search

EthanRBrown / web-development-with-node-and-express

Companion repository to Web Development With Node and Express, first edition.
1.01k stars 503 forks source link

codeigniter form_open_multipart showing 403 Forbidden (CSRF) #105

Closed inandi closed 5 years ago

inandi commented 6 years ago

CI config $config['csrf_protection'] = TRUE; $config['csrf_token_name'] = 'my_token'; $config['csrf_cookie_name'] = 'my_cookie'; $config['csrf_expire'] = 7200; $config['csrf_regenerate'] = TRUE; $config['csrf_exclude_uris'] = array();

form_open is working well, but in the case of multi part it's not working well !!!!

my HTML

<?php $parameter = array('id' => 'frm_id', 'class' => 'form-horizontal'); echo form_open_multipart('controller/save',$parameter) ;?>
<div class="form-body">
    <div class="form-group">
        <label class="col-md-3 control-label">Name</label>
        <div class="col-md-6">
            <div class="input-icon">
                <i class="fa fa-bell-o"></i>
                <input type="text" id="catId" class="form-control " placeholder="Type Something..." name='name' /> 
            </div>
        </div>
    </div>
    <div class="form-group">
        <label class="col-md-3 control-label">Description</label>
        <div class="col-md-6">
            <div>
                <textarea class="form-control" rows="3" name="description"></textarea>
            </div>
        </div>
    </div>
    <div class="form-group">
        <label class="col-md-3 control-label">Image 1</label>
        <div class="col-md-6">
            <div>
                <input type="file" name="thumb_image">
            </div>
        </div>
    </div>
    <div class="form-group">
        <label class="col-md-3 control-label">Image 2</label>
        <div class="col-md-6">
            <div>
                <input type="file" name="banner_image">
            </div>
        </div>
    </div>
</div>
<div class="form-actions">
    <div class="row">
        <div class="col-md-offset-3 col-md-9">
            <button type="submit" class="btn btn-flat green">Submit</button>
            <button type="button" class="btn btn-flat grey-salsa">Cancel</button>
        </div>
    </div>
</div>
<?php echo form_close() ;?>

My JS

 <script type="text/javascript">
        var frmSave = $('#frm_id'); 
        frmSave.on('submit', function(event){
            event.preventDefault();
            $form=$(this);
            var fd = new FormData($('#frm_id')[0]);
            $.ajax({
                url: $form.attr('action'),
                type: $form.attr('method'),
                dataType: 'json',
                data: fd,
                contentType: false,
                cache: false,  
                processData: false,
                success: function(data){
                    console.log(data)
                }
            })             
        });
    </script>

Still I am getting this message

An Error Was Encountered
The action you have requested is not allowed.