Thread: Custom form in admin POST fails
View Single Post
  #2  
Old 01-04-2014, 06:13 AM
  qualiteam's Avatar 
qualiteam qualiteam is offline
 

X-Guru
   
Join Date: Dec 2010
Posts: 6,373
 
Default Re: Custom form in admin POST fails
Back-end forms are signed with a random number to prevent CSRF attacks.

So, before posting the data you should add the number too. Here is the code that does the job:

PHP Code:
if (
        defined('AREA_TYPE')
        && !empty($login)
        && in_array(constant('AREA_TYPE'), array('A''P'))
        && function_exists('func_generate_formid')
        && !$formid_generated
    ) {
        // Generate new form id
        $templater->register_outputfilter('func_substitute_formid');
        $formid_generated true;
    } 
__________________
Alex Solovev,
Qualiteam

---

User manual Video tutorials X-Cart FAQ

You are welcome to press "Thanks" button
if you find this post useful

Click here to learn how to apply patches

X-Cart Extensions
Reply With Quote