#1
  1. A Change of Season
    Devshed Frequenter (2500 - 2999 posts)

    Join Date
    Mar 2004
    Location
    Next Door
    Posts
    2,664
    Rep Power
    171

    Jquery $.post not working


    Hi;

    Why doesn't this Jquery code work?

    It does alert, but it does not refresh the div content!
    javascript Code:
    <script type="text/javascript">
    			function shortlist(h_id)
    				{
    					alert(h_id);
    					$.post('http://www.google.com', { h_id: h_id},function(output){$('#short_list').html(output).show();});
    				}
     
    	</script>
    html Code:
    <div style="margin:40px"><a onclick="shortlist(4);">ttttt</a>
    <div id="short_list">-</div></div>
    Thank you
  2. #2
  3. No Profile Picture
    Contributing User
    Devshed Novice (500 - 999 posts)

    Join Date
    Oct 2009
    Location
    Nebraska, USA
    Posts
    875
    Rep Power
    275
    Taken from the jQuery.post() API Documentation

    Due to browser security restrictions, most "Ajax" requests are subject to the same origin policy; the request can not successfully retrieve data from a different domain, subdomain, or protocol.
  4. #3
  5. --
    Devshed Expert (3500 - 3999 posts)

    Join Date
    Jul 2012
    Posts
    3,959
    Rep Power
    1014
    Hi,

    you should actually get a big warning in your JavaScript console. Have you checked it?

    Think about it: If any website could make arbitrary requests with our browser, we'd have a problem. People could buy things with our Amazon account, transfer money from our PayPal account or read our emails with our webmailer. Not good.

    To prevent this, websites generally can't access other websites through JavaScript. Actually, it mustn't even be possible to make such requests with classical HTML forms. If your own website allows that, then it's vulnerable to cross-site request forgery.

    If you wanna send requests to other websites, you have to do that from your server. In case the target domain is under your control, it's also possible to get limited cross-site access through techniques like JSONP.
    The 6 worst sins of security ē How to (properly) access a MySQL database with PHP

    Why canít I use certain words like "drop" as part of my Security Question answers?
    There are certain words used by hackers to try to gain access to systems and manipulate data; therefore, the following words are restricted: "select," "delete," "update," "insert," "drop" and "null".
  6. #4
  7. A Change of Season
    Devshed Frequenter (2500 - 2999 posts)

    Join Date
    Mar 2004
    Location
    Next Door
    Posts
    2,664
    Rep Power
    171
    Thanks guys
    Last edited by English Breakfast Tea; December 15th, 2013 at 02:48 AM.
  8. #5
  9. A Change of Season
    Devshed Frequenter (2500 - 2999 posts)

    Join Date
    Mar 2004
    Location
    Next Door
    Posts
    2,664
    Rep Power
    171
    Ok;

    I faced a small issue would you please help


    The problem initially started when I changed the value of $config['csrf_protection'] = FALSE; to $config['csrf_protection'] = TRUE; in Codeigniter's config file. And I changed my code to
    javascript Code:
    function shortlist(h_id)
    				{
    					alert(h_id);
    					$.post('http://test.goldcoast-flatmates.com/home', { h_id: h_id, <?php echo $this->security->get_csrf_token_name();?>: <?php echo $this->security->get_csrf_hash();?>},function(output){$('#short_list').html(output).show();});
    				}
    which generates:
    javascript Code:
    function shortlist(h_id)
    				{
    					alert(h_id);
    					$.post('http://test.goldcoast-flatmates.com/home', { h_id: h_id, csrf_GCFEL: b9a5f0aef1fb950b834b081491e59ec4},function(output){$('#short_list').html(output).show();});
    				}
    And this creates the error below and so the code does not work:
    b9a5f0aef1fb950b834b081491e59ec4 is not defined menu.
  10. #6
  11. Wiser? Not exactly.
    Devshed God 1st Plane (5500 - 5999 posts)

    Join Date
    May 2001
    Location
    Bonita Springs, FL
    Posts
    5,947
    Rep Power
    4033
    Your token needs to be enclosed within quotes because it is a string value.

    By not enclosing it in quotes it is being interpreted as a variable name and since no variable exists with that name you are getting that error. If your token happened to start with a number rather than a letter you'd get a syntax error instead.
    Recycle your old CD's, don't just trash them



    If I helped you out, show some love with some reputation, or tip with Bitcoins to 1N645HfYf63UbcvxajLKiSKpYHAq2Zxud
  12. #7
  13. A Change of Season
    Devshed Frequenter (2500 - 2999 posts)

    Join Date
    Mar 2004
    Location
    Next Door
    Posts
    2,664
    Rep Power
    171
    Originally Posted by kicken
    Your token needs to be enclosed within quotes because it is a string value.

    By not enclosing it in quotes it is being interpreted as a variable name and since no variable exists with that name you are getting that error. If your token happened to start with a number rather than a letter you'd get a syntax error instead.
    Thank you

IMN logo majestic logo threadwatch logo seochat tools logo