OmarElGabry /
miniPHP
| @@ 23-33 (lines=11) @@ | ||
| 20 | $this->Security->requireAjax($actions); |
|
| 21 | $this->Security->requirePost($actions); |
|
| 22 | ||
| 23 | switch($action){ |
|
| 24 | case "getAll": |
|
| 25 | $this->Security->config("form", [ 'fields' => ['page_number']]); |
|
| 26 | break; |
|
| 27 | case "create": |
|
| 28 | $this->Security->config("form", [ 'fields' => ['file']]); |
|
| 29 | break; |
|
| 30 | case "delete": |
|
| 31 | $this->Security->config("form", [ 'fields' => ['file_id']]); |
|
| 32 | break; |
|
| 33 | } |
|
| 34 | } |
|
| 35 | ||
| 36 | public function index(){ |
|
| @@ 25-35 (lines=11) @@ | ||
| 22 | $this->Security->requirePost(['create', 'delete']); |
|
| 23 | ||
| 24 | // define the expected form fields for every action if exist |
|
| 25 | switch($action){ |
|
| 26 | case "create": |
|
| 27 | // you can exclude form fields if you don't care if they were sent with form fields or not |
|
| 28 | $this->Security->config("form", [ 'fields' => ['content'], 'exclude' => ['submit']]); |
|
| 29 | break; |
|
| 30 | case "delete": |
|
| 31 | // if you don't want to validate the CSRF Token, then assign 'validateCsrfToken' to false |
|
| 32 | // $this->Security->config("validateCsrfToken", false); |
|
| 33 | $this->Security->config("form", [ 'fields' => ['todo_id'], 'exclude' => ['submit']]); |
|
| 34 | break; |
|
| 35 | } |
|
| 36 | } |
|
| 37 | ||
| 38 | public function index(){ |
|
