如何修复单页php ajax codeigniter中的csrf问题
我使用的是codeigniter 3,这里有个问题,如果我使用CSRF,如何修复我的代码。因为我只想在codeigniter中查看一个页面操作 这是我的控制器代码:如何修复单页php ajax codeigniter中的csrf问题,php,jquery,ajax,codeigniter-3,csrf,Php,Jquery,Ajax,Codeigniter 3,Csrf,我使用的是codeigniter 3,这里有个问题,如果我使用CSRF,如何修复我的代码。因为我只想在codeigniter中查看一个页面操作 这是我的控制器代码: public function index() { # code untuk menampilkan Database Rotator $this->data['partial_head'] = ' <!-- DataTables --> <link rel="sty
public function index()
{
# code untuk menampilkan Database Rotator
$this->data['partial_head'] = '
<!-- DataTables -->
<link rel="stylesheet" href="'.base_url('assets').'/plugins/datatables-bs4/css/dataTables.bootstrap4.min.css">
<link rel="stylesheet" href="'.base_url('assets').'/plugins/datatables-responsive/css/responsive.bootstrap4.min.css">
<link rel="stylesheet" href="'.base_url('assets').'/plugins/datatables-buttons/css/buttons.bootstrap4.min.css">';
$this->data['partial_body'] = '
<!-- DataTables & Plugins -->
<script src="'.base_url('assets').'/plugins/datatables/jquery.dataTables.min.js"></script>
<script src="'.base_url('assets').'/plugins/datatables-bs4/js/dataTables.bootstrap4.min.js"></script>
<script src="'.base_url('assets').'/plugins/datatables-responsive/js/dataTables.responsive.min.js"></script>
<script src="'.base_url('assets').'/plugins/datatables-responsive/js/responsive.bootstrap4.min.js"></script>
<!-- jquery-validation -->
<script src="'.base_url('assets').'/plugins/jquery-validation/jquery.validate.min.js"></script>
<script src="'.base_url('assets').'/plugins/jquery-validation/additional-methods.min.js"></script>
<!-- Custom JS -->
<script src="'.base_url('assets').'/dist/js/customJs/rotator-admin.js"></script>
';
$this->data['content'] = 'rotator/index';
$this->template->_render_page('layout/main',$this->data);
}
public function get_dataTable()
{
# code untuk menampilkan tabel ajax
$draw = intval($this->input->get("draw"));
$start = intval($this->input->get("start"));
$length = intval($this->input->get("length"));
$query = $this->model->getAllData('rotator');
$data = [];
$no = 1;
foreach($query->result() as $row) {
$data[] = array(
$no++,
'+'.htmlentities($row->nomor_hp, ENT_QUOTES, "UTF-8"),
htmlentities($row->pesan, ENT_QUOTES, "UTF-8"),
htmlentities($row->jml_perulangan, ENT_QUOTES, "UTF-8").' kali',
($row->status_aktif==1)?
'<div class="custom-control custom-switch">
<input type="checkbox" class="custom-control-input btn-aktif" name="aktif" id="'.encryptor('encrypt', $row->id_rotator).'" checked>
<label class="custom-control-label label-aktif" for="'.encryptor('encrypt', $row->id_rotator).'">Aktif</label>
</div>':'<div class="custom-control custom-switch">
<input type="checkbox" class="custom-control-input btn-aktif" name="aktif" id="'.encryptor('encrypt', $row->id_rotator).'">
<label class="custom-control-label label-aktif" for="'.encryptor('encrypt', $row->id_rotator).'">Non Aktif</label>
</div>',
'<a href="#" class="btn btn-warning btn-circle mr-1 btn-edit" id="'.encryptor('encrypt', $row->id_rotator).'" data-toggle="modal" data-target="#exampleModal"><i class="fas fa-edit"></i></a>
<a href="#" class="btn btn-danger btn-circle mr-1 btn-hapus" id="'.encryptor('encrypt', $row->id_rotator).'"><i class="fas fa-trash"></i></a>'
);
}
$result = array(
'draw' => $draw,
'recordsTotal' => $query->num_rows(),
'recordsFiltered' => $query->num_rows(),
'data' => $data
);
echo json_encode($result);
exit();
}
public function getByDataId($id = null)
{
# code untuk menampilkan Data Himpunan jika tombol edit di klik
$where = ['id_rotator' => encryptor('decrypt', $id)];
$hasil = $this->model->whereData($where, 'rotator')->row();
$data = [
