我正在使用codeigniter自定义表单,我需要使用CSRF令牌,所以我使用了$this->security->get_csrf_hash(),但它不适用于我,任何人都可以帮助我如何解决这个问题?这是我的代码
<form role="form" data-parsley-validate="" novalidate="" class="mb-lg" action="?c=<?php echo isset($controller) ? $controller : "welcome"; ?>&m=login" method="post">
<div class="form-group has-feedback">
<input name="email" id="exampleInputEmail1" type="email" placeholder="Enter email" autocomplete="off" required class="form-control">
<span class="fa fa-envelope form-control-feedback text-muted"></span>
</div>
<div class="form-group has-feedback">
<input name="password" id="exampleInputPassword1" type="password" placeholder="Password" required class="form-control">
<span class="fa fa-lock form-control-feedback text-muted"></span>
</div>
<div class="clearfix">
<div class="pull-right"><a href="?c=<?php echo isset($controller) ? $controller : "welcome"; ?>&m=resetpassword" class="text-muted">Forgot your password?</a>
</div>
</div>
<?php
$csrf = array(
'name' => $this->security->get_csrf_token_name(),
'hash' => $this->security->get_csrf_hash()
);
echo "<pre>";
print_r($csrf);
die;
?>
<input type="hidden" name="<?php echo $csrf['name'];?>" value="<?php echo $csrf['hash'];?>" />
<button type="submit" class="btn btn-block btn-primary mt-lg">Login</button>
</form>
答案 0 :(得分:1)
请检入配置文件,以确保重新生成以下内容。
$config['csrf_regenerate'] = TRUE;
,并且在每个发布请求中传递以下名称和值。
data:{get_csrf_token_name(): $this->security->get_csrf_hash()}