2

I want to post a form using AJAX for that I have created a form and I working fine when I put this two lines of code in my controller:

$this->Security->config('unlockedFields', ['product_id']);

$this->Security->config('unlockedActions',array('update'));

if remove this code I get

Error:Bad Request in console.

<?php echo  $this->Form->create('Cart',array('id' => 'saveForm'));
    
      $total=0;
      foreach ($products as $product):           
      echo $product['product_name'];
      echo $this->Form->input('product_id.',array('value'=>$product['product_id'],'type' => 'number')); 
      echo $this->Form->input('count.',array('type'=>'number', 'label'=>false,
                'class'=>'form-control input-sm', 'value'=>$product['count']));
      echo $product['count']*$product['product_price'];
      endforeach;
      echo $total;           
      echo $this->Form->submit('Save');  
      echo $this->Form->end();
      
      ?>

Controller Action:

public function update() {
  
    $this->autoRender = false;
      
     if (!empty($this->request->data)) {
            $cart = array();
              
            foreach ($this->request->data['count'] as $index=>$count) {
                if ($count>0) {
                    $productId = $this->request->data['product_id'][$index];
                    $cart[$productId] = $count;
                }
            }
       
            $this->Carts->saveProduct($cart);
     
             $carts = $this->Carts->readProduct();
    $products = array();
    if (null!=$carts) {
        foreach ($carts as $productId => $count) {
            $product = $this->Products->get($productId);
            $product['count'] = $count;
            $products[]=$product;
        }
    }
    $this->set('products', $products);
    $this->render('cart_view');
    $this->set(compact('products'));
             
        } 
     
}

index.ctp

 $(document).on("submit", "#saveForm", function(ev) {   
            var formData = $('#saveForm').serialize();
            var formUrl ="http://localhost/multi_shopping/Singles/update";
            $.ajax({
                type: 'POST',
                url: formUrl,
                data: formData,
                dataType: 'html',
                async   :   false,
                success: function(data,textStatus,xhr){
                         $('#PPMiniCart').html('');
                         $('#PPMiniCart').html(data);
                        $('#PPMiniCart').show();
                },
                error: function(xhr,textStatus,error){
                        alert("error"+error);
                }
            }); 
             ev.preventDefault();   
            return false;
        });
Community
  • 1
  • 1
user3653474
  • 3,393
  • 6
  • 49
  • 135
  • I'm confused. It only works if you configure the security component? Why would you expect it to work if you didn't? – Reactgular Dec 20 '17 at 17:44
  • cgTag: We compromise with security features of Cakephp when configuring unlockedActions and UnlockedFields in the Security Components, i have seen this link https://stackoverflow.com/questions/10624311/cakephp-ajax-post-keeps-returning-400-bad-request/11222320 where it has been said that it should be working without any config options set but in my case it is not working. My main motive is to use ajax with security features enabled. Please give any solution to my problem – user3653474 Dec 20 '17 at 18:08
  • Why do you have a period character at the end of your field names in the form input commands? – Reactgular Dec 20 '17 at 19:57
  • Does [this question](https://stackoverflow.com/questions/45123481/sending-form-via-ajax-in-cakephp-3-4-with-crsf-and-security-components-enabled/45163510#45163510) help? – Greg Schmidt Dec 21 '17 at 03:50
  • @cgTag: It is array type field that's why i put period character at the end of field names. – user3653474 Dec 21 '17 at 03:51
  • @GregSchmidt: Thanks for the link i will try and let u know whether it is working or not. – user3653474 Dec 21 '17 at 03:53
  • There's also [this](https://stackoverflow.com/questions/44454785/how-to-define-csrf-token-in-ajax-call-in-cakephp-3-also-how-csrf-can-be-off-for), also about the CSRF token, but a bit different approach. – Greg Schmidt Dec 21 '17 at 03:58

0 Answers0