'handphone' => $hasil->nomor_hp,
'pesan' => $hasil->pesan,
'isAktif' => $hasil->status_aktif,
'diulang' => $hasil->jml_perulangan,
'id' => $id
];
echo json_encode($data);
}
public function tambah_data()
{
# code untuk menambahkan data baru
$this->form_validation->set_rules('handphone', 'Nomor Handphone', 'trim|required|is_numeric|is_unique[rotator.nomor_hp]');
$this->form_validation->set_rules('pesan', 'Pesan', 'trim|required');
$this->form_validation->set_rules('diulang', 'Jumlah Perulangan', 'trim|required|is_numeric');
$this->form_validation->set_rules('isAktif', 'is Aktif', 'trim|numeric');
if ($this->form_validation->run() == FALSE) {
echo json_encode([
'alert_error' => validation_errors()
]);
} else {
$nomorHp = $this->input->post('handphone', true);
$pesan = $this->input->post('pesan', true);
$perulangan = $this->input->post('diulang', true);
$isAktif = !empty($this->input->post('isAktif', true)) ? 1 : 0;
$data = [
'nomor_hp' => $nomorHp,
'pesan' => $pesan,
'status_aktif' => $isAktif,
'jml_perulangan' => $perulangan,
];
if ($this->model->insertData($data, 'rotator')) {
echo json_encode([
'alert_success' => 'Data berhasil ditambahkan!',
'status' => TRUE
]);
} else {
echo json_encode([
'alert_success' => 'Data gagal ditambahkan!',
'status' => FALSE
]);
}
}
}
public function edit_data()
{
# code untuk mengubah Data
$this->form_validation->set_rules('handphone', 'Nomor Handphone', 'trim|required|is_numeric');
$this->form_validation->set_rules('pesan', 'Pesan', 'trim|required');
$this->form_validation->set_rules('diulang', 'Jumlah Perulangan', 'trim|required|is_numeric');
$this->form_validation->set_rules('isAktif', 'is Aktif', 'trim|numeric');
if ($this->form_validation->run() == FALSE) {
echo json_encode([
'alert_error' => validation_errors()
]);
} else {
$nomorHp = $this->input->post('handphone', true);
$pesan = $this->input->post('pesan', true);
$perulangan = $this->input->post('diulang', true);
$isAktif = !empty($this->input->post('isAktif', true)) ? 1 : 0;
$data = [
'nomor_hp' => $nomorHp,
'pesan' => $pesan,
'status_aktif' => $isAktif,
'jml_perulangan' => $perulangan,
];
$id = $this->input->post('idRotator', true);
if($this->model->updateData(['id_rotator' => encryptor('decrypt', $id) ], $data, 'rotator')){
echo json_encode([
'alert_success' => 'Data berhasil diubah!',
'status' => TRUE
]);
} else {
echo json_encode([
'alert_error' => 'Data Gagal diubah!',
'status' => FALSE
]);
}
}
}
public function hapus_data($id = null)
{
# code untuk menghapus Data Himpunan
$where = ['id_rotator' => encryptor('decrypt', $id)];
$this->model->deleteData($where, 'rotator');
echo json_encode([
'status' => TRUE
]);
}
public function aktif_handphone($id = null)
{
# code untuk mengaktifkan handphone
$this->form_validation->set_rules('aktif', 'Aktif Handphone', 'trim|is_numeric');
if ($this->form_validation->run() == FALSE) {
echo json_encode([
'alert_error' => validation_errors()
]);
} else {
$data = [
'status_aktif' => $this->input->post('aktif',true)
];
if($this->model->updateData(['id_rotator' => encryptor('decrypt', $id)], $data, 'rotator')){
echo json_encode([
'alert_success' => 'Data berhasil diubah!',
'status' => TRUE
]);
}
}
}
<table class="table table-bordered table-sm table-striped table-hover" id="dataTable"
width="100%" cellspacing="0">
<thead>
<tr>
<th>No.</th>
<th>Nomor HP</th>
<th>Pesan</th>
<th>Jumlah Diulang</th>
<th>Status</th>
<th width="12%">#</th>
</tr>
</thead>
</table>
<!-- modal -->
<div class="modal fade" id="exampleModal">
<div class="modal-dialog">
<div class="modal-content">
<div class="modal-header">
<h4 class="modal-title"></h4>
<button type="button" class="close btn-tutup" data-dismiss="modal" aria-label="Close">
