How to use the csrf class in codeigniter with onchange event?

Question

How to use the csrf class in codeigniter with onchange event?

Navigation

#1 by (0 votes)

0

I have the following situation:

Form

<?php
    $atributos = array('id'=>'cadloja','class'=>'form-inline','role'=>'form','data-toggle'=>'validator');
    echo form_open('',$atributos);
?>
    <select class="form-control" id="grupo">
        <option value="<?= 'retorno_ajax' ?>"><?= 'retorno_ajax' ?></option>
    </select>

<?php
    echo form_close();
?>

Javascript

$('#grupo').change(function () {
    $('#div_retorno').load('lista_grupos');
}

Notice that I'm not using ajax requests or submitting the form in the onchange event. With csrf active, onchange no longer works.

I even found some answers in SOen , but in all, I would be forced to make another ajax request in the onchange event. I also read in the documentation of CI that it is possible to delete a page from csrf :

 $config['csrf_exclude_uris'] = array('controllerx/metodox');

This option is the one that gives less work, but would you still be safe?

So, that's it ... is there any way you can do other than the two I said? Thank you.

php jquery codeigniter csrf

asked by anonymous 06.10.2017 / 21:00

1 answer

Problems with float css property CodeIgniter 1.7 Error upload remote server

score 0 · Accepted Answer

Sorry for the delay, it's true, after several searches, I found the answer. To "standardize" the work in any case, I saw that using ajax is easier, and also, to use when and then jquery together.

The issue is that CI only automatically updates the token if the entire page is reloaded, as this is not the case, you have to return the new token of controller for the view.

If you simply try to use echo $this->security->get_csrf_hash(); directly in the view, it does not work. It must come from controller or even model .