我正在尝试使用Laravel 5创建一个简单的Ajax帖子。我读到Csrf令牌匹配存在问题,我可以将我的uri放入VerifyCsrfToken预测中以解决此问题。我在代码中搞砸了什么吗?我怎样才能使这个工作?这就是我所拥有的:
HTML:
ifJS:
<div id = "event-carousel" class = "carousel slide">
<div id = "event-news" class = "carousel-inner">
{{--*/ $isFirst = true; /*--}}
@foreach($events as $event)
<div class="item{{{ $isFirst ? ' active' : '' }}}">
<div class = "foto we">
<img src ="/assets/image/{{$event->photo}}" alt = "intexhange" class= "img-responsive">
</div>
<div class = "mask">
<h1>{{$event->title}}</h1>
<div class = "secinfo">
<p>{{$event->teacher}}</p>
<p>{{$event->location}}</p>
<p>{{$event->published_at}}</p>
</div>
<div class = pitch>
<p class = "subhead-how">{{$event->description}}</p>
{!!Form::open(array('url' => 'book')) !!}
{!! Form::hidden('title', $event->title, ['class' => 'form-control']) !!}
{!! Form::hidden('user_id', $myid, ['class' => 'form-control']) !!}
<input type="hidden" id="token" value="{{ csrf_token() }}">
<span href="#event-carousel" data-slide="prev"class = "glyphicon glyphicon-arrow-left"></span>{!!Form::button('Join Activity', array('type' => 'submit', 'class' => 'btn btn-danger jact'))!!}<span href="#event-carousel" data-slide="next" class = "glyphicon glyphicon-arrow-right"></span>
{!! Form::close() !!}
</div>
</div>
{{--*/ $isFirst = false; /*--}}
</div>
@endforeach
</div>
</div>
});
控制器:
$('.jact').click(function(e){
e.preventDefault();
var title = $(this).find('input[title=title]').val();
var user_id = $(this).find('input[user_id=user_id]').val();
$.post('book', {title: title, user_id: user_id}, function(data){
console.log(data);
})
VerifyCsrfToken:
public function book()
{
if(Request::ajax()){
return Response::json(Input::all());
}
}
答案 0 :(得分:3)
$except功能使用Illuminate\Http\Request::is()方法。它遍历$except数组并针对每个条目测试当前请求。如果匹配,则会跳过验证。
从代码中,您似乎要发布到book,而不是书下的网址。如果您要致电$request->is('book/*'),则会返回false,因为您不在book下的网址。
如果您想忽略book及其所有后代,您会想要这样:
class VerifyCsrfToken extends BaseVerifier
{
protected $except = [
'book',
'book/*'
];
}