I've recently come across this error within a custom cms i'm building - this error appears when I submit a form that uses a multiselect - can anyone suggest the most common reasons for this error.

ok - i think it might be the multi-select arrays causing the problem, eg I have an array like this within a table..

hotels[url][]
hotels[text][]
hotels[url][]

Would this not be allowed in the $_POST?

It could be you're submitting your form with GET instead of POST. Multi-selects usually use array notation (myarray[]) which are characters that are not usually allowed by CodeIgniter in the URL.

If you are sure you're using POST then I would suggest checking two things:

1. Make sure that if you're using CodeIgniter's CSRF protection that you are submitting a valid token with the form. You can test whether this is the problem by disabling CSRF protection and trying to submit the form. The CSRF protection is usually enabled in your config.php file via the $config['csrf_protection'] variable. More info on CodeIgniter's CSRF protection can be found here.
2. Double check the URL you're using to submit the form to make sure it doesn't have any characters that aren't permitted in your $config['permitted_uri_characters'] in application/config/config.php.

If you look in your config.php file inside the application/config folder you'll find this line:

$config['permitted_uri_chars'] = 'a-z 0-9~%.:_\-';

It's a regex containing whitelisted characters that codeigniter allows. If there is anything else in the querystring you will get that error.

remove commas from your input names. Eg: name['type'] is wrong. It should be name[type]

if ( ! preg_match(“/^[a-z0-9:_/-]+$|/i”, $str))

I add | (pipe) character on the example above