我找到了答案delete multipe record之一,并尝试遵循它,但是我不断收到相同的消息:
CSRF令牌不匹配。
Cake \ Http \ Exception \ InvalidCsrfTokenException
'_Token' was not found in request data.
编辑: 删除按钮在这4个控制器/表格(用户,潜在客户,联系人,客户,潜在客户)上不起作用 但是它们确实可以在我的其他桌子上工作
这是
AppController.php
<?php
namespace App\Controller;
use Cake\Controller\Controller;
use Cake\Event\Event;
class AppController extends Controller
{
public function initialize()
{
parent::initialize();
$this->loadComponent('RequestHandler', [
'enableBeforeRedirect' => false,
]);
$this->loadComponent('Flash');
$this->loadComponent('Security');
$this->loadComponent('Csrf');
}
public function pr($arr){
echo "<pre>";
print_r($arr);
echo "</pre>";
exit();
}
public function beforeRender(Event $event)
{
if(!array_key_exists('_serialize', $this->viewVars) &&
in_array($this->response->getType(), ['application/json', 'application/xml'])
){
$this->set('_serialize', true);
}
if($this->request->getSession()->read('Auth.User')){
$this->set('loggedIn', true);
} else {
$this->set('loggedIn', false);
}
}
}
UsersController.php
<?php
namespace App\Controller;
use App\Controller\AppController;
use Cake\I18n\Time;
use Cake\Event\Event;
use Cake\ORM\TableRegistry;
use Cake\Mailer\Email;
use Cake\Auth\DefaultPasswordHasher;
Use Cake\Utility\Security;
use Cake\Routing\Router;
class UsersController extends AppController
{
public function beforeFilter(Event $event)
{
parent::beforeFilter($event);
$this->Security->setConfig('unlockedActions', ['add']);
public function initialize(){
parent::initialize();
$this->loadComponent('Paginator');
$this->loadComponent('Security');
}
public function delete($id = null) {
if (!$this->request->is('post')) {
throw new MethodNotAllowedException();
}
$this->User->id = $id;
if (!$this->User->exists()) {
throw new NotFoundException(__('Invalid user'));
}
if ($this->User->delete()) {
$this->Session->setFlash(__('User deleted'));
$this->redirect(array('action' => 'index'));
}
$this->Session->setFlash(__('User was not deleted'));
$this->redirect(array('action' => 'index'));
}
public function deleteall()
{
if ($this->request->is('post'))
{
foreach($this->data['Users']['user_id'] as $key => $value)
{
$this->Subject->delete($value);
}
$this->Session->setFlash('User has been deleted.');
}
$this->redirect(array('action' => 'index'));
/* $this->request->allowMethod(['post', 'delete']);
$user = $this->Users->get($id);
foreach ($user as $value) {
$this->Users->deleteAll(['id'=>$value]);
}
return $this->redirect(['action'=>'index']);*/
}
public function isAuthorized($user)
{
// Admin has full access
if ($user['role'] == 'Admin') {
return true;
}
// User can view and edit own account only
if (in_array($this->request->action, ['view', 'edit', 'delete']) && $user['id'] == (int)$this->request->params['pass'][0]) {
return true;
}
return false;
}
public function verification($token){
$userTable = TableRegistry::get('Users');
$verify = $userTable->find('all')->where(['token'=>$token])->first();
$verify->verified = '1';
$UserTable->save($verify);
}
这是
上的有效删除NotesController
public function delete($id = null)
{
$this->request->allowMethod(['post', 'delete']);
$note = $this->Notes->get($id);
if ($this->Notes->delete($note)) {
$this->Flash->success(__('The note has been deleted.'));
} else {
$this->Flash->error(__('The note could not be deleted. Please, try again.'));
}
return $this->redirect(['action' => 'index']);
}
index.ctp
<button type="submit" formaction="<?php echo $this->Url-
>build(['action'=>'deleteall']) ?>" class="btn btn-danger"
onclick="return confirm('Are yo u sure you want to delete users?')">
Delete</button>
</p>
<th><input type="checkbox" class="selectall"/></th>
<td><input type="checkbox" class="selectbox" name="ids[]" value="<?=
h($user->id) ?></td>"/></td>
<button type="submit" formaction="<?php echo $this->Url->build(['action' =>'delete', $user->id]) ?>" class="btn btn-danger btn-sm" onclick="return confirm('Are you sure?')">Delete</button>
答案 0 :(得分:0)
您需要禁用CSRF和安全组件。您可以通过在控制器的beforeFilter方法中添加以下代码来针对特定操作禁用它们。
$actions = [
'delete',
'deleteall'
];
if (in_array($this->request->params['action'], $actions)) {
// for csrf
$this->eventManager()->off($this->Csrf);
// for security component
$this->Security->config('unlockedActions', $actions);
}
希望这会有所帮助。