<span aria-hidden="true">×</span>
</button>
</div>
<form class="form-horizontal" action="" id="myForm" method="post" accept-charset="utf-8">
<div class="modal-body">
<div class="form-group row">
<label for="handphone" class="col-sm-4 col-form-label">Nomor Hp</label>
<div class="col-sm-8 inputan">
<input id="handphone" name="handphone" type="text" pattern="\d*" maxlength="13"
onkeypress="return isNumber(event)" class="form-control">
</div>
</div>
<div class="form-group row">
<label for="pesan" class="col-sm-4 col-form-label">Pesan Untuk Admin</label>
<div class="col-sm-8 inputan">
<textarea name="pesan" id="pesan" cols="30" rows="3" class="form-control"
style="resize: none;" maxlength="256"></textarea>
</div>
</div>
<div class="form-group row">
<label for="diulang" class="col-sm-4 col-form-label">Diulang Sebanyak</label>
<div class="col-sm-4 inputan">
<input id="diulang" name="diulang" type="text" pattern="\d*" maxlength="2" minlength="1"
min="1" max="10" onkeypress="return isNumber(event)" class="form-control">
</div>
<span class="col-sm-4 col-form-label">(x) kali</span>
</div>
<div class="form-group row">
<div class="col-4"></div>
<div class="col-8 inputan">
<div class="custom-control custom-checkbox custom-control-inline">
<input name="isAktif" id="checkbox_0" type="checkbox" class="custom-control-input"
value="1" required="required">
<label for="checkbox_0" class="custom-control-label">is Aktif</label>
</div>
</div>
</div>
<input id="idRotator" name="idRotator" type="hidden">
</div>
<div class="modal-footer justify-content-between">
<button type="button" class="btn btn-default btn-tutup" data-dismiss="modal">Tutup</button>
<button type="submit" class="btn btn-primary">Simpan</button>
</div>
</form>
</div>
<!-- /.modal-content -->
</div>
<!-- /.modal-dialog -->
</div>
<!-- /.modal -->
//tampilkan data di datatables
$(document).ready(function() {
resetForm()
table = $('#dataTable').DataTable({
"ajax": {
url: 'rotator/get-dataTable',
type: 'POST'
},
})
})
$(function () {
// validasi form sebelum di kirim
$('#myForm').validate({
rules: {
handphone: {
required: true,
},
pesan: {
required: true,
},
diulang: {
required: true,
min: 1,
max: 10
},
isAktif: {
required: false
}
},
messages: {
handphone: {
required: "Pastikan masukan nomor telp dengan kode negara, misal 62xxxxxxxxxxx"
},
pesan: {
required: "Inputan pesan tidak boleh kosong!"
},
diulang: {
required: "Input angka 1 sampai 10",
min: "Input angka minimal 1",
max: "Input angka maksimal 10"
}
},
errorElement: 'span',
errorPlacement: function (error, element) {
error.addClass('invalid-feedback');
element.closest('.inputan').append(error);
},
highlight: function (element, errorClass, validClass) {
$(element).addClass('is-invalid');
},
unhighlight: function (element, errorClass, validClass) {
$(element).removeClass('is-invalid');
},
// jika form di submit
submitHandler: function() {
var data = $('#myForm').serialize()
$('.btn-simpan').text('simpan...') //ganti text button
$('.btn-simpan').attr('disabled', true) //set button disable
var url
if (save_method == 'add') {
url = "rotator/tambah-data"
} else {
url = "rotator/edit-data"
}
$.ajax({
url: url,
type: 'POST',
data: data,
dataType: 'JSON',
success: function(data) {
if (data.status) {
toastr.success(data.alert_success)
$('#exampleModal').modal('hide')
reload_table()
resetForm()
} else {
var messages = data.alert_error.split("\n")
for(var i=0; i<messages.length - 1; i++)
toastr.error(messages[i])
}
$('.btn-simpan').text('Simpan') //ganti text button
$('.btn-simpan').attr('disabled', false) //set button enable
},
error: function(jqXHR, textStatus, errorThrown) {
