How can we check in Laravel 5.2 if a request is a valid ajax request. In codeigniter ,we could check it like $this->input->is_ajax_request(). Does, Laravel 5.2 has something similar?
Also, I would like to know that how can we validate a request for csrf token. Is it fine if I let my webpage render through the 'web' middleware generating a csrf token and then pass this token as ajax request parameter? Would Laravel take care of validating the token or is there an alternate way around this?
I have checked the laravel 5.2 documentation, and since this is the first time I am dealing with laravel framework, it seems like the documentation assumes that the reader already has a familiarity with earlier versions of the framework. To a new comer like me this is little overwhelming.
Thanks in advance. Please let me know if you need more inputs from me.
Prakhar
I think this may help you to undestand a very basic way of using AJAX with Laravel.
It's a really old piece of code, but it works jajajaja
Controller side:
/**
* #param Request $request
* #return \Illuminate\Http\JsonResponse
*/
public function getRamos(Request $request)
{
$check = Ramo::find($request->input('ramo'));
$subramos = Subramo::where('ramo_id', $check->id)->get(['nombre_subramo']);
if($request->ajax()){
return response()->json([
'subramos' => $subramos
]);
}
}
In the front:
<script>
$(document).ready(function(){
$('#ramo').change(function(){
var ramo, token, url, data;
token = $('input[name=_token]').val();
ramo = $('#ramo').val();
url = '{{route('getRamos')}}';
data = {ramo: ramo};
$('#subramos').empty();
$.ajax({
url: url,
headers: {'X-CSRF-TOKEN': token},
data: data,
type: 'POST',
datatype: 'JSON',
success: function (resp) {
$.each(resp.subramos, function (key, value) {
$('#subramos').append('<option>'+ value.nombre_subramo +'</option>');
});
}
});
});
});
</script>
Considering "#ramo" as a select input and in use of the style / html package where the token is passed as a hidden input.
In Laravel 5.2 (I hope any body get help from this code for Ajax)
Get ajax request in function , two examples of function is under:
First Example
public function getLev() {
if (!Request::ajax())
return false;
$result = Input::all();
$lev_id = (int) $result['lev_id'];
$invoiceid = (int) $result['invoiceid'];
return SuppliersController::getLev($invoiceid,$lev_id);//you can do any thing with your variables
//function is working in my case, you case take idea from this function
}
Second Example
public function deleteInvoice() {
if (Request::ajax()) {
$data = Input::all();
return delete_invoice($data['invoice_id'], $data['reason_text']);//you can do any thing with your variables
}
return false;
//function is working in my case, you case take idea from this function
}
Include these files on top of the page/controller where you write above ajax related functions:
use Illuminate\Support\Facades\Input;
use Illuminate\Support\Facades\Request;
How can we check in Laravel 5.2 if a request is a valid ajax request. In codeigniter ,we could check it like $this->input->is_ajax_request(). Does, Laravel 5.2 has something similar?
The Request class has an ajax() function, so $request->ajax() or Request::ajax() (depending on how you're getting the request in your controller) will do the trick.
Also, I would like to know that how can we validate a request for csrf token. Is it fine if I let my webpage render through the 'web' middleware generating a csrf token and then pass this token as ajax request parameter? Would Laravel take care of validating the token or is there an alternate way around this?
Yes, pass the token with the AJAX call and make sure your routes have the CSRF middleware (try a request without a token - it should throw an error). Examples are in the docs for this: https://laravel.com/docs/5.2/routing#csrf-x-csrf-token
Anytime you define a HTML form in your application, you should include a hidden CSRF token field in the form so that the CSRF protection middleware will be able to validate the request.
To generate a hidden input field _token containing the CSRF token, you may use the csrf_field helper function:
So to use AJAX request with POST method, you need to pass hidden CSRF token field along with ajax data:
<script>
var token="<?php echo csrf_token(); ?>";
$.ajax({
url:url,
method:'POST',
data:{
'_token':token,
'id':1
}
})
</script>
Related
I am creating APIs into laravel 5.6 for angular.
Form data is sending to API with OPTIONS method.
How can I get this data into the controller?
