I want to upload image on the server on change event of jQuery but using codeigniter csrf I am able to upload image only one time. How can I upload images using ajax for multiple requests.Please keep in mind when I set this
config['csrf_protection'] = FALSE;then I am able to send multiple request jQuery onchange event but when csrf_protection is going to be false then I think there is no advantage of csrf. so the question is how can I send multiple requests using ajax while csrf_protection is enable. My jquery code is following
$("#avatar").change(function(){ var link = $("#avatar").val(); $.ajax({ url : "<?php echo base_url('main/test'); ?>", type: 'post', data: {'<?php echo $this->security->get_csrf_token_name(); ?>':'<?php echo $this->security->get_csrf_hash(); ?>',"id":"hello","link":link}, success : function(data) { alert(data); } });});Advertisement
Answer
In my opinion you should try to recreate your csrf token each request
Try this code example…
For the js funcion
var csrfName = '<?php echo $this->security->get_csrf_token_name(); ?>', csrfHash = '<?php echo $this->security->get_csrf_hash(); ?>';("#avatar").change(function(){ var link = $("#avatar").val(); var dataJson = { [csrfName]: csrfHash, id: "hello", link: link }; $.ajax({ url : "<?php echo base_url('main/test'); ?>", type: 'post', data: dataJson, success : function(data) { csrfName = data.csrfName; csrfHash = data.csrfHash; alert(data.message); } });});and for the controller
public function test() { $config['upload_path'] = './uploads/'; $config['allowed_types'] = 'gif|jpg|png'; $config['max_size'] = 500; $config['max_width'] = 260; $config['max_height'] = 260; $reponse = array( 'csrfName' => $this->security->get_csrf_token_name(), 'csrfHash' => $this->security->get_csrf_hash() ) $this->load->library('upload', $config); if (!$this->upload->do_upload('link')) { $reponse['message'] = "error"; } else { $data = array('upload_data' => $this->upload->data()); $image_name = $data['upload_data']['file_name']; $reponse['message'] = $image_name; } echo json_encode($reponse);}Let me know and good luck
Note: When someone ask you for posting more data to the question, don’t post it as a comment or answer, it’s better to edit the question itself and adding the stuff