Menu
I have a login form in Laravel:
<form class="form-signin" action="{{ URL::route('adminAuthen') }}" method="POST">
{{ csrf_field() }}
<h2 class="form-signin-heading">Admin Login</h2>
<label for="inputUsername" class="sr-only">Email address</label>
<input type="text" id="inputUsername" name="username" class="form-control" placeholder="Username" required autofocus>
<label for="inputPassword" class="sr-only">Password</label>
<input type="password" id="inputPassword" name="password" class="form-control" placeholder="Password" required>
<button class="btn btn-lg btn-primary btn-block" type="submit">Sign in</button>
</form>
But I always got error when visit this form:
Call to undefined function csrf_field()
How can I fix this bug?
449
To protect your application, Laravel uses CSRF tokens. CSRF tokens are strings that are automatically generated and can be attached to a form when the form is created. They are used to uniquely identify forms generated from the server. The idea behind it is that when the server receives POST requests, the server checks for a CSRF token.
So, if you make a request without adding the CSRF Token, the request will be rejected. If you go to the file app/Http/Kernel.php you will see the VerifyCsrfToken middleware defined: <?php [...] class Kernel extends HttpKernel { [...] protected $middlewareGroups = [ 'web' => [ [...] \App\Http\Middleware\VerifyCsrfToken::class, [...]
Error token mismatch Within the AJAX call itself, add another data property alongside the data that will be passed already form. and fixed CSRF token mismatch to correct. using this code, we can fix any of the CSRF tokens every time.
The classic CSRF handling of error. This is when no CSRF tokens are inserted. However, once the SCRF token has been inserted. The time and tested mechanism to fight against such attacks are to create a layer of authentication which is going to be system generated.
I think there is no function called csrf_field() in laravel 5, use this instead of that.
<input type="hidden" name="_token" value="{{ csrf_token() }}">
Update 2016-03-17
Laravel introduce csrf_field() in version 5.1
{{ csrf_field() }} this will generate csrf token field,
100
You can replace your {{ csrf_field() }} with this:
<input type="hidden" name="_token" value="{{ csrf_token() }}">
You might have misunderstood this because of master documentation page of laravel. I don't why they did that. But this one is what I found to be working on the laravel-5.
24
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
