0

I'm basic at javascript, so please help me. I have a function, which select (onchange) every city for the countys. I have to add csrf token to the post.

The default function which is working great, but needed CSRF.

function getcitydetails(id) {

$.ajax({
    type: "POST",
    url: base_url + "fanok/ajax_city_list/" +id,
    data: id='city_county_code',
    success: function(data){   
        $('#user_city').html(data);
    },
});

}

And there is one I have tried.

function getcitydetails(a) {

var b = {
    id = a
}

b[csfr_token_name] = $.cookie(csfr_cookie_name);

$.ajax({
    type: "POST",
    url: base_url + "fanok/ajax_city_list/" +id,
    data: b[id]='city_county_code',
    success: function(data){   
        $('#user_city').html(data);
    },
});

}

Which is fail to work :/

Help me please.

Thanks in advance.

Patrick
  • 43
  • 1
  • 5

2 Answers2

0

Without knowing what data your API expects, this question is quite hard to answer. However you have multiple errors (or at least strange habits) within your code:

var b = {
    id = a
    // ^ What is that = doing there?
}
// And
$.ajax({  // [snip]
   data: b[id]='city_county_code'
   //  ^ Again, strange location for an assignment: assigning 'city_county_code' to b[id] and then storing that result (thus 'city_county_code') to data
})

What most likely will work (assuming the variables csfr_token_name and csfr_cookie_name [sic] are declared somewhere within scope and have the correct values):

function getcitydetails(id) {
    var postData = {
       id: id // or id: 'city_county_code' (I don't know)
    }

    postData[csfr_token_name] = $.cookie(csfr_cookie_name);

    $.ajax({
        type: "POST",
        url: base_url + "fanok/ajax_city_list/" +id,
        data: postData,
        success: function(data){   
            $('#user_city').html(data);
        },
    });
}
Peter van der Wal
  • 11,141
  • 2
  • 21
  • 29
0

i don't know what framework use as back end but you can put CSRF as meta on top of the page as following 

<meta name="csrf-token" content="<?php echo $CSRF; ?>">

on the start of document ready function on jquery put the following code 

$.ajaxSetup({
    headers: {
        'X-CSRF-TOKEN': $('meta[name="csrf-token"]').attr('content')
    }
});

then all ajax request will have CSRF as header as for Codeigniter

    function getcitydetails(id) {
        var csrfName = '<?php echo $this->security->get_csrf_token_name(); ?>',
            csrfHash = '<?php echo $this->security->get_csrf_hash(); ?>';
        var postData = {
           id: id,
           csrfName:csrfHash
     // or id: 'city_county_code' (I don't know)
        }

  postData[csfr_token_name] = $.cookie(csfr_cookie_name);

    $.ajax({
        type: "POST",
        url: base_url + "fanok/ajax_city_list/" +id,
        data: postData,
        success: function(data){   
            $('#user_city').html(data);
        },
    });

}
Jehad Ahmad Jaghoub
  • 1,225
  • 14
  • 22
  • then its answer here https://stackoverflow.com/questions/38502548/codeigniter-csrf-valid-for-only-one-time-ajax-request?utm_medium=organic&utm_source=google_rich_qa&utm_campaign=google_rich_qa – Jehad Ahmad Jaghoub May 26 '18 at 19:59