Enabling CSRF to TRUE in CodeIgniter [closed] Enabling CSRF to TRUE in CodeIgniter [closed] codeigniter codeigniter

Enabling CSRF to TRUE in CodeIgniter [closed]


php forms codeigniter csrf

To enable CRSF in Codeigniter all you need to do is:

  1. Set the option to "TRUE" in the config file

  2. All your forms MUST use the form_open() helper function. This will automatically generate and include a 'hidden' CSRF token in your forms. Codeigniter will then automatically check this token on each form submission as part of the security funciton. If it detects a CSRF error, it will throw a 401 error automatically.

You dont need to do anything else.

edit: I just re-read that you do not use form_open(). It might be possible to manually insert the CSRF token into the forms yourself - but it would be more work than is required. Just convert all your forms to use form_open - and it will work seemlessly.

(And yes - this is one of the few poorly documented features in CI - so I understand why you couldnt find the answer - it took me a while as well)

Recent Posts
How can I color dots in a xy scatterplot according to column value?
How to update a claim in ASP.NET Identity?
What does {0} mean when initializing an object?
Accessing members of items in a JSONArray with Java
How to log SQL statements in Spring Boot?
Powershell Get-WebSite name parameter is ignored
How to detect scroll to bottom of html element
Java synchronized method
How to test controllers with CodeIgniter?
Detect Visual Composer
Matplotlib: Specify format of floats for tick labels
Rails join a list of strings with commas and "and" before the last