Login with ajax return invalid token - Joomla! Forum - community, help and support

-

i'm editing login module , i'm little problem.

well, i'm gonna explain idea:
- user fill form fields , press ok.
- made ajax and, if , error occur, showed inside div created on module.
- if error doesn't occur, form submited.

if operation succesfull, login controller method of com_user, acessed twice:
once ajax validation e other time trought default submit of form.


the codes:

when press ok called javascript function:

code: select all

function validalogin() {
   var form = document.login;

   //define parametros
   var p = "username=" + form.username.value;
   p += "&passwd=" + form.passwd.value;
   p += "&option=" + form.option.value;
   p += "&task=" + form.task.value;
   var nome_token = document.getelementbyid('nome_token').value;
   var token_value = document.getelementsbyname(nome_token)[0].value;
   p += "&" + nome_token + "=" + token_value;
   p += "&viaajax=1";
   
   ajaxuser(p, '_login');
}


i gave brazilian way can pass token in right way :d
the function ajaxuser receive parameters , sufix (to, after, know show error, etc.).

in case parameters are:
username=teste&passwd=senha&option=com_user&task=login&83bb0191678c03f9e64e93dd714deddd=1&viaajax=1

according login method, these unique datas need pass.

now, arriving controller login method...
i edited original method this:

code: select all

function login()
   {
      // check request forgeries
      jrequest::checktoken('request') or jexit( 'invalid token' );

      global $mainframe;

      if ($return = jrequest::getvar('return', '', 'method', 'base64')) {
         $return = base64_decode($return);
         if (!juri::isinternal($return)) {
            $return = '';
         }
      }

      $viaajax = jrequest::getint('viaajax');

      $options = array();
      $options['remember'] = jrequest::getbool('remember', false);
      $options['return'] = $return;

      $credentials = array();
      $credentials['username'] = jrequest::getvar('username', '', 'method', 'username');
      $credentials['password'] = jrequest::getstring('passwd', '', 'post', jrequest_allowraw);

      //preform login action
      $error = $mainframe->login($credentials, $options);

      if(!jerror::iserror($error))
      {
         if($viaajax) {
            echo "";
            $mainframe->close();
         }
         elseif ( ! $return ) {// redirect if return url not registration or login
            $return   = 'index.php?option=com_user';
         }

         $mainframe->redirect( $return );
      }
      else
      {//error
         echo $error->getmessage();
         $mainframe->close();
      }
   }


now, doubt:
on first time method acessed ajax. happens perfectly. if return of method empty string, javascript gives submit() on form. on submit time method called returns message invalid token. but, token submited togheter.

what may happening?

thanks all, hugs!

hi,

did find solution this? facing same problem , can't workout "invalid token" being returned from.

cheers





Comments

Post a Comment

Popular posts from this blog

Joomla site hacked, cant see front and - Joomla! Forum - community, help and support

-
hi all; here thing: i went see site because haven't visited week or 2 , surprised when saw white page some provocation written on tab , acronym of attacker on page. i log on ftp server see if files there , found vital data remind safe. i tried put site off line got same hackers index.html file displaying when press "preview" button in joomla admin. deleted index.html file , tried check offline site option again. time got offline page. but problem resumes when put site online... white page, nothing else written. site date, , joomla updated v. 1.5.10 few days back. virtuemart commponent installed, newest v. 1.1.3 do need install fresh joomla copy , overwrite files previous including data base, or can avoid job fixing index.html on front end. i didn't make backup copy of site, i'll if not working save date in case potential hacker delete server... any suggestions? check template index.html file (edit html in template manager active template) usual source of hacking...
Read more

Christian Home School Programs - Joomla! Forum - community, help and support

-
Image
hello guys, (my first custom template) i got son in accelerated christian home school program. they did not have web site designing , hosting cover fees in trade. website: christian home school programs i've not got content published... the graphics imagination i've installed jumi i have directphp installed mostly custom css layout , i've used css purity seo, christian home shool - 200 million+ organics i have optimized code behind visual design crawlers. any thoughts / recommendations? i'm new custom templating in joomla ears open gurus of joomla richard hey, well done on first custom template. i don't background... @ all. think should going more professional look, maybe isnt repeating on both x , y axis, , isnt shade of blue. as far content goes, there isnt much... site performance good. good luck tim Board index Joomla! Official Sites & Infrastructure Sites & Infrastructure - Feedback/Information ...
Read more

Trouble with PF_OutFlag_I_USE_AUDIO and PF_CHECKOUT_LAYER_AUDIO

-
i trying render graphical representation of layer's audio waveform. have seen this similar thread , problem checking out audio, cannot far.   in globalsetup function set out_flags thus..   out_data-> out_flags = pf_outflag_i_use_audio;   but in pf_cmd_frame_setup function, , pf_cmd_render function ( pf_cmd_smart_pre_render pf_cmd_smart_render)   the pf_indata src_snd structure empty , in_data->start_sampl == 0, in_data->dur_sampl == 0, in_data->total_sampl == 0     i missing something, appreciate guidance,   thanks   steve (london, uk - adobe plugin developers nearby?) More discussions in After Effects SDK adobe
Read more