Jump to:

1971 Posts in 1275 Topics by 607 members

Form Questions

SilverStripe Forums » Form Questions » SearchForm, pagination and CSRF problem...

Moderators: martimiz, Sean, biapar, Willr, Ingo, swaiba, simon_w

Page: 1
Go to End
Author Topic: 546 Views
  • mishell
    Avatar
    Community Member
    19 Posts

    SearchForm, pagination and CSRF problem... Link to this post

    I have a search form like this:

    function SForm() {
    Requirements::javascript('mysite/javascript/message.js');
    $action = $this->request->param('Action');

    $context = singleton('Message')->getCustomSearchContext();
    $fields = $context->getSearchFields();

    $fields->push(new HiddenField('SearchType','',$action));

    $searchText = isset($this->Query) ? $this->Query : 'Search';

    $actions = new FieldSet(
    new FormAction('searchResults', 'Go')
    );

    Results are rendered like this:

    public function searchResults($data,Form $form)
    {
    $data = Convert::raw2sql($data);

    $start = ($this->request->getVar('start')) ? (int)$this->request->getVar('start') : 0;
    $limit = 2;

    $fields = singleton('Message')->searchableFields();
    $context = singleton('Message')->getCustomSearchContext();

    $query = $context->getQuery($data, null, array('start'=>$start,'limit'=>$limit));
    $records = $context->getResults($data, null, array('start'=>$start,'limit'=>$limit));

    if($records) {
    $records->setPageLimits($start, $limit, $query->unlimitedRowCount());
    }

    return $this->customise(array(
    'MyResults' => $records
    ));
    }

    In template results are show like this:

    Now everything works fine untill I want to click page MessageController/SForm?start=4

    When silverstripe protests and shows

    Security token doesn't match, possible CSRF attack.

    First I can't force silverstripe to use template MessageController_searchResults.ss and it shows on MessageController, so I have some ifs and then is ok, but I don't think I should render it on main template.

    Next I can't figure out how to make it work so SS won't display error message but second page of search form.

    I read every page I could, any help would be very appreciated.

  • mishell
    Avatar
    Community Member
    19 Posts

    Re: SearchForm, pagination and CSRF problem... Link to this post

    $form = new Form($this, "SForm", $fields, $actions);
    $form->setFormMethod('get');
    return $form;

    and done

    546 Views
Page: 1
Go to Top

Want to know more about the company that brought you SilverStripe? Then check out SilverStripe.com

Comments on this website? Please give feedback.