Plz send me cakephp books link.its mean download cakephp book. On Fri, May 4, 2012 at 5:48 PM, luca capra <[email protected]> wrote:
> Hi, > probably you have to configure the SecurityComponent (and eventually use > the FormHelper) to permit those types of request to happen. > > See: > - http://en.wikipedia.org/wiki/Cross-site_request_forgery > - > http://book.cakephp.org/2.0/en/core-libraries/components/security-component.html#restricting-cross-controller-communication > - > http://book.cakephp.org/2.0/en/core-libraries/components/security-component.html#csrf-protection > > > > Il 04/05/2012 13:58, jmail ha scritto: > > Hi! > > I've got application which I am translating from other technology to > CakePHP. Application is in about 60% written with AJAX.There are a lot of > cross controller sends :/ So I've got a problem because when I am trying to > make something similar with Cake I get error 400 - bad request. Of course I > am using Security component and I would like to use this component. App > it's quite secure with that component. Of course when I am using GET > request everything is OK, but when try to use POST request there is a > problem. > > I've got Controller MainController with function start > > class MainController extends AppController{ > function start(){ > $this->set('contests', $this->Contest->find('all', array('conditions' => > array('Contest.start <= now()', 'Contest.finish > now()', 'Contest.active' > => 1, 'Board.status' => 1)))); > if(CakeSession::read('user') === null){ > $this->layout = 'nonloginlayout'; > } > else{ > $this->render('startlogged'); > } > } > } > > Then in startlogged.ctp I've got script: > > function moreChances(){ > $.prompt.close(); > $.prompt(states, {zIndex: 11000}); > $.ajax({ > url: "/user/invite/" > ,async: true > ,dataType: "html" > ,type: "GET" > ,success: function(data){ > $.prompt.close(); > $.prompt(data, {buttons:{}, zIndex: 11000}) > } > > }); > } > function sendInvite(){ > mail = document.getElementById('inviteMail').value; > message = document.getElementById('inviteMessage').value; > $.prompt.close(); > $.prompt(states, {zIndex: 11000}); > $.ajax({ > url: "/user/send_invite?tmp="+Math.random() > ,async: false > ,data: {test:'doopa'} > ,type: "POST" > ,dataType: "html" > ,success: function(data){ > $('#deb').html(data); > } > ,error: function(jqXHR, textStatus, errorThrown){ > $('#deb').html(errorThrown); > } > }); > } > > > user/invite just loading a form into a prompt window > > > <label>Email address:<br></label> > <input type="text" name="mail" id="inviteMail"> > <br> > <label>Message:<br></label> > <textarea name="message" id="inviteMessage"></textarea> > <br><br> > <div class="floatRight"> > <a href="javascript:sendInvite()" style="color: #636363;"><b>send</b></a> > </div> > > and User controller look like this > > class UserController extends AppController{ > > function beforeFilter() { > parent::beforeFilter(); > $json_actions = array('send_invite'); > if(in_array($this->action, $json_actions)){ > $this->Security->validatePost = false = array('Session', > 'RequestHandler', 'ImageConverter'); > } > } > function invite(){ > $this->layout = ''; > } > function send_invite(){ > $this->autoRender = false; > var_dump($_POST); > } > } > > And I don't know what to do more. Every POST request generating error: > > 2012-05-04 13:54:27 Error: [BadRequestException] The request has been > black-holed > #0 > !!!Path_to_root!!!\lib\Cake\Controller\Component\SecurityComponent.php(227): > SecurityComponent->blackHole(Object(UserController), 'csrf') > > > Can some please help me? I don't know what to do to not get black-holed. > I am desperate because of that three of my projects are stoped :( > > Thanks for all. > -- > Our newest site for the community: CakePHP Video Tutorials > http://tv.cakephp.org > Check out the new CakePHP Questions site http://ask.cakephp.org and help > others with their CakePHP related questions. > > > To unsubscribe from this group, send email to > [email protected] For more options, visit this group > at http://groups.google.com/group/cake-php > > -- > Our newest site for the community: CakePHP Video Tutorials > http://tv.cakephp.org > Check out the new CakePHP Questions site http://ask.cakephp.org and help > others with their CakePHP related questions. > > > To unsubscribe from this group, send email to > [email protected] For more options, visit this group > at http://groups.google.com/group/cake-php > -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/cake-php
