Using XHR Request for Ajax based on what product(s) are chosen

[DrByte]

I added the missing quotes into post #7.

[RobertH]

I added the missing quotes into post #7.

Well after initial testing and breif spot-checking for consistency across pages it seems to be working with the redirect line intact, thank you!

If it's not too much to ask, could you maybe try to help me understand more about what the problem was and why this solution fixed it? I'm learning more about Zen Cart, and its use of php, javascript, etc. every day but I really like to understand why something is happening, so that in the future I can implement and build on that knowledge.

If it's inappropriate to do here then can you private message me? If you are too busy that's okay – like I said I just much prefer to understand more about what's going on than to Copy & Paste a fix and call it a day.

[RobertH]

I've thought of a possible issue and I don't know if it is already accounted for based on this setup of the XHR POST.

Right now, as you've seen, I'm working on a test site on localhost, but my live site has an SSL certificate and allows for https browsing. Will the current code be able to .load() "ajax_compare.php" while on https connection?

[DrByte]

If it's not too much to ask, could you maybe try to help me understand more about what the problem was and why this solution fixed it?

Zen Cart, like any responsible framework, protects against CSRF attacks by requiring POSTs to include a security token. When absent, it rejects the POST.
Your ajax .load() command is passing an object, which forces the ajax call to be a POST.
The change I suggested causes your ajax command to include the security token as part of the POST, so that it an be validated.

[DrByte]

I've thought of a possible issue and I don't know if it is already accounted for based on this setup of the XHR POST.

Right now, as you've seen, I'm working on a test site on localhost, but my live site has an SSL certificate and allows for https browsing. Will the current code be able to .load() "ajax_compare.php" while on https connection?

I don't see why it would make any difference.

[RobertH]

Zen Cart, like any responsible framework, protects against CSRF attacks by requiring POSTs to include a security token. When absent, it rejects the POST.
Your ajax .load() command is passing an object, which forces the ajax call to be a POST.
The change I suggested causes your ajax command to include the security token as part of the POST, so that it an be validated.

I don't see why it would make any difference.

Thanks again for your advice. I will report back here how it goes when moving the feature to the live site

[RobertH]

Thanks again for your advice. I will report back here how it goes when moving the feature to the live site

Seems to be running smoothly on the live site with http or https!

[DrByte]

Seems to be running smoothly on the live site with http or https!

Great! Thanks for reporting back.