我使用了codeigniter 3.0并且我已经实现了csrf功能,问题是csrf无法使用ajax调用。
var page_name = $('#page_name').val();
if(!$.trim(page_name).length)
{
$('#page_name_err').html('Please enter page name.');
$('#page_name').addClass('form-control-error');
$('#page_name').removeClass('form-control-success');
}
else
{
var post_data = {
'pagename': encodeURIComponent(page_name),
<?php if($this->uri->segment(3) == "edit"){ ?> 'id':encodeURIComponent(id), <?php }?>
'<?php echo $this->security->get_csrf_token_name(); ?>' : '<?php echo $this->security->get_csrf_hash(); ?>'
};
//empty($user['user_id'])
<?php if($this->uri->segment(3) == "edit"){?>
var id= <?=$page['cms_id']?>;
<?php } ?>
<?php if(true){?>
$.ajax({
<?php if($this->uri->segment(3) != "edit"){?>
url:'<?=base_url().$this->config->item('admin_folder')?>/cms/check_page_exists',
<?php }else{?>
url:'<?=base_url().$this->config->item('admin_folder')?>/cms/check_editpage_exists',
<?php }?>
type: "POST",
data: post_data,
success: function(html){
if(html==1){
$('#page_name_err').html('Page name already exists. ');
$('#page_error').html('Page name already exists. ');
$('#page_name').addClass('form-control-error');
$('#page_name').removeClass('form-control-success');
$('#page_name').focus();
}
else{
$('#page_name_err').html('');
$('#page_error').html('');
$('#page_name').addClass('form-control-success');
$('#page_name').removeClass('form-control-error');
}
}
});
<?php }else{ ?>
//$('#email_err').html('');
//$('#email').addClass('form-control-success');
//$('#email').removeClass('form-control-error');
<?php }?>
}
}
错误是:不允许您请求的操作。 所以请帮我解决这个问题 谢谢。