toastr.error('Error ' + save_method + ' data')
$('.btn-simpan').text('Simpan') //ganti text button
$('.btn-simpan').attr('disabled', false) //set button enable
}
})
}
})
})
//fungsi jika tombol tutup di klik
$('.btn-tutup').on("click", function(e) {
e.preventDefault()
resetForm()
})
//fungsi jika tombol tambah di klik
$('.btn-tambah').on('click',function (e) {
e.preventDefault()
$('.modal-title').text('Tambah Data')
resetForm()
save_method = 'add'
})
//fungsi jika tombol edit di klik
$('#dataTable').on('click', '.btn-edit', function() {
$('.modal-title').text('Edit Data')
var url = "rotator/getByDataId/"
var id = this.id
save_method = 'update'
resetForm()
$.ajax({
url: url + id,
type: 'POST',
dataType: 'JSON',
success: function(data) {
$.each(data, function() {
$('[name="handphone"]').val(data.handphone)
$('[name="pesan"]').text(data.pesan)
$('[name="diulang"]').val(data.diulang)
if(data.isAktif>0){
$('input[name=isAktif]').attr('checked', 'checked')
} else {
$('input[name=isAktif]').removeAttr('checked')
}
$('[name="idRotator"]').val(data.id)
$('[name="idRotator"]').attr('readonly', true)
//console.log(data)
})
},
error: function(jqXHR, textStatus, errorThrown) {
//toastr.error('Gagal baca data dari ajax')
return false
}
})
})
//fungsi jika tombol hapus di klik
$('#dataTable').on('click', '.btn-hapus', function() {
var url = "rotator/hapus-data/"
var id = this.id
Swal.fire({
title: 'Yakin akan menghapus data?',
icon: 'question',
showDenyButton: true,
showCancelButton: false,
confirmButtonText: `Ya, Hapus`,
denyButtonText: `Tidak`,
}).then((result) => {
if (result.isConfirmed) {
$.ajax({
url: url + id,
type: 'POST',
dataType: 'JSON',
success: function(data) {
Swal.fire('Dihapus!', 'data berhasil dihapus.', 'success')
reload_table()
resetForm()
},
error: function(xhr, ajaxOptions, thrownError) {
Swal.fire('Hapus Gagal!', 'Coba lagi', 'error')
}
})
} else if (result.isDenied) {
Swal.fire('Aman..!', 'Data tidak jadi dihapus.', 'info')
}
})
})
//fungsi untuk aktivasi handphone
$('#dataTable').on('click', '.btn-aktif', function() {
var url = "rotator/aktif-handphone/"
var id = this.id
var aktif = $('input#'+ id +':checked').val() ? '1' : '0'
$.ajax({
url: url + id,
type: 'POST',
dataType: 'JSON',
data : {aktif:aktif},
success: function(data) {
toastr.success(data.alert_success)
reload_table()
},
error: function(xhr, ajaxOptions, thrownError) {
toastr.error(data.alert_error)
return false
}
})
})
//fungsi untuk reload dataTabel
function reload_table() {
table.ajax.reload(null, false)
}
//fungsi untuk cek hanya angka yang diinput
function isNumber(evt) {
evt = (evt) ? evt : window.event;
var charCode = (evt.which) ? evt.which : evt.keyCode;
if (charCode > 31 && (charCode < 48 || charCode > 57)) {
return false
}
return true
}
//fungsi untuk reset form
function resetForm() {
$('#myForm').find('input:checkbox').removeAttr('checked') //kosongkan chekbox
$('#myForm').find('input:text').val('') //kosongkan form input
$('#myForm').find('textarea').text('') //kosongkan text area
}
公共功能索引()
{
#数据库旋转器的代码
$this->data['partial_head']='
';
$this->data['partial_body']='
';
$this->data['content']='rotator/index';
$this->template->_render_页面('layout/main',$this->data);
}
公共函数get_dataTable()
{
#代码用于创建选项卡ajax
$draw=intval($this->input->get(“draw”);
$start=intval($this->input->get(“start”);
$length=intval($this->input->get(“length”);
$query=$this->model->getAllData('rotator');
$data=[];
$no=1;
foreach($query->result()作为$row){
$data[]=数组(
$no++,
“+”.htmlentities($row->nomor_hp,ENT_引号,“UTF-8”),
htmlentities($row->pesan,ENT_引号,“UTF-8”),
htmlentities($row->jml_perulangan,ENT_引号,“UTF-8”).“kali”,
($row->status_aktif==1)?
