Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.
I have a page with two forms, each form has generated csrf token
form1:
<form method="POST" action="/admin/settings/site">
{!! csrf_field() !!}
...
...
</form>
form2:
<form method="POST" action="/admin/settings/site">
{!! csrf_field() !!}
...
...
</form>
and in the controllers I redirect back to the same page after submitting the form
it work fine sometimes, but sometimes it fails sometimes I get the exception in first try, sometimes in the third one..
I am using file session driver.. and my routes has 'web' middleware
any idea why this is happenning?
Is this an ajax request? If so, move the csrf to a more general location, and include it like so:
$.ajaxSetup({ headers: { 'X-CSRF-Token' : $('meta[name=_token]').attr('content')} });
This example is placing the token in a meta tag, but you could use an input and target its id instead.
If it's not ajax, remove the csrf field from the form. The token should be stored in the session anyway. Having multiple tokens on a page can cause mismatch issues, perhaps generating various tokens.
I've never had the mismatch token issue with multiple forms. like a table with a delete form in each row.
Any case something might be wrong with your html or data where Laravel is submitting form a with form b token. Usually when your submit button is out side the form? Which doesn't work on any i.e. Browser anyways.
Please or to participate in this conversation.