Home » Php » php – How do I check if the request is made via AJAX in CodeIgniter?

php – How do I check if the request is made via AJAX in CodeIgniter?

Posted by: admin April 23, 2020 Leave a comment

Questions:

How do I check if the request is an AJAX? I am using CodeIgniter. I have a link that when it clicked, it’ll open the pop-up dialog window this is done through ajax it requests to a controller name login_window().

CodeIgniter

//Here is the controller name:
function login_window(){
    // request via ajax
    $this->load->view("login_window");
}

jQuery

//here is the jquery code:
//I am using a jquery plugin FACEBOX

$('a[rel*=dialog]').facebox();

<a href="http://localhost/codeigniter/login_window" rel="dialog">Login</a>

I want to check if it is an AJAX request and if not, i will redirect them to homepage. so there’s no way they can access the page that is intended only for ajax requests.

How to&Answers:

If you are using a library that sends the X-Requested-With header, then you can do…

if (strtolower(filter_input(INPUT_SERVER, 'HTTP_X_REQUESTED_WITH')) === 'xmlhttprequest') {
   // I'm AJAX!
}

Answer:

As of Codeigniter 2.0 it is prefered to use $this->input->is_ajax_request()

Answer:

I think you are basically looking to protect your ajax api’s from being accessed directly by the users. You want users to be able to access ajax api’s when invoked by your own code (javascript etc) but users should be denied access if they try to directly hit the api.

If you are still looking for a perfect solution (HTTP_X_REQUESTED_WITH is not always reliable, since your library might not support this. Even it might get stripped off by proxies if user is behind one) try to use crumbs to protect your ajax api’s. Crumbs are used for flow validation, which make sure that users access the api’s via a pre-defined/pre-decided flow and not directly.

Answer:

In Codeigniter we can use

if(!$this->input->is_ajax_request()){ // check if request comes from an ajax
    redirect(site_url('home'),'refresh'); // if the request is not coming from an ajax redirect to home controller.
}

Answer:

Instead of detecting whether your request was an ajax request or not(Which can be any HTTP verb – GET/POST/HEAD) you may wanna try and add/modify routes to your routes.php for specifically handling these scenarios.

Answer:

In Yii you simply check

    if (Yii::app()->request->isAjaxRequest)

If you use jQuery or other major javascript library it works. If you do custom requests, don’t forget ot set X-Requested-With HTTP header to XMLHttpRequest.

Answer:

Codeigniter has inbuilt function to check if the request is made using Ajax call.

You can use the following way to validate if a controller/segment is called using Ajax or not.

<?php
Class Only_ajax extends CI_controller{

   function validate_user()
  {
     /*
      * Check if URL only_ajax/validate_url is called from ajax
      * if not display not found error to user.
      *
      **/

     if(!$this->input->is_ajax_request()){
       show_404();
     }

  }

}

You can use many other checks as well using input class.
Few of them are

  • $this->input->get_request_header();
  • $this->input->is_cli_request()
  • $this->input->ip_address()

You can view complete list of available methods at Official documentation