Id:

OR, enter

Attach code here and paste link in question.
Attach screenshot here and paste link in question.



How useful was this discussion?

Click on a star to rate it!

Average rating 0 / 5. Vote count: 0

No votes so far! Be the first to rate it.

We are sorry that this post was not useful for you!

Let us improve this post!

Tell us how we can improve this post?