堆栈内存溢出
  简体   繁体   English

提交表单时出现codeigniter csrf错误

[英]codeigniter csrf error on form submission

 原文  2012-04-23 04:42:12       php/ forms/ codeigniter/ csrf/ csrf-protection

问题描述

I have a form using codeigniter brackets 我有一个使用codeigniter括号的表格 

echo form_open('signup');

echo form_close();

and when i submit it i get the following error 当我提交它时,出现以下错误 

An Error Was Encountered

The action you have requested is not allowed.

NOT always but often... 并非 always但经常...

even when the hidden inputfield exist inside the form: 即使隐藏的输入字段存在于表单中: 

<div style="display:none">
<input type="hidden" value="token name is here" name="csrf_token_name">
</div>

this also happens on a similar form(signin) 这也发生在类似的形式(登录)

EDIT: html generated via form 编辑:通过表单生成的html 

<form accept-charset="utf-8" method="post" action="http://www.example.com/signup">
<div style="display:none">
<input type="hidden" value="93565fb5855d31af3d46bd655b11a4a6" name="csrf_token_name">
</div>
<input id="username" type="text" placeholder="Username" maxlength="20" value="" name="username">
<input id="email" type="text" placeholder="Email" value="" name="email">
<input id="password" type="password" placeholder="Password" value="" name="password">
<input id="submit" type="submit" value="Sign up" name="submit">
</form>

4 个解决方案

解决方案1
 4 已采纳  2012-04-23 06:40:05

you are doing it wrong. 你做错了。

try this 尝试这个 

    <input type="hidden" name="<?php echo $this->security->get_csrf_token_name(); ?>" value="<?php echo $this->security->get_csrf_hash();?>" />

the value must be what codeigniter calculates for the csrf token. 该值必须是codeigniter为csrf令牌计算的值。

or use form helper and codeigniter will add this hidden field automatically. 或使用表单助手,codeigniter会自动添加此隐藏字段。

解决方案2
 0  2016-08-26 11:51:43

In my case I just increased 'csrf_expire' variable - the number in seconds the token should expire. 就我而言,我只是增加了'csrf_expire'变量-令牌应过期的秒数。

From $config['csrf_expire'] = 7200; 来自$ config ['csrf_expire'] = 7200; To $config['csrf_expire'] = 28800; 要$ config ['csrf_expire'] = 28800;

解决方案3
 -2  2017-03-15 12:24:51

change $config['csrf_regenerate'] = TRUE; 更改$ config ['csrf_regenerate'] = TRUE;

to

$config['csrf_regenerate'] = FALSE; $ config ['csrf_regenerate'] = FALSE; in config file 在配置文件中

解决方案4
 -4  2014-12-12 03:25:33

If you just want to get rid of the errors altogether... 如果您只想完全消除错误...
The easiest solution to get around them would be to: 解决这些问题的最简单方法是:

  1. Open your /config/ config.php file 打开您的/ config / config.php文件

  2. Find the line below: 找到下面的行:
    $config['csrf_protection'] = TRUE;

  3. Replace it with... 替换为...
    $config['csrf_protection'] = FALSE;

  4. Save changes. 保存更改。

CAUTION: Turning off the CSRF protection means you are left open to CSRF attacks. 注意:关闭CSRF保护功能意味着您随时可以遭受CSRF攻击。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 在Codeigniter中提交表单后更改csrf令牌 - change csrf token after form submission in codeigniter 确认Codeigniter食品杂货店中的表单提交错误 - Confirm form submission error in codeigniter grocery crud 在Codeigniter中提交表单 - Form submission in Codeigniter Codeigniter表单提交 - Codeigniter form submission codeigniter-表单提交错误 - codeigniter - form submission mistake 表格提交-CodeIgniter - form submission - CodeIgniter 表单提交在CodeIgniter中不起作用 - Form submission is not working in CodeIgniter 网址表单提交Codeigniter - Url form submission codeigniter CodeIgniter CSRF 403错误 - CodeIgniter CSRF 403 error codeigniter CSRF错误 - codeigniter CSRF error
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM