We have moved our forum to GitHub Discussions. For questions about Phalcon v3/v4/v5 you can visit here and for Phalcon v6 here.

Invalid CSRF token

Here is my code: https://pastebin.com/Rr4MBD11

Can you please help me to solve?



58.4k

Hey man

you try this

                {{ hidden_field(this.security.getTokenKey(), "value": this.security.getToken()) }}

Thanks Thein for reply but no luck. I'm getting same error.

Hey man

you try this

               {{ hidden_field(this.security.getTokenKey(), "value": this.security.getToken()) }}


58.4k
edited Dec '14

Can you upload error ? Also in bootstrap file I don't see use Phalcon\Security so You can't used

    $di->set(
    'security',
    function () {

        $security = new Security();

        //Set the password hashing factor to 12 rounds
        $security->setWorkFactor(12);

        return $security;
    },
    true
);

It should like

$di->set(
    'security',
    function () {

        $security = new \Phalcon\Security();

        //Set the password hashing factor to 12 rounds
        $security->setWorkFactor(12);

        return $security;
    },
    true
);
edited Dec '14

At first, I want to thank you for your answers. Now, I've completed all steps with no luck. So uploaded actual files here: https://www.dropbox.com/sh/2sar95ry44t0g8c/AACMYd469ciinx9ZbYbJeITZa?dl=0

If you can manage some time to check, I would be really greatful.

Anyone else can help me to find out the mistake?

What does the actual generated HTML look like? What does $_POST look like when the form is submitted?

What browser are you using?

Here is the output

array (size=3) 'email' => string '[email protected]' (length=18) 'password' => string '[email protected]' (length=8) 'jcYkyzKkV0uTkubn' => string 'b1d3a08cef6d2bde32f265a08a553ab0' (length=32)

What does the actual generated HTML look like? What does $_POST look like when the form is submitted?

Wow, only Chrome is't working. No error with Firefox & Safari. How funny.



7.6k
Accepted
answer
edited Dec '14

Update: As soon as I uploaded the entire project into live domain, all issues got solved. Chrome is now working fine. Thanks all of you who helped me. So probably the issue occured because of working in localhost.

I think this is because the favicon is not configured. Set and try again.