CSRF and form_validation question / Forums / Community / EllisLab

Forum Logo

CSRF and form_validation question

Keinstah

Posted: 05 October 2012 05:52 AM

[ Ignore ]

Joined: 2012-05-01
3 posts

do i have to use form_validation->run just to validate the csrf?

DaveLittle

Posted: 05 October 2012 06:52 AM

[ Ignore ] [ # 1 ] [ Rating: 0 ]

Joined: 2012-10-04
4 posts

I’m pretty sure that Codeigniter automatically validates the CSRF (although I could be wrong)

If you use the form helper and use: form_open() it will automatically give you the csrf in a hidden input, on my website if the CSRF is wrong, or not existance, Ajax throws back error 500

Keinstah

Posted: 05 October 2012 07:14 AM

[ Ignore ] [ # 2 ] [ Rating: 0 ]

Joined: 2012-05-01
3 posts

yeah im getting error 500 in chrome but in firefox its good.

i even tried echoing $_POST and there’s csrf post.

Mainul Hassan

Posted: 05 October 2012 07:25 AM

[ Ignore ] [ # 3 ] [ Rating: 0 ]

Joined: 2012-10-03
2 posts

I’m dam sure that Codeigniter automatically validates the CSRF..

Keinstah

Posted: 05 October 2012 07:29 AM

[ Ignore ] [ # 4 ] [ Rating: 0 ]

Joined: 2012-05-01
3 posts

im not sure if its only my browser’s cookie fcked up, because i tried it on other pc it works fine.