Custom data in delete post

QuestionsCustom data in delete post
Harpreet Singh Sahota asked 5 years ago

Broken Delete functionality: I have included PHPGRID in Codeigniter where I'm using CSFR to secure forms so, when I try delete some record it failed because I'm not able to include CRSF code in delete form. Please let me know how do I include custom values in form like Delete. I have corrected all the remaining functionalities but Delete functionality isn't getting tweaked as per my requirement.

3 Answers
Abu Ghufran answered 5 years ago

You can set following for token:value for Cross-Site Request Forgery (CSRF) —e.g. 'X-CSRF-Token', 'abc'

$grid["loadBeforeSend"] = "function(jqXHR) { jqXHR.setRequestHeader('X-CSRF-Token', 'abc' );}";
$grid["edit_options"]["ajaxEditOptions"]["beforeSend"] = "function(jqXHR) { jqXHR.setRequestHeader('X-CSRF-Token', 'abc' );}";
$grid["edit_options"]["ajaxEditOptions"]["beforeSend"] = "function(jqXHR) { jqXHR.setRequestHeader('X-CSRF-Token', 'abc' );}";
$grid["delete_options"]["ajaxDelOptions"]["beforeSend"] = "function(jqXHR) { jqXHR.setRequestHeader('X-CSRF-Token', 'abc' );}";

$g->set_options($grid);

If you can manage COOKIE based csrf, it would make things more simpler.

Abu Ghufran answered 5 years ago

Thanks Joao for sharing.

Joao Patricio answered 4 years ago

another option would be adding to the header of the request directly via jquery

$.ajaxSetup({ headers: { 'X-CSRF-TOKEN': '<?= your_token_function() ?>' } });

and having your codeigniter method to also look for the X-CSRF-TOKEN value

Your Answer

18 + 1 =

Login with your Social Id:

OR, enter

Attach code here and paste link in question.
Attach screenshot here and paste link in question.



How useful was this discussion?

Click on a star to rate it!

Average rating / 5. Vote count:

We are sorry that this post was not useful for you!

Let us improve this post!