1

Why I cannot Upload file on Dropzone in codeigniter when csrf_protection is TRUE? and when I make "csrf_protection" is FALSE the upload has works, but can I make "csrf_protection" is TRUE and works fine ?

this is my controllers :

function proses_upload(){
        $config['upload_path']   = FCPATH.'/upload-foto/';
        $config['allowed_types'] = 'gif|jpg|jpeg|png|ico';
        $this->load->library('upload',$config);

        if($this->upload->do_upload('userfile')){
        $token=$this->input->post('token_foto');
        $nama=$this->upload->data('file_name');
        $this->db->insert('foto',array('nama_foto'=>$nama,'token'=>$token));
        }
	}

function remove_foto(){
	$token=$this->input->post('token');
	$foto=$this->db->get_where('foto',array('token'=>$token));

	if($foto->num_rows()>0){
	$hasil=$foto->row();
	$nama_foto=$hasil->nama_foto;
	if(file_exists($file=FCPATH.'/upload-foto/'.$nama_foto)){
		unlink($file);
		}
	$this->db->delete('foto',array('token'=>$token));
		}
	echo "{}";

}

this is in views :

  
Dropzone.autoDiscover = false;

var foto_upload= new Dropzone(".dropzone",{
url: "<?php echo base_url('index.php/upload/proses_upload') ?>",
maxFilesize: 2,
method:"post",
acceptedFiles:"image/*",
paramName:"userfile",
dictInvalidFileType:"Type file ini tidak dizinkan",
addRemoveLinks:true,
});

foto_upload.on("sending",function(a,b,c){
	a.token=Math.random();
	c.append("token_foto",a.token);
});

foto_upload.on("removedfile",function(a){
	var token=a.token;
	$.ajax({
		type:"post",
		data:{token:token},
		url:"<?php echo base_url('index.php/upload/remove_foto') ?>",
		cache:false,
		dataType: 'json',
		success: function(){
			console.log("Foto terhapus");
		},
		error: function(){
			console.log("Error");
		}
	});
});

and this is in my config.php specially on CSRF :

$config['csrf_protection'] = TRUE;
$config['csrf_token_name'] = 'csrf_test_name';
$config['csrf_cookie_name'] = 'csrf_cookie_name';
$config['csrf_expire'] = 7200;
$config['csrf_regenerate'] = TRUE;
$config['csrf_exclude_uris'] = array();

Improve this question
8
  • Is your form being cached? See: [link]symfony.com/doc/3.3/http_cache/form_csrf_caching.html Commented Sep 1, 2018 at 16:16
  • @Jamie_D I think yes, but I dont know much about it Commented Sep 1, 2018 at 16:24
  • You should use the information from the above link, or set your form's page to "no cache" More info here: [link]stackoverflow.com/questions/19775382/codeigniter-disable-cache Commented Sep 1, 2018 at 16:44
  • so I just disable cache if I wanted to set TRUE on csrf_protection ? I just recently following your link to disable cache but it doesn't work Commented Sep 1, 2018 at 17:10
  • Make sure you clear your browser cache as well and do a hard refresh (Ctrl-F5) Commented Sep 1, 2018 at 17:16
Related questions
3
Codeigniter csrf protection error:
0
Laravel and Dropzonejs, files are not uploaded correctly
0
Laravel and Dropzonejs files not uploading
Load 7 more related questions Show fewer related questions

0

Reset to default

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.