问题
I have this code where I needed to store in a variable so I display it in view, I've tried different approach of packing the "Form header" and using CSRF is not working
$return = '<form method="post" action="/procurement/add-product">
'.{{ csrf_token() }}.'
<input type="hidden" name= "product_id" value=".$row->id.">
<input type="text" name="product_qty" class="form-control">
<button type="submit" class="btn btn-primary btn-block">Add Item</button>
</form>';
return $return;
Here is my route
Route::post('/procurement/add-product','ProductController@addProcurementProduct');
Here is the JAvascript part
<script type="text/javascript">
$(function() {
$('#procurement-table').DataTable({
processing: true,
serverSide: true,
ajax: '{{ url('procurement/get_procurement_datatable') }}',
columns : [
{data: 'id', name: 'id'},
{data: 'po_number', name: 'po_number'},
{data: 'action', searchable: false, orderable: false},
{data: 'created_at', name: 'created_at'},
{data: 'updated_at', name: 'updated_at'}
]
});
});
</script>
回答1:
I've added missing hidden field csrf_token() which is require while submit and authorize form submission at laravel.
$return = '<form method="post" action="{{ action('ProcurementController@update', $details->id) }}">
<input name="_token" type="hidden" value="{{ csrf_token() }}"><!--Added csrf missing field-->
<input name="_method" type="hidden" value="PATCH">
<input type="text" name="product_qty" class="form-control">
<button type="submit" class="btn btn-primary btn-block">Add Item</button>
</form>';
回答2:
You need to declare your action like this :
<form method="PUT" action="{{ route('product.update', $details->id) }}">
Check this : https://laravel.com/docs/5.4/controllers#resource-controllers
Maybe you will have to add the csrf_token to your form.
or you can do with Blade Form https://laravelcollective.com/docs/5.0/html :
{!! Form::open(array('url' => route('product.update', $details->id), 'method' => 'PUT') !!}
<input>
<input>
{!! Form::close() !!}
edit : You have to use PUT/PATCH method to your form (see the link about resource controllers)
回答3:
Return the form to another blade like view/products/datatables.blade.php
Example: The controller should looks like:-
public function getproducts()
{
$product = Product::all(); //Product is Model name
return Datatables::of($product)
->addColumn('action', function($product)
{
return view('product.datatables', compact('product'))->render();
})->make(true);
}
And the view should look as below:
<a href="{{ route('product.edit', ['$id' => $product->id]) }}" class="btn btn-success btn-sm">Edit</a>
<form action="/product/{{ $product->id }}" method="post" id="deleteForm">
{{ method_field('DELETE') }}
{{ csrf_field() }}
<button class="btn btn-danger btn-sm" type="submit">Delete</button>
</form>
It will work just fine. Because the mustache {{}} can't be read in the controller. We redirect the things to the blade
来源:https://stackoverflow.com/questions/45833401/csrf-on-yajra-datatable-laravel5-5-not-working