在我的codeigniter项目中。CSRF保护未设置为true。但是,当我提交表单时,出现以下错误“遇到错误” 您请求的操作是不允许的。”。 这是我的表单视图
<?php echo form_open('business/add-user',array('class'=>'form-horizontal'));?>
<div class="form-group">
<input type="hidden" name="<?php echo $this->security->get_csrf_token_name();?>" value="<?php echo $this->security->get_csrf_hash();?>">
<label class="col-md-2 control-label">User Name<span
class="text-danger">*</span></label>
<div class="col-md-7">
<input type="hidden" name="business_id"
value="<?php echo $business_id;?>">
<input class="form-control" type="text" id="name"
value="<?php echo set_value('name'); ?>" name="name"
placeholder="User Name">
<div style="margin-top: 0px; color: red;"><?= form_error('name'); ?></div>
</div>
</div>
<div class="form-group">
<label class="col-md-2 control-label">Email Address<span
class="text-danger">*</span></label>
<div class="col-md-7">
<input class="form-control" type="email" id="email"
value="<?php echo set_value('email'); ?>" name="email"
placeholder="Email Address">
<div style="margin-top: 0px; color: red;"><?= form_error('email'); ?></div>
</div>
</div>
<div class="form-group">
<label class="col-md-2 control-label">Phone<span class="text-danger">*</span></label>
<div class="col-md-7">
<input class="form-control" type="number" id="phone"
value="<?php echo set_value('phone'); ?>" name="phone"
placeholder="Phone">
<div style="margin-top: 0px; color: red;"><?= form_error('phone'); ?></div>
</div>
</div>
<div class="form-group">
<label class="col-md-2 control-label">Password<span class="text-danger">*</span></label>
<div class="col-md-7">
<input class="form-control" type="password" id="password"
value="<?php echo set_value('password'); ?>" name="password"
placeholder="Password">
<div style="margin-top: 0px; color: red;"><?= form_error('password'); ?></div>
</div>
</div>
<div class="form-group">
<div class="col-md-8 col-md-offset-2">
<button class="btn btn-sm btn-primary" name="submit" type="submit"><i
class="fa fa-check"></i> Add User
</button>
</div>
</div>
<?php echo form_close();?>
我的控制器
public function add_user()
{
$this->form_validation->set_rules('name','Name','required|xss_clean');
$this->form_validation->set_rules('email','Email','required|xss_clean|valid_email|is_unique[user_login.email]');
$this->form_validation->set_rules('phone','Phone','required|xss_clean|is_unique[user_login.phone]');
$this->form_validation->set_rules('password','Password','required|xss_clean');
$this->form_validation->set_error_delimiters('','');
if($this->form_validation->run()===FALSE)
{
$data['business_id']=$this->input->post('business_id');
$this->load->view('admin/business/create_user',$data);
}
else
{
if($this->Business_Model->add_user())
{
redirect('account/business-profile/'.$this->input->post('business_id'));
}
else
{
$this->session->set_flashdata('SUCCESSMSG','User not created');
$data['business_id']=$this->input->post('business_id');
$this->load->view('admin/business/create_user',$data);
}
}
}
的行为以 $ route ['business / add-user'] ='admin / Business / add-user';
即表单动作是控制器中的add_user 我需要克服这个问题
答案 0 :(得分:0)
尝试删除<input type="hidden" name="<?php echo $this->security->get_csrf_token_name();?>" value="<?php echo $this->security->get_csrf_hash();?>">,我不确定这是否是导致问题的原因。
form_open已经为您添加了带有csrf令牌的隐藏字段!
答案 1 :(得分:0)
我可以修复它。问题是我给定的格式为business / add-user的操作。此路由在route.php文件中配置。在xampp中没有问题。但是在服务器中,当我提交“您所请求的不允许”错误发生。因此我将表单操作控制为默认路由“ admin / Business / add-user”。因此,此错误已解决