Codeigniter CSRF仅在一次Ajax请求中有效 [英] Codeigniter CSRF valid for only one time ajax request
问题描述
我想在发生jQuery更改事件时在服务器上上传图像,但是使用codeigniter csrf我只能上传图像一次.如何使用Ajax上传图像以进行多个请求.设置此设置时请记住
I want to upload image on the server on change event of jQuery but using codeigniter csrf I am able to upload image only one time. How can I upload images using ajax for multiple requests.Please keep in mind when I set this
config['csrf_protection'] = FALSE;
然后我可以发送多个请求jQuery onchange事件,但是当csrf_protection将为false时,我认为csrf没有任何优势.所以问题是启用csrf_protection时如何使用ajax发送多个请求.我的jquery代码如下
then I am able to send multiple request jQuery onchange event but when csrf_protection is going to be false then I think there is no advantage of csrf. so the question is how can I send multiple requests using ajax while csrf_protection is enable. My jquery code is following
$("#avatar").change(function(){
var link = $("#avatar").val();
$.ajax({
url : "<?php echo base_url('main/test'); ?>",
type: 'post',
data: {'<?php echo $this->security->get_csrf_token_name(); ?>':'<?php echo $this->security->get_csrf_hash(); ?>',"id":"hello","link":link},
success : function(data)
{
alert(data);
}
});
});
推荐答案
我认为您应该尝试重新创建每个请求的csrf令牌
In my opinion you should try to recreate your csrf token each request
尝试下面的代码示例...
Try this code example...
对于js函数
var csrfName = '<?php echo $this->security->get_csrf_token_name(); ?>',
csrfHash = '<?php echo $this->security->get_csrf_hash(); ?>';
("#avatar").change(function(){
var link = $("#avatar").val();
var dataJson = { [csrfName]: csrfHash, id: "hello", link: link };
$.ajax({
url : "<?php echo base_url('main/test'); ?>",
type: 'post',
data: dataJson,
success : function(data)
{
csrfName = data.csrfName;
csrfHash = data.csrfHash;
alert(data.message);
}
});
});
和控制器
public function test() {
$config['upload_path'] = './uploads/';
$config['allowed_types'] = 'gif|jpg|png';
$config['max_size'] = 500;
$config['max_width'] = 260;
$config['max_height'] = 260;
$reponse = array(
'csrfName' => $this->security->get_csrf_token_name(),
'csrfHash' => $this->security->get_csrf_hash()
)
$this->load->library('upload', $config);
if (!$this->upload->do_upload('link')) {
$reponse['message'] = "error";
}
else {
$data = array('upload_data' => $this->upload->data());
$image_name = $data['upload_data']['file_name'];
$reponse['message'] = $image_name;
}
echo json_encode($reponse);
}
让我知道,祝你好运
注意:当有人要求您向问题发布更多数据时,不要将其发布为评论或答案,最好自己编辑问题并添加内容
Note: When someone ask you for posting more data to the question, don't post it as a comment or answer, it's better to edit the question itself and adding the stuff
这篇关于Codeigniter CSRF仅在一次Ajax请求中有效的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!