OK - just an update.
The problem is not with the form->create + ajax->submit but rather
with the form->XXX_Control.
When producing the security token at least form->textarea is not
hashed correctly.
To get around it I found I can produce a text area using:
echo $form->input('message',array('label' => 'Enter Your Message',
'empty' => false,'type' => 'textarea'));
And the security problem was gone.
Hope this helps to someone else who encounter this in the future...
On Jun 6, 10:22 am, Ita <[EMAIL PROTECTED]> wrote:
> Hello,
> I have just encountered this problem.
> I'm trying to post the form via ajax.
> I just can't seem to get around the problem.
>
> I used form->create together with ajax->submit or plain HTML form tag
> with ajax->submit or ajax->form all of them fail in the security
> component.
>
> What combination should I use to submit the form in ajax?
>
> On May 24, 9:41 am, Mika <[EMAIL PROTECTED]> wrote:
>
> > Hey Larry,
>
> > It was more that I developed the site with 1.2 while it was still
> > changing a lot so I decided to keep the forms "pure". I will have a
> > look at converting them to helper calls and see how well it works with
> > what I have already.
>
> > One comment though is that you really should make the message more
> > pronounced (at least on debug mode) as the form would just stop
> > working and give back a totally blank screen, I had to set up a whole
> > XDebug session just to step through the application to see that the
> > actual post back was being blackholed. The result I was getting was a
> > blank page with the database trace, and even if I put statements like
> > die('here') in my action, it would never hit it so I was getting
> > pretty confused for a while ;)
>
> > Loving 1.2 though, and I can't wait for it to become stable.
>
> > Cheers,
> > Mladen (Mika)
>
> > On May 23, 4:20 pm, "Larry E. Masters aka PhpNut" <[EMAIL PROTECTED]>
> > wrote:
>
> > > Mika,
>
> > > If you are using hand-written forms you will need to follow the example
> > > here:https://trac.cakephp.org/changeset/4978toremoveany fields that are
> > > added by hand.
>
> > > Note when the security component is used you should still use the
> > > $form->create(); and the $form->submit(); if not your forms will not have
> > > the expected hidden fields and will be considered invalid anyway.
>
> > > Do you really like writing all the forms yourself or is there another
> > > reason
> > > you are not using the helper?
>
> > > --
> > > /**
> > > * @author Larry E. Masters
> > > * @var string $userName
> > > * @param string $realName
> > > * @returns string aka PhpNut
> > > * @access public
> > > */
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "Cake
PHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/cake-php?hl=en
-~----------~----~----~----~------~----~------~--~---
