堆栈内存溢出
  简体   繁体   English

我尝试通过Yii中的链接发送POST数据时找不到CSRF令牌

[英]Can't find CSRF token as i try to send POST data thru a link in Yii

 原文  2014-01-27 09:16:08       php/ ajax/ post/ yii/ csrf

问题描述

for the shopping cart i add 'add to cart' link. 对于购物车,我添加了“添加到购物车”链接。 Through adding a 'click' event i make it a POST request. 通过添加一个'click'事件,我将其设为POST请求。 The system replies: 'Can't find the csrf token'; 系统回复:'找不到csrf令牌'; Here is the code: 这是代码: 

 'add to cart' => array(
               'url'=>'Yii::app()->controller->createUrl("assortment/addtocart", array("id"=>$data[id], "YII_CSRF_TOKEN" => ' . Yii::app()->request->csrfToken. ', "csrf"=>' . Yii::app()->request->csrfToken . ' ))', 

               'click'=>"function(){
                            $.fn.yiiGridView.update('assortment-grid', { 
                                type:'POST',
                                url:$(this).attr('href'),
                            //  data:{YII_CSRF_TOKEN: " . Yii::app()->request->csrfToken . "},
                                /*success:function(data) {
                                      $.fn.yiiGridView.update('assortment-grid'); 
                                }*/
                            })
                            return false;
                          }
                        ",
                    ),

I've added the 'csrf' parameter into the link. 我已经在链接中添加了“ csrf”参数。 When i uncomment data:{YII_CSRF_TOKEN: " . Yii::app()->request->csrfToken . "}, the POST request becomes simple GET redirect (csrf validated). 当我取消注释data:{YII_CSRF_TOKEN: " . Yii::app()->request->csrfToken . "}, POST请求将变为简单的GET重定向(已通过csrf验证)。 I do not need to update grid, so i've commented out success:function(data) . 我不需要更新网格,所以我已经注释掉了success:function(data) Since there should not be redirection, i need to keep the request POST and ajax. 由于不应该进行重定向,因此我需要保留请求POST和ajax。 You might look at screenshots of the POST form: 您可能会看到POST表单的屏幕截图: 在此处输入图片说明在此处输入图片说明

How to fix it? 如何解决? Can i pass csrf as a POST parameter? 我可以将csrf作为POST参数传递吗? Can i add a POST submit button into CGridView? 我可以在CGridView中添加POST提交按钮吗?

1 个解决方案

解决方案1
 1  2014-01-27 09:45:21

make sure that you have this code in config 确保您在配置中有此代码 

return array(
    'components'=>array(
        'request'=>array(
            'enableCsrfValidation'=>true,
        ),
    ),
);

add token as hidden input(if needed): 添加令牌作为隐藏输入(如果需要): 

$request = Yii:app()->getRequest();
echo CHtml::textField($request->csrfTokenName, $request->getCsrfToken());

and send all form data 并发送所有表格数据 

data: $('#formId').serialize()

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 yii Csrf令牌cookie,为什么转移到帖子? - yii Csrf Token cookies, Why Transfer to Post? 当我可以通过 PHP 脚本发送电子邮件时,为什么不能通过 Wordpress 发送电子邮件? - Why won't I send an email thru Wordpress when I can send it thru a PHP script? _token存在于POST数据上,但表单失败并显示错误:“ CSRF令牌无效。 请尝试重新提交表格” - _token is present on the POST data but form fails with error: “The CSRF token is invalid. Please try to resubmit the form” Yii 1.1.17:CSRF令牌验证通过Angular Controller的POST失败 - Yii 1.1.17: CSRF token validation fails with POST via Angular Controller 在链接上使用 CSRF 令牌 - Use CSRF token on link 如何通过JavaScript在Dropzone上传帖子中发送CSRF令牌? - How to send csrf token in dropzone upload post via javascript? 使用csrf_token Laravel 5.4发送帖子时发送MethodNotAllowedException - MethodNotAllowedException when send post form with csrf_token Laravel 5.4 Yii CSRF Token 无法验证 - Yii CSRF Token cannot be verified Yii中的CSRF令牌超时了吗? - CSRF token in Yii timing out? 将CSRF令牌发送到javascript - Send CSRF token to javascript
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM