Laravel 5 CSRF Token Mismatch

Question

I've an annoying error with Laravel's CSRF tokens. I'm using the Laravel Collective's form package. The token value in the form is different to what is expected on the submitted page.

A few considerations:

1. I've created and migrate the sessions database table ( php artisan session:table )
2. I'm using the database to store sessions, not the filesystem
3. Records are being created in the database.
4. The Form::open() is creating the CSRF field. I've viewed the page and it is there with a valid CSRF value.
5. Even though I'm not using the file system I have set the correct permissions on the storage directory.
6. In my routes file, my routes are grouping using Route::group(['middleware' => ['web']], function () {});
7. Within my form, the CSRF token is set. However when I submit the form and DD the CSRF token stored in the session form within the middleware, the expected value is different to what was submitted.
8. I have set SESSION_DRIVER=database in my .env file
9. I have done a composer dump , php artisan cache:clear and deleted my cookies.
10. I have googled and searched. I've been on Google, StackOverflow, laracasts, laravel, random forums and nothing suggested has worked so far.

So my problem is this:

I have a form. Inside that form, i have a hidden _token field which a valid CSRF token.

When I submit the form to the server using a standard POST request, (no javascript / ajax), the CSRF token the server is expecting is different to what is provided by the form.

In other words, it seems like the token is changing between when it is outputted within the form, and when it is received by the middleware.

Considering the above considerations, what else can I do to fix or debug the issue, or what might I have missed.

If anyone required extra details, please let me know.

Answer 1

If you're adding the {{ csrf_file() }} function or something similar to submit it, but are still receiving this error, it could be a php configuration issue. Are you trying to submit a file in the POST? Type php --info | grep size php --info | grep size in the command line and check for the upload_max_filesize size and post_max_size to make sure they are large enough for your post data. If they are indeed too small, adjust your php.ini or {laravel_directory}/public/.htaccess file to change those values.