codeigniter CSRF error

2019-09-10 23:49发布

站内问答 / PHP
1509 1 4

I'm trying to use codeigniter with CSRF protection enabled. I've read the already answered solutions here and here But that didnt seem to resolve the issue. At some point the "Action you requested is not allowed" error is solved, but now it doesnt load the form validation helper. It throws 'Unable to load the requested file: helpers/form_validation_helper.php` What must have gone wrong?

Here's the controller file: 

class Home extends CI_Controller {

function __construct(){
    parent::__construct();
    $this->load->helper('form');
}

public function index(){
    $data['title'] = "Home";
    $data['main_content'] = 'frontend/index'; 
    $this->load->view("frontend/includes/template", $data);
}

public function contact(){
    $data['title'] = "Contact Us";
    $data['main_content'] = 'frontend/contact';
    $this->load->view('frontend/includes/template', $data);
}

//submit functions
public function contact_submit(){
    $send_clicked = $this->input->post('sub');
    if(isset($send_clicked)){

        $this->load->helper('date');
        $this->load->helper('form_validation');

        $this->form_validation->set_rules('name', 'Name', 'trim|required|max_length[40]|xss_clean');
        $this->form_validation->set_rules('email', 'Email Address', 'trim|required|max_length[50]|xss_clean');
        $this->form_validation->set_rules('subject', 'Subject', 'trim|required|max_length[100]|xss_clean');
        $this->form_validation->set_rules('message', 'Message', 'trim|required|max_length[1000]|xss_clean');

        if ($this->form_validation->run() == FALSE) {

        } else {

            $clean_name = $this->input->post('name');
            $clean_email = $this->input->post('email');
            $clean_subject = $this->input->post('subject');
            $clean_message = $this->input->post('message');
            $date = now();

            $db_data = array(
                'name' => $clean_name, 
                'email' => $clean_email, 
                'subject' => $clean_subject, 
                'message' => $clean_message, 
                'date_posted' => $date
                );

            print_r($db_data);
        }
    }
}

public function page_missing(){
    $data['title'] = "404 Page Missing";
    $data['main_content'] = 'frontend/404'; 
    $this->load->view("frontend/includes/template", $data);
}

}

Here's some configs of config.php that i made changes to:

$config['sess_cookie_name']     = 'qtd_sess';
$config['sess_expiration']      = 7200;
$config['sess_expire_on_close'] = FALSE;
$config['sess_encrypt_cookie']  = TRUE;
$config['sess_use_database']    = TRUE;
$config['sess_table_name']      = 'qtd_sess';
$config['sess_match_ip']        = TRUE;
$config['sess_match_useragent'] = TRUE;
$config['sess_time_to_update']  = 300;

$config['cookie_prefix']    = "";
$config['cookie_domain']    = "";
$config['cookie_path']      = "/";
$config['cookie_secure']    = FALSE;

$config['global_xss_filtering'] = TRUE;

$config['csrf_protection'] = TRUE;
$config['csrf_token_name'] = 'csrf_test_name';
$config['csrf_cookie_name'] = 'csrf_cookie_name';
$config['csrf_expire'] = 7200;

Here some part of the view:

<!-- Start Contact Form -->
        <?php $attributes = array('class' => 'contact-form', 'id' => 'contact-form');
         echo form_open('home/contact_submit', $attributes); ?>
          <div class="form-group">
            <div class="controls">
              <input type="text" placeholder="Name" name="name">
            </div>
          </div>
          <div class="form-group">
            <div class="controls">
              <input type="email" class="email" placeholder="Email" name="email">
            </div>
          </div>
          <div class="form-group">
            <div class="controls">
              <input type="text" class="requiredField" placeholder="Subject" name="subject">
            </div>
          </div>

          <div class="form-group">

            <div class="controls">
              <textarea rows="7" placeholder="Message" name="message"></textarea>
            </div>
          </div>
          <button type="submit" id="submit" name="sub" class="btn-system btn-large">Send</button>
          <div id="success" style="color:#34495e;"></div>
        </form>
        <!-- End Contact Form -->

1条回答
一夜七次
2楼-- · 2019-09-11 00:26

Form validation is not a helper. Its a library.

$this->load->helper('form_validation');// this is wrong

$this->load->library('form_validation');// this is correct.

for more information see here

查看更多
0人赞 添加讨论(0) 举报
登录 后发表回答
相关问题
查看全部
相关文章
查看全部
收藏的人(4)