Login

semprom · 11-18-2023, 11:31 AM

Hi,
how can we have custom error message displayed when the CSRF validation fails instead of the exception thrown usually?
Thanks.

***kenjis*** · 11-18-2023, 06:58 PM

See https://codeigniter4.github.io/CodeIgnit...on-failure

ci-phpunit-test | CodeIgniter Testing Guide | CodeIgniter 3 to 4 Upgrade Helper

semprom · 11-19-2023, 12:54 AM

(11-18-2023, 06:58 PM)kenjis Wrote: See https://codeigniter4.github.io/CodeIgnit...on-failure

I don't want to redirect back. I just want to display a simple message when the csrf request has failed.

***kenjis*** · 11-19-2023, 12:59 AM

Try/catch the SecurityException and show an error message you want.

ci-phpunit-test | CodeIgniter Testing Guide | CodeIgniter 3 to 4 Upgrade Helper

semprom · 11-24-2023, 05:44 PM

(11-19-2023, 12:59 AM)kenjis Wrote: Try/catch the SecurityException and show an error message you want.

For some reason I cannot catch the exception. I tried with the bellows but without result.

try {

...

} catch (SecurityException $e) { / } catch (\SecurityException $e) {

}

***kenjis*** · 11-24-2023, 05:49 PM

Check the CI4 source code. The classname is \CodeIgniter\Security\Exceptions\SecurityException.

ci-phpunit-test | CodeIgniter Testing Guide | CodeIgniter 3 to 4 Upgrade Helper

semprom · 11-24-2023, 06:02 PM

(11-24-2023, 05:49 PM)kenjis Wrote: Check the CI4 source code. The classname is \CodeIgniter\Security\Exceptions\SecurityException.

I tried also that, it didn't work.

***kenjis*** · 11-24-2023, 07:55 PM

If you try to catch the exception in your controller, sorry you can't.
Because CSRF filter throws the exception. The controller is not executed yet.

Customize CSRF filter.

ci-phpunit-test | CodeIgniter Testing Guide | CodeIgniter 3 to 4 Upgrade Helper