[Koha] No CSRF token passed for POST
Alvaro Cornejo
cornejo.alvaro at gmail.com
Mon Oct 14 11:57:26 NZDT 2024
Hi,
I'm still trying to move a small web page to capture some data an put it
into a new table into Koha (24.05.04)
If I run each of the scripts from CLI using dummy data, it works fine,
however if I call it from a page created in Koha under staff interface, I
ca get some parts working, however when using POST to save changes in the
table, I get the following error message:
Programming error - No CSRF token passed for POST
http://192.168.0.92:8080/intranet/celacp/edit_save.pl (referer:
http://192.168.0.92:8080/cgi-bin/koha/celacp/edit.pl?id=7)
How can I get/generate/pass the token:
This is the code we use:
#!/usr/bin/perl
#--------------------------------------------------------------------------
# edit.pl
#--------------------------------------------------------------------------
use DBI;
use CGI qw(:standard);
use C4::Context;
use C4::Auth qw( get_template_and_user );
use Modern::Perl;
my $name_first;
my $name_last;
my $address_01;
my $address_02;
my $address_city;
my $address_state;
my $address_postal_code;
my $query = new CGI;
my $id = $query->param("id");
print header;
print <<HTML;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "
http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>Scripting MySQL - Address Book - Edit</title>
</head>
<body>
HTML
# grab the information for this id
our $dbh = C4::Context->dbh;
$query = "SELECT serial, name_first, name_last, address_01, address_02,
address_city, address_state, address_postal_code FROM address WHERE serial
= '$id'";
my $sth = $dbh->prepare($query);
$sth->execute();
# list all of the addresses in a table
# be sure that the link for add.html is the correct path according to your
system
print "<center><font color=blue>My Addresses - <a href=
http://192.168.0.92:8080/cgi-bin/koha/celacp/AskALibrarian1.pl
>Dashboard</a></font><p>";
print "<table border=0>";
my @data;
while (@data = $sth->fetchrow_array()) {
$id = $data[0];
$name_first = $data[1];
$name_last = $data[2];
$address_01 = $data[3];
$address_02 = $data[4];
$address_city = $data[5];
$address_state = $data[6];
$address_postal_code = $data[7];
}
print <<HTML;
<form method="post" name="address" action="
http://192.168.0.92:8080/cgi-bin/koha/celacp/edit_save.pl">
<input type=hidden name=id value="$id">
<tr><td align=right>Name First </td><td><INPUT TYPE=text NAME="name_first"
id=name_first size=30 value="$name_first"></td></tr>
<tr><td align=right>Name Last </td><td><INPUT TYPE=text
NAME="name_last" id=name_last
size=30 value="$name_last"></td"></tr>
<tr><td align=right>Address 1 </td><td><INPUT TYPE=text NAME="address_01"
id=address_01 size=40 value="$address_01"></td></tr>
<tr><td align=right>Address 2 </td><td><INPUT TYPE=text NAME="address_02"
id=address_02 size=40 value="$address_02"></td></tr>
<tr><td align=right>City </td><td><INPUT TYPE=text
NAME="address_city" id=address_city
size=30 value="$address_city"></td></tr>
<tr><td align=right>State </td><td><INPUT TYPE=text
NAME="address_state" id=address_state
size=2 value="$address_state"></td></tr>
<tr><td align=right>Zip </td><td><INPUT TYPE=text NAME="address_postal_code"
id=address_postal_code size=10 value="$address_postal_code"</td></tr>
<tr><td colspan=2><center><input type="submit" value="Save Changes" alt="Save
Changes"></td></tr>
</form>
</table>
</body>
</html>
HTML
$dbh->disconnect;
exit;
Or should I use another method to pass the variables values?
Regards
Alvaro.
NB.: I´m by no means a programmer so, please, don´t be too strict with the
cleaness of the code. I took another perl script as "template" and
adjusted to our needs.
|----------------------------------------------------------------------------------------|
Stay safe / Cuídate/ Reste sécurisé
*7* Switch off as you go / Apaga lo que no usas / Débranchez au fur et à
mesure.
*q *Recycle always / Recicla siempre / Recyclez toujours
P Print only if absolutely necessary / Imprime solo si es necesario /
Imprimez seulement si nécessaire
More information about the Koha
mailing list