I have tested like this.
jquery ajax
$.ajax({
url:'domain.com/laravel_app/api/register_user',
type:"options",
dataType:'json',
data:{name:'Joe'},
success:function(r)
{
console.log(r);
}
})
Laravel route
Route::match(['post', 'options'], '/register_user/', 'UserController#register_user');
Laravel controller
public function register_user(Request $request)
{
print_r($request->all());
$arr1['status']='SUCCESS';
return json_encode($arr1);
}
All is working fine with "post" method but not with "options"
This seems to be an issue with jQuery ignoring the spec on the OPTIONS verb and sending your data as the request body.
You should be able to bypass this by doing:
$.ajax({
url:'domain.com/laravel_app/api/register_user?'+$.param({name: 'Joe'}),
type:"options",
dataType:'json',
success:function(r)
{
console.log(r);
}
})
However keep in mind that according to the spec:
The HTTP OPTIONS method is used to describe the communication options for the target resource.
What you are using this request here does not seem to be used to describe communication options for the target resource so you should not be using the OPTIONS method for this.
I am currently working on a project which requires a WordPress website and a simple REST api. I discovered that WordPress has its own REST api and decided to extend its functionality to meet my needs. All I need to do is to have endpoints for GET and POST requests that retrieve/insert data from/to a table which is not directly related to WordPress (but in the same database). I successfully implemented all GET requests, however, I am struggling to get the POST ones working.
I have this route register defined:
register_rest_route('api/v1', 'create-player/', array(
'methods' => 'POST',
'callback' => 'create_player',
));
The client sends a request through ajax call which is expected to hit the endpoint from the route above. This is the ajax:
$.ajax({
method: "POST",
url: '/wp-json/api/v1/create-player/',
data : JSON.stringify(data),
contentType: 'applcation/json',
beforeSend: function (xhr){
xhr.setRequestHeader("X-WP-None", locData.nonce);
console.log('beforeSend');
},
success: function(response){
console.log("success" + response);
},
fail: function (response){
console.log("fail" + response);
}
});
I am not sure how to build the POST route register from the REST api, the other GET requests have an attribute args that map directly to the parameters passed in the endpoint. Do I need something like that to handle the request data when using POST? How do I get the data type passed from the ajax and then use it in my function create_player(); The WP REST API documentation seems to be incomplete and all of the information I found uses endpoints for built-in WordPress features such as posts/authors/blogs etc. but I don't need that, I just want to use the provided functionality and create my own interface. Thank you.
in your callback function you can use something like this:
$param = $request->get_param( 'some_param' );
// You can get the combined, merged set of parameters:
$parameters = $request->get_params();
https://www.coditty.com/code/wordpress-api-custom-route-access-post-parameters
Finally found it! In order to access the body of the POST request use $request->get_body(); in your register_rest_route callback method.
Add POST in methods while registering route and in your callback function access your POST variables via $request array. That's it.
I've been trying to send ajax request to my laravel backend from my framework7 frontend using ajax.
$.ajax({
url: 'localhost:8000/server_file/grabtracks',
data: {task: "tracks"},
method: 'get',
async: false,
}).done(function(data) {
grabbedTracks = data;
});
Here is the code on my Laravel 5.4 routes
Route::get('/grabtracks', 'HomeController#grab_track');
And here is from my controller
public function grab_track()
{
$tracks = Track::all('id','title','location','price','track_file','track_img');
return response()->json($tracks);
}
I've disabled the CSRF tokens for the meantime, but i keep getting
Unauthorized error from my request
I'm at a loss, i've tried searching but only angularJS and laravel comes up.
It's probably your Controller has Auth middleware in your constructor remove the middleware and everything should work fine:
So you can remove this instructor or modify it to web auth:
public function __construct()
{
$this->middleware('auth');
}
I'm trying to make a DELETE request within a Laravel app using ajax
I have a function to make the request - using the right verb - to a resource but keeps coming up method not allowed:
Here's my ajax request:
$.ajax({
type: 'DELETE',
url:'/user/58',
data: {
'_method': 'DELETE',
'id': id
},
dataType: 'json',
success: function (data) {
// do something with ajax data
if (data.result) {
return true;
}
return false;
},
error: function (xhr, ajaxOptions, thrownError) {
console.log('error...', xhr);
return false;
//error logging
},
complete: function () {
//afer ajax call is completed
}
});
id is supplied within a function and for the test is 58.
