Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Archived Discussions Archived Development & Programming How to maintain use of CSRF for a login form when login form is site-wide?
How to maintain use of CSRF for a login form when login form is site-wide?
  • El Forum
    Guest
  •  
#1
06-20-2011, 04:35 PM

[eluser]Unknown[/eluser]
Hey all,

Is there any alternative than to having my login function be in a global controller? Basically I have a login form near the header of my site on all pages. However on the actual login page there is a form as well. If I try to login through the top header and use my login page it will not process it. Is there any alternative?
  • El Forum
    Guest
  •  
#2
06-20-2011, 04:46 PM

[eluser]Aken[/eluser]
Is there any reason why you can't have your global login form process through a single login controller?
Code:
<form action="<?php echo site_url('users/login'); ?>" method="post">

Then if a user goes to your actual example.com/users/login controller, you can put in a conditional that hides the form on the top of the page if you want.
  • El Forum
    Guest
  •  
#3
07-01-2011, 03:57 AM

[eluser]gRoberts[/eluser]
There should be no issue?

Using the form_open/form_open_multipart should work if CSRF is enabled.

Cheers




Theme © iAndrew 2016 - Forum software by © MyBB