Follow us on Twitter X-Cart on Facebook Wiki
Shopping cart software Solutions for online shops and malls

Issue in calling an ajax request in admin area.

 
Reply
   X-Cart forums > X-Cart 5 > Modifying the design and features (X-Cart 5)
 
Thread Tools Search this Thread
  #1  
Old 03-16-2017, 03:51 AM
 
ajeetsingh ajeetsingh is offline
 

Member
  
Join Date: Dec 2016
Posts: 28
 

Default Issue in calling an ajax request in admin area.

Hello, I am X-Cart developer from Webkul Software Private Limited, UP, INDIA.
I have an issue in process of ajax calling in admin area on a page.
like: I had created a page with a button at admin area, I want to call a ajax request to click on that button. But when i click on that button to call a function which was already written in the same controller file but an error notice has occurs like below:
"The form could not be identified as a form generated by X-Cart. The reason may be that a substantial period of time has elapsed since you opened the page with this form or the page was opened in more than one browser tab. If you did not open the page with this form, you might be under a CSRF attack."
So can anyone Please help me.
My code are below:
1. In controller File the action is as below.
PHP Code:
/**
* Export action
*
* @return void
*/
protected function doActionSaveDemo(){
   
$tpId = \XLite\Core\Request::getInstance()->nIds;
   echo 
'tpId : '.$tpId;


2. Ajax request is as below:
PHP Code:
function xyz(idss){
   
core.post(
   
URLHandler.buildURL({target'number_demos'action'savedemo'}),
   function(
XMLHttpRequesttextStatusdatavalid) {
     if (
valid && data) {
         
console.log(data);
      }else{
            
console.log('Not valid');
     }
   },
   { 
nIdsidss }
 );    



Here number_demos is the controller which class is NumberDemos
__________________
Ajeet Singh
Sr.Software Developer
Webkul Software Pvt. Ltd.
Reply With Quote
  #2  
Old 03-17-2017, 12:02 AM
  qualiteam's Avatar 
qualiteam qualiteam is offline
 

X-Guru
  
Join Date: Dec 2010
Posts: 6,373
 

Default Re: Issue in calling an ajax request in admin area.

The buildURL function doesn't add the form_id parameter that protects backend forms and links from hijacking.

When is your function called? Is there a link or a form on the page that you want to follow/submit?
If so, you can get the URL via jQuery, something like this:
Code:
var url = jQuery('form#my_form').attr('action');
or
Code:
var url = jQuery('a#my_link').attr('href');
__________________
Alex Solovev,
Qualiteam

---

User manual Video tutorials X-Cart FAQ

You are welcome to press "Thanks" button
if you find this post useful

Click here to learn how to apply patches

X-Cart Extensions
Reply With Quote
  #3  
Old 03-17-2017, 06:47 AM
 
ajeetsingh ajeetsingh is offline
 

Member
  
Join Date: Dec 2016
Posts: 28
 

Default Re: Issue in calling an ajax request in admin area.

Hello qualiteam,

As you suggest about to use admin url i have done same but my issue is remain same. the code is as below :
PHP Code:
<script>
jQuerydocument ).ready(function() {    
  var 
wkUrldds self.location;        
  var 
wkUrl=wkUrldds+'skins/admin/modules/Webkulsoftware/WebPushNotification/notify.php';    
        
jQuery('body').on('click','.notifybtn',function(){
            var 
idss jQuery(this).val();
            var 
urll jQuery('form').attr('action');
            
sendPushNotification(idssurll);
        });

        function 
sendPushNotification(idssurll){
            
            
jQuery.ajax({
                
urlurll+'?target=notif_tmplts&action=notify',
                
data: {ididss,urllurll},
                
type'POST',
                
success: function (data) {
                    if(
data != ''){
                        
console.log(data);
                    }else{
                         
console.log('Not a valid data');
                    }                   
                }
            });
        }

    });
    </
script


And the controller function is as below:

PHP Code:
protected function doActioNotify(){
    
$tpId = \XLite\Core\Request::getInstance()->nIds;
    echo 
$tpId


In that case the ajax call is done but when i click on the ajax url in console then it redirect on the page where a notice is appear that i have no permission to access that page. I have also provide the snapshot of that page below;
Attached Thumbnails
Click image for larger version

Name:	screenshot-ajeet.com-2017-03-17-20-16-22.png
Views:	39
Size:	58.8 KB
ID:	4877  
__________________
Ajeet Singh
Sr.Software Developer
Webkul Software Pvt. Ltd.
Reply With Quote
  #4  
Old 03-20-2017, 09:09 PM
  qualiteam's Avatar 
qualiteam qualiteam is offline
 

X-Guru
  
Join Date: Dec 2010
Posts: 6,373
 

Default Re: Issue in calling an ajax request in admin area.

Every backend URL is signed with a unique identifier that can be used only once.

As far as I understand you use the same URL twice: the first time you send a background request to that URL, and the second time you try to follow it from the JavaScript console. It won't work this way, unfortunately. As soon as you send an AJAX request, the URL becomes expired and won't work from the console.
__________________
Alex Solovev,
Qualiteam

---

User manual Video tutorials X-Cart FAQ

You are welcome to press "Thanks" button
if you find this post useful

Click here to learn how to apply patches

X-Cart Extensions
Reply With Quote
  #5  
Old 03-20-2017, 10:16 PM
 
Daemos Daemos is offline
Advanced Staff Users
 

X-Cart team
  
Join Date: Nov 2015
Posts: 7
 

Default Re: Issue in calling an ajax request in admin area.

Hello, ajeetsingh

You should define the list of actions not secured by formid checking in your NotifTmplts controller to overcome this problem:

PHP Code:
/**
 * Define the actions with no secure token
 *
 * @return array
 */
public static function defineFreeFormIdActions()
{
    
$list parent::defineFreeFormIdActions();
    
$list[] = 'notify';
    return 
$list;

__________________
Eugene Dementjev
XC5 Developer
Reply With Quote
  #6  
Old 03-22-2017, 07:54 AM
 
ajeetsingh ajeetsingh is offline
 

Member
  
Join Date: Dec 2016
Posts: 28
 

Default Re: Issue in calling an ajax request in admin area.

Hello Daemos ,

Thank you to help me, Your suggestion is working for me.
__________________
Ajeet Singh
Sr.Software Developer
Webkul Software Pvt. Ltd.
Reply With Quote
Reply
   X-Cart forums > X-Cart 5 > Modifying the design and features (X-Cart 5)


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT -8. The time now is 06:26 AM.

   

 
X-Cart forums © 2001-2020