Hello guys,
i’m trying to implement filepond into my CakePHP3 Croogo backend. I’m having difficulties with cake’s security features though. The form is my default edit form for a Plugin i wrote, which handles customer profiles. Under the media tab in my backend i use the following code:
Summary
echo $this->Html->tabStart('partner-media');
for ($i=1; $i < 15 ; $i++) {
$propertyName = "partner_media_$i";
$file = new File('../files/Partner/partner_media_'.$i.'/'.$partner->$propertyName);
$extension = pathinfo('../files/Partner/partner_media_'.$i.'/'.$partner->$propertyName, PATHINFO_EXTENSION);
if (in_array($extension, $allowed)) {
echo $this->Html->media('../files/Partner/partner_media_'.$i.'/'.$partner->$propertyName, [
'fullBase' => true,
'text' => 'Video konnte nicht geladen werden',
'width' => '300',
]);
} else {
echo $this->Html->image('../files/Partner/partner_media_'.$i.'/'.$partner->$propertyName, [
'alt' => ${$partner->partner_media_.$i},
'height' => '100'
]);
}
echo $this->Form->input('partner_media_'.$i, [
'label' => __d('partner', 'Media '.$i),
'type' => 'file',
'class' => 'filepond',
]);
}
echo $this->Html->tabEnd();
prefixed by
$this->append(‘form-start’, $this->Form->create($partner, [
‘type’ => ‘file’,
‘class’ => ‘protected-form’,
]));
Filepond initialization:
$('.filepond').filepond({
allowMultiple: true,
server: {
url: '../files',
process: {
method: 'POST',
withCredentials: false,
headers: {'X-CSRF-Token': $('[name="_csrfToken"]').val()},
}
}, ...
At first i faced an csrf token error. I’m now sending the csrf token as a header, which works. But i can’t figure out how to avoid getting the black-holed error.
Thanks for your help