TokenMismatchException Laravel联系表
[英]TokenMismatchException Laravel Contact Form
问题描述
I understand that you need a csrf_token() as posted in other questions/answers, but what if I was making calls from an external server that can't get the token? 
我了解您需要其他问题/答案中发布的csrf_token(),但是如果我从无法获取令牌的外部服务器拨打电话怎么办?
First time building anything in Laravel. 第一次在Laravel中构建任何东西。 I am just building a simple ajax contact form to get familiarized with it. 我只是构建一个简单的Ajax联系人表单来熟悉它。
Here's my JS (there will be some client side processing so I need individual values instead of just serializing it straight up) 这是我的JS(会有一些客户端处理,因此我需要单独的值,而不是直接将其序列化)
$('#contact-form').on('submit', function(e){
e.preventDefault();
$.ajax({
type: 'POST',
url: 'forms/contact.php',
dataType: "json",
data: {
name: encodeURIComponent($("#contact-name").val()),
email: encodeURIComponent($("#contact-email").val()),
phone: encodeURIComponent($("#contact-phone").val()),
subject: encodeURIComponent($("#contact-subject").val()),
message: encodeURIComponent($("#contact-message").val())
},
success: function(data) {
alert(data.message);
}
});
});
Here is my Route (which is in web.php) 这是我的路线(在web.php中)
Route::post('forms/contact.php', 'ContactController@send');
And here is my Contact Controller's main public function "send" 这是我的Contact Controller的主要公共功能“发送”
public function send(Request $request){
return response()->json([
'result' => true,
'message' => 'success'
]);
}
Main goal right now is to just get a successful message back to the form. 现在的主要目标是将成功的消息返回表单。
...and would anyone know how I would return validation back to the form using something like this? ...还有谁知道我将如何使用类似的方法将验证返回到表单?
$this->validate($request, [
'name' => 'required',
'email' => 'required|email',
'message' => 'required'
]);
I apologize, I picked up Laravel yesterday so I'm super noob 抱歉,我昨天拿起Laravel,所以我超级菜鸟
2 个解决方案
解决方案1
3 已采纳 2017-05-01 20:45:32
Laravel has a CRSF token that requires you to pass along a key to the POST call which is stored in the session. Laravel有一个CRSF令牌,要求您将密钥传递给存储在会话中的POST调用。 If this token does not match or does not exsist, it will refuse the request. 如果此令牌不匹配或不存在,它将拒绝该请求。 You can read more about this here 您可以在此处了解更多信息
How to fix: 怎么修:
name: encodeURIComponent($("#contact-name").val()),
email: encodeURIComponent($("#contact-email").val()),
phone: encodeURIComponent($("#contact-phone").val()),
subject: encodeURIComponent($("#contact-subject").val()),
message: encodeURIComponent($("#contact-message").val()),
_token: "{{ csrf_token() }}"
解决方案2
2 2017-05-01 20:56:03
By default, Laravel will protect you agains CSRF attacks (when using the web middleware). 默认情况下,Laravel将保护您的CSRF攻击(使用web中间件时)。
Read more about it here: https://laravel.com/docs/5.4/csrf 在这里阅读更多有关它的信息: https : //laravel.com/docs/5.4/csrf
A simple approach, is to output the CSRF token in your page, then grab the token with your Javascript code and store it to a global variable. 一种简单的方法是在页面中输出CSRF令牌,然后使用Javascript代码获取该令牌并将其存储到全局变量中。
In your mail html page template: 在您的邮件html页面模板中:
<script>
window.Laravel = <?php echo json_encode([
'csrfToken' => csrf_token(),
]); ?>
</script>
Then, send it in any post, put and patch requests, in a header value X-CSRF-TOKEN . 然后,在标头值X-CSRF-TOKEN中的任何发布,放置和修补请求中发送它。
For example, in your post call using jQuery ajax: 例如,在使用jQuery ajax的帖子调用中:
$('#contact-form').on('submit', function(e){
e.preventDefault();
$.ajax({
type: 'POST',
beforeSend: function(request) {
request.setRequestHeader("X-CSRF-TOKEN", Laravel.csrfToken);
},
url: 'forms/contact.php',
dataType: "json",
data: {
name: encodeURIComponent($("#contact-name").val()),
email: encodeURIComponent($("#contact-email").val()),
phone: encodeURIComponent($("#contact-phone").val()),
subject: encodeURIComponent($("#contact-subject").val()),
message: encodeURIComponent($("#contact-message").val())
},
success: function(data) {
alert(data.message);
}
});
});
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.