codeigniter CSRF错误 [英] codeigniter CSRF error
问题描述
我正在尝试在启用CSRF保护的情况下使用codeigniter。我已经在此处和此处,但这似乎并不能解决问题。在某些时候,已解决了不允许您执行请求的操作 错误,但是现在它不加载表单验证帮助器。它会抛出无法加载所请求的文件:helpers / form_validation_helper.php`肯定出了什么问题?
I'm trying to use codeigniter with CSRF protection enabled. I've read the already answered solutions here and here But that didnt seem to resolve the issue. At some point the "Action you requested is not allowed" error is solved, but now it doesnt load the form validation helper. It throws 'Unable to load the requested file: helpers/form_validation_helper.php` What must have gone wrong?
这是控制器文件:
Here's the controller file:
class Home extends CI_Controller {
function __construct(){
parent::__construct();
$this->load->helper('form');
}
public function index(){
$data['title'] = "Home";
$data['main_content'] = 'frontend/index';
$this->load->view("frontend/includes/template", $data);
}
public function contact(){
$data['title'] = "Contact Us";
$data['main_content'] = 'frontend/contact';
$this->load->view('frontend/includes/template', $data);
}
//submit functions
public function contact_submit(){
$send_clicked = $this->input->post('sub');
if(isset($send_clicked)){
$this->load->helper('date');
$this->load->helper('form_validation');
$this->form_validation->set_rules('name', 'Name', 'trim|required|max_length[40]|xss_clean');
$this->form_validation->set_rules('email', 'Email Address', 'trim|required|max_length[50]|xss_clean');
$this->form_validation->set_rules('subject', 'Subject', 'trim|required|max_length[100]|xss_clean');
$this->form_validation->set_rules('message', 'Message', 'trim|required|max_length[1000]|xss_clean');
if ($this->form_validation->run() == FALSE) {
} else {
$clean_name = $this->input->post('name');
$clean_email = $this->input->post('email');
$clean_subject = $this->input->post('subject');
$clean_message = $this->input->post('message');
$date = now();
$db_data = array(
'name' => $clean_name,
'email' => $clean_email,
'subject' => $clean_subject,
'message' => $clean_message,
'date_posted' => $date
);
print_r($db_data);
}
}
}
public function page_missing(){
$data['title'] = "404 Page Missing";
$data['main_content'] = 'frontend/404';
$this->load->view("frontend/includes/template", $data);
}
}
以下是config.php的一些配置我对以下内容进行了更改:
Here's some configs of config.php that i made changes to:
$config['sess_cookie_name'] = 'qtd_sess';
$config['sess_expiration'] = 7200;
$config['sess_expire_on_close'] = FALSE;
$config['sess_encrypt_cookie'] = TRUE;
$config['sess_use_database'] = TRUE;
$config['sess_table_name'] = 'qtd_sess';
$config['sess_match_ip'] = TRUE;
$config['sess_match_useragent'] = TRUE;
$config['sess_time_to_update'] = 300;
$config['cookie_prefix'] = "";
$config['cookie_domain'] = "";
$config['cookie_path'] = "/";
$config['cookie_secure'] = FALSE;
$config['global_xss_filtering'] = TRUE;
$config['csrf_protection'] = TRUE;
$config['csrf_token_name'] = 'csrf_test_name';
$config['csrf_cookie_name'] = 'csrf_cookie_name';
$config['csrf_expire'] = 7200;
以下是部分视图:
<!-- Start Contact Form -->
<?php $attributes = array('class' => 'contact-form', 'id' => 'contact-form');
echo form_open('home/contact_submit', $attributes); ?>
<div class="form-group">
<div class="controls">
<input type="text" placeholder="Name" name="name">
</div>
</div>
<div class="form-group">
<div class="controls">
<input type="email" class="email" placeholder="Email" name="email">
</div>
</div>
<div class="form-group">
<div class="controls">
<input type="text" class="requiredField" placeholder="Subject" name="subject">
</div>
</div>
<div class="form-group">
<div class="controls">
<textarea rows="7" placeholder="Message" name="message"></textarea>
</div>
</div>
<button type="submit" id="submit" name="sub" class="btn-system btn-large">Send</button>
<div id="success" style="color:#34495e;"></div>
</form>
<!-- End Contact Form -->
推荐答案
表单验证不是帮助程序。
Form validation is not a helper. Its a library.
$this->load->helper('form_validation');// this is wrong
$this->load->library('form_validation');// this is correct.
有关更多信息,请参见此处
for more information see here
这篇关于codeigniter CSRF错误的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
