[SOLVED] - [Ajax] - Form Auth

[watchix]

Hello,

Since the update from Cacti 0.8.7 to 0.8.8f, I'm having a 403 error from an Ajax auth method for my extranet clients.

When a client auth to my extranet, an Ajax querry auth the client to his Nagios and Cacti account :

Code: Select all

$(document).ready(function(){
				$.ajax({
					type: "POST",
					url: "/cacti/index.php",
					data: { 
						action : "login",
						login_username : loginCacti,
						login_password : mdpCacti
					},
					success : function( msg ) {
						cacti = "true";
					}
				}).done(function( html ) {
					validateDatas();
				});
			});
		});

This Ajax code was functional in 0.8.7 version but not in 0.8.8f


Anyone could help me please ?

Regards.

[watchix]

I tested some things with my Ajax queries, and now i'm having a success HTTP 200.

Somebody now which Cacti PHP page get the POST/GET variables for users authentication ?

Now i'm having this issue :

Code: Select all

$(document).ready(function(){
			//Connection Cacti
			$.ajax({
				url: "/cacti/logout.php",
				data: { }
			}).done(function( html ) {
				$.ajax({
					url: "/cacti/index.php",
					data: {
						action : "login",
						login : loginCacti,
						mdp : mdpCacti
					},
					success : function( msg ) {
						cacti = "true";
					}
				}).done(function( html ) {
					validateDatas();
				});
			});
		});

Regards,

[watchix]

Problem solved ...

The solution for me was to :
- Disable the CSRF-Magic function :
Comment last lines about CSRF in PHP file : cacti/include/global.php

- Modify my ajax function POST variables :

Code: Select all

$.ajax({
	url: "/cacti/logout.php",
	data: { }
}).done(function( html ) {
	$.ajax({
		type: "POST",
		url: "/cacti/index.php",
		data: {
			action : "login",
			login_username : loginCacti,
			login_password : mdpCacti
		},
		success : function( msg ) {
			cacti = "true";
		}
	}).done(function( html ) {
		validateDatas();
	});
});
});