Answer the question
In order to leave comments, you need to log in
S
S
Sergey Beloventsev2016-10-28 22:51:55
Sergey Beloventsev, 2016-10-28 22:51:55
What's up with csrf again?
have an idea
<?php use yii\helpers\Html;
use yii\widgets\ActiveForm; ?>
<?php $form = ActiveForm::begin(['options' => ['enctype' => 'multipart/form-data']]); ?>
<?= $form->field($model, 'files')->fileInput(); ?>
<div class="form-group">
<?= Html::submitButton( Yii::t('app','CREATE'), [ 'btn btn-primary']) ?>
</div>
<?php ActiveForm::end(); ?>which is rendered in this form
<form id="w0" action="/admin/gods/parser" method="post" enctype="multipart/form-data">
<input name="_csrf-backend" value="VUxobVRobngsYS8DbCAJNg8NBy5sDBpKeBUJLDMsXR5hYRw/LDoKAg==" type="hidden">
<div class="form-group field-parser-files has-success">
<label class="control-label" for="parser-files">Files</label>
<input name="Parser[files]" value="" type="hidden">
<input id="parser-files" name="Parser[files]" type="file">
<div class="help-block"></div>
</div>
<div class="form-group">
<button type="submit" 0="btn btn-primary">CREATE</button>
</div>
</form>I try to transfer the file, I get empty
Bad Request (#400)ones in the debugger
$_POST, $_FILES(as I understand it because of csrf) here is such a cookie_backendIdentity '423f79f516d6a8d78865449ca435c5647a7789a03ba248969a67d16769573572a:2:{i:0;s:16:\"_backendIdentity\";i:1;s:46:\"[6,\"VzbzK9z_E91wc53eZcpgR3zpCircJXzm\",1209600]\";}'
BACKENDSESSID '7ho5ksl3h1ruicmnpl4tum4df7'
_frontendIdentity '46fb95bc6a4f9a13529776ffe76bff408d289e768e2b28bcd0a6bda37d76304ca:2:{i:0;s:17:\"_frontendIdentity\";i:1;s:46:\"[6,\"VzbzK9z_E91wc53eZcpgR3zpCircJXzm\",1209600]\";}'
_csrf-backend '0103833d315b6d4786857f9eec26e1de752e73aaa8cfad01bd095e0628ce45c1a:2:{i:0;s:13:\"_csrf-backend\";i:1;s:32:\"y-Gn8HgNZAoC8dt2-YaAgD3f4-tRxRdz\";}'but to the
Request Bodyentire content of the file. do not tell me what I'm doing wrong here is the controller
public function actionParser()
{
$execelparser = new Parser();
if ($execelparser->load(Yii::$app->request->post())) {
$parsers = Yii::$app->request->post('Parsers');
$execelparser->files = UploadedFile::getInstance($execelparser, 'files');
$years = date('Y');
$mounts = date('m');
$path = 'files';
$files_to = TransliteratorHelper::process($execelparser->files->name, '', 'en');
if (file_exists(Yii::getAlias('@frontend/web/') . $path . '/' . $years . '/' . $mounts . '/')) {
} else {
mkdir(Yii::getAlias('@frontend/web/') . $path . '/' . $years . '/' . $mounts . '/', 0777, true);
}
foreach ($execelparser->files as $file) {
$files_to = TransliteratorHelper::process($execelparser->files->name, '', 'en');
if ($execelparser->upload($path, $years, $mounts, $files_to)) {
$xmlParse= $execelparser->XMLparses(Yii::getAlias('@frontend/web/').$path.'/'.$years.'/'.$mounts.'/'.$files_to);
}
}
return var_dump($files_to);
}else{
return $this->render('parser',[
'model' => $execelparser
]);
}here is the model
class Parser extends Model
{
public $files;
public function rules()
{
return [
[['files'], 'file', 'skipOnEmpty' => true, 'extensions' => 'xml, yml']
];
} [[+comments_count]] answer(s)
@Sergalas
M
Maxim Timofeev, 2016-10-31 @Sergalas
If there are problems with csrf, a data validation error appears (400), but at the same time, the post contains everything sent in the debugger. Since the csrf check happens after the request is received. So if the post is empty - most likely the trouble is in the server.
Or alternatively, you have js that catches the form submission and changes the post before it is sent to the server.
Similar questions
M
S
S
A
S
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question