'
阿克提夫
':'
非Aktif
',
'
'
);
}
$result=数组(
“draw”=>draw美元,
'recordsTotal'=>$query->num_rows(),
'recordsFiltered'=>$query->num_rows(),
“数据”=>$data
);
echo json_编码($result);
退出();
}
公共函数getByDataId($id=null)
{
#将数据转换为可编辑数据的代码
$where=['id\u rotator'=>encryptor('decrypt',$id)];
$hasil=$this->model->whereData($where,'rotator')->row();
$data=[
“手机”=>hasil->nomor\u hp,
“pesan”=>hasil->pesan,
'isAktif'=>hasil->status\u aktif,
‘diulang’=>hasil->jml_perulagan,
'id'=>$id
];
echo json_编码($data);
}
公共函数tambah_data()
{
#获取数据baru的代码
$this->form_validation->set_rules('handphone'、'Nomor handphone'、'trim | required |是数字的|是唯一的[rotator.Nomor_hp]);
$this->form_validation->set_规则('pesan','pesan','trim | required');
$this->form_validation->set_rules('diulang','Jumlah perulagan','trim | required | is_numeric');
$this->form|u validation->set|u rules('isAktif','is Aktif','trim | numeric');
如果($this->form\u validation->run()==FALSE){
回声json_编码([
“警报错误”=>验证错误()
]);
}否则{
$nomorHp=$this->input->post('handphone',true);
$pesan=$this->input->post('pesan',true);
$perulangan=$this->input->post('diulang',true);
$isAktif=!empty($this->input->post('isAktif',true))?1:0;
$data=[
“nomor_hp”=>nomorHp美元,
'比桑'=>美元比桑,
'status_aktif'=>isAktif美元,
“jml_perulangan”=>$perulangan,
];
如果($this->model->insertData($data,'rotator')){
回声json_编码([
“警报成功”=>“数据错误!”,
“状态”=>TRUE
]);
}否则{
回声json_编码([
“警报成功”=>“数据gagal ditambahkan!”,
“状态”=>FALSE
]);
}
}
}
公共函数编辑_数据()
{
#获取数据的代码
$this->form|u validation->set|u规则('handphone','Nomor handphone','trim | required | is|u numeric');
$this->form_validation->set_规则('pesan','pesan','trim | required');
$this->form_validation->set_rules('diulang','Jumlah perulagan','trim | required | is_numeric');
$this->form|u validation->set|u rules('isAktif','is Aktif','trim | numeric');
如果($this->form\u validation->run()==FALSE){
回声json_编码([
“警报错误”=>验证错误()
]);
}否则{
$nomorHp=$this->input->post('handphone',true);
$pesan=$this->input->post('pesan',true);
$perulangan=$this->input->post('diulang',true);
$isAktif=!empty($this->input->post('isAktif',true))?1:0;
$data=[
“nomor_hp”=>nomorHp美元,
'比桑'=>美元比桑,
'status_aktif'=>isAktif美元,
“jml_perulangan”=>$perulangan,
];
$id=$this->input->post('idRotator',true);
如果($this->model->updateData(['id\u rotator'=>encryptor('decrypt',$id)],$data,'rotator')){
回声json_编码([
“警报成功”=>“数据错误!”,
“状态”=>TRUE
]);
}否则{
回声json_编码([
“警报错误”=>“数据错误!”,
“状态”=>FALSE
]);
}
}
}
公共函数hapus_data($id=null)
{
#孟哈布斯数据希普南代码
$where=['id\u rotator'=>encryptor('decrypt',$id)];
$this->model->deleteData($where,'rotator');
回声json_编码([
“状态”=>TRUE
]);
}
公用功能aktif_手机($id=null)
{
#手机编码
$this->form|u validation->set_rules('aktif','aktif Handphone','trim|is|u numeric');
如果($this->form\u validation->run()==FALSE){
回声json_编码([
“警报错误”=>验证错误()
]);
}否则{
$data=[
'status_aktif'=>$this->input->post('aktif',true)
];
如果($this->model->updateData(['id\u rotator'=>encryptor('decr