I have developed a backend admin module where users can upload files. I am using Valum’s Ajax File Upload extension to do this. In order to make this work with CSRF validation, I need to extend CHttpRequest to allow CSRF validation with GET methods, which I have already done as follows:
class AdminHttpRequest extends CHttpRequest
{
public function validateCsrfToken($event)
{
.....
The problem is, when I run the code, Yii insists on using CHttpRequest instead of AdminHttpRequest. In the AdminModule code, I have the following:
class AdminModule extends CWebModule
{
public function init()
{
// this method is called when the module is being created
// you may place code here to customize the module or the application
$this->setComponents(array(
'request' => array(
'class' => 'application.modules.admin.components.AdminHttpRequest',
),
)
}
However, when I try to upload files, I keep getting the following error:
The CSRF token could not be verified. (/Applications/MAMP/htdocs/framework/web/CHttpRequest.php:864)
Any idea why Yii keeps using CHttpRequest instead of AdminHttpRequest? Am I doing something wrong?
Cheers!