Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Using CodeIgniter General Help CSRF problem issue
CSRF problem issue
  • Offline dave friend
    Posting Freak
  • *****
  • Posts: 1,015
    Threads: 15
    Joined: Jun 2015
    Reputation: 50
#2
02-17-2018, 09:46 AM

The easy way is to use the Form Helper and its function form_open('form_controller/action_method') to automatically put the hidden field with CSRF credentials in the form. Without that field you get the "not allowed" error.

Assuming the controller is Login and the action method is do_login the view code would be

PHP Code:
echo form_open('login/do_login');
//other view code
echo form_close(); 

Understand that CSRF is only used for POST requests. You don't have to worry about normal browsing request for a page because GET requests don't check the CSRF credentials.

It is strongly recommended that you use it for all forms that post data to your site.
Reply


Messages In This Thread
CSRF problem issue - by sidd89 - 02-17-2018, 03:49 AM
RE: CSRF problem issue - by dave friend - 02-17-2018, 09:46 AM
RE: CSRF problem issue - by Avenirer - 02-17-2018, 10:33 AM



Theme © iAndrew 2016 - Forum software by © MyBB