Watching the network panel in Chrome I can see it starts with the expected url of user/58 but then quickly gets shortened to user
I know that to get the resource route to pick up the request it needs to be user/58 and the method DELETE so it will go to the destroy method and because of this it is being routed to the Index method which expects a GET request hence the method not allowed.
Why is my request url being changed?
What is the correct approach to make a DELETE request in Laravel?
Thanks
Edit:
Here's my route:
Route::group( [ 'middleware' => [ 'auth' , 'admin' ] ] , function ()
{
Route::resource( 'user' , 'UserController' );
} );
The csrf token is being taken care of in the headers - fairly certain this isn't the cause of problem as I do not get an invalid token exception
$.ajaxSetup({
headers: {
'X-CSRF-TOKEN': $('meta[name="csrf-token"]').attr('content')
}
});
Thanks
Two possible things that can happen here, I need to write this in a longer post than a comment so hopefully I got it right.
First thing that pops in my mind is an auth check that fails while doing the ajax request. At least I would redirect you back to the main resource if you wouldn't have enough rights.
However, my second guess is maybe even more likely. Have you thought of the X-CSRF-TOKEN that you need to send with an ajax request? See https://laravel.com/docs/5.2/routing#csrf-x-csrf-token
From the docs:
In addition to checking for the CSRF token as a POST parameter, the Laravel VerifyCsrfToken middleware will also check for the X-CSRF-TOKEN request header. You could, for example, store the token in a "meta" tag:
<meta name="csrf-token" content="{{ csrf_token() }}">
Once you have created the meta tag, you can instruct a library like jQuery to add the token to all request headers. This provides simple, convenient CSRF protection for your AJAX based applications:
$.ajaxSetup({
headers: {
'X-CSRF-TOKEN': $('meta[name="csrf-token"]').attr('content')
}
});
Every time I try to make a POST request with jQuery I keep receiving back the 404 error.
This is the UserController.php:
class UserController extends BaseController {
public function signUp($username, $password, $email) {
$user = new User();
$user->setUsername($username);
$user->setPassword($password);
$user->setEmail($email);
return 'OK';
}
}
And this is the routes.php:
Route::get('/signup', function(){
return View::make('signup');
});
Route::post('/signup/{username}/{password}/{email}', 'UserController#signUp');
I always receive this error:
POST http://192.168.0.102/webname/public/signup 404 (Not Found)
Why is that? If I try to navigate to http://192.168.0.102/webname/public/signup the page is loaded and the signup form is shown.
You're are using a "GET" type route.
Let me explain.
If you want to use a route like /route/{something}/{different}
you have to manualy generate an URL matching that route.
URL::route('route', $something, $different)
Variable passed thought POST method are only available in the HTTP Headers.
So you can't call Route::post('/route/{variable}') by passing variable though POST method.
Only with Route::get().
To get your variable with POST use
Input::get('your_variable_name')
in your controller action.
Sorry for my bad english... A little bit tired, and I'm french too !
You are defining
Route::post('/signup/{username}/{password}/{email}', 'UserController#signUp');
But trying to access: /webname/public/signup.
That pattern does not exist for POST, but just for GET.
I had some troubles that were related to this discussion and in my opinion did not merit their own post: jQuery post requests kept getting handled by my Laravel get controller.
My routes:
Route::controller('/test','TestController');
In my view :
<script>
$(document).ready(function() {
jQuery.ajax({
type:'post',
url: '/test/x/',
success: function (response) {
alert(response);
}
});
});
</script>
My Controller:
public function getX() {
return 'Get';
}
public function postX() {
return 'Post';
}
On page load, I expected to see an alert reading "Post"... but instead I kept seeing "Get". Laravel was routing the post request to the get controller.
Solving this had to do with the trailing slash. Apparently, Laravel interpreted "/test/x/" as a GET route, but "/test/x" as a POST route. So the lesson is that Laravel routing can be subtle. Hope that helps clarify the discussion a bit.