Level 14
@KAMRAN186 Is the csrf field being rendered? If you view source on the page, do you see it, and does it match the app key that you have in .env?
Sep 25, 2017
19
Level 1
TokenMismatchException in VerifyCsrfToken.php (line 68) in Laravel 5.4
I have been suffering from this problem for more than 24 hours. Even I had written the code again for many times. Please please somebody tell me what is wrong with this code?
@extends('layouts.app')
@section('content')
<div class="container">
<div class="col-sm-6 col-sm-offset-3">
<form method="post">
{{csrf_field()}}
<div class="panel panel-default">
<div class="panel-body">
<div class="form-group" {{$errors->first('title') ? 'has-error' : ' '}}>
<input type="text" name="title" class="form-control" placeholder="Enter the title here">
@if($errors->has('title'))
<small class="text-danger">{{$errors->first('title')}}</small>
@endif
</div>
<div class="form-group" {{$errors->first('body') ? 'has-error' : ' '}}>
<textarea name="body" rows="8" cols="88" class="form-control" placeholder="What is in your mind"></textarea>
@if($errors->has('body'))
<small class="text-danger">{{$errors->first('body')}}</small>
@endif
</div>
<input type="submit" class="btn btn-primary btn-block" value="">
</div>
</div>
</form>
</div>
</div>
@endsection
Level 1
@goatshark I can't get it... Can you please elaborate it?
Level 70
Run your page, go to view page source (right click your mouse, view page source) and check whether there is a hidden field called _token or not.
Something like this-
<input type="hidden" name="_token" value="anyRandomStringOrNumberHere">
Beside this, add action="" in your form.
2 likes
Level 1
Yes, there is hidden type input here. You can see...
<div class="col-sm-6 col-sm-offset-3">
<form method="post">
<input type="hidden" name="_token" value="UWngptLpacgOcSrRErmj2ybf5cQy3tjsGlFleZNx">
<div class="panel panel-default">
<div class="panel-body">
<div class="form-group" >
<input type="text" name="title" class="form-control" placeholder="Enter the title here">
</div>
<div class="form-group" >
<textarea name="body" rows="8" cols="88" class="form-control" placeholder="What is in your mind"></textarea>
</div>
<input type="submit" class="btn btn-primary btn-block" value="Submit">
</div>
</div>
</form>
</div>
Level 9
Hi, I had a similar problem before. Check your session, if the session is not working as it should the token is not saved there and this exception happens.
Level 14
@kamran186 To @nadj's point....I'm sure you checked this, but I've burned quite a few minutes in life troubleshooting things that ended up being fixed with a good old browser cache clear and reload.
Level 1
@goatshark @nadj . I ran my website and I don't know how but it worked. Then excitedly, I refreshed the page and again the same error occurred. Again, I don't know how. :|
Level 14
@kamran186 Can you post what is returned?
Level 70
In which url you are posting your form?
Level 9
@kamran186 you can check the source for _token hidden element value.
After go to app_dir/storage/framework/sessions/your_session_name_from_cookie
The same _token value should appear there.
a:3:{s:6:"_token";s:40:"ZSw2YUlJAj1vQ5XMOiz1OIFkhgA6pUU6spR1DNgo";s:9:"_previous";a:1:{s:3:"url";s:14:"http://my.app";}s:6:"_flash";a:2:{s:3:"old";a:0:{}s:3:"new";a:0:{}}}
If it's not the same, or you have no session files there, check the permissions on the sessions folder
Level 1
App/http/Kernal.php
\App\Http\Middleware\VerifyCsrfToken::class,
Change
//\App\Http\Middleware\VerifyCsrfToken::class,
1 like
Level 1
I got it , your problem is space {{csrf_field()}} , it should {{ csrf_field() }}
2 likes
Level 70
Both are same. It's not a issue.
3 likes
Level 1
exactly i had same issue and resolved by putting spaces . and it works for me fine
1 like
Level 1
@Dibya thanks allottttt... This spaces just solved my biggest issue...!!! Thank you thank you thank you...!!!
1 like
Level 1
Thank you all for your time and help...
Level 4
If you alreade set the csrf_field() and tried everything else, try the following steps
1). Remove 'SESSION_DRIVER' field from your .env
2). Go to your config/session.php and in domain mark the second parameter of env()
to null i.e.
'domain' => env('SESSION_DOMAIN', null)
3). Run php artisan cache:config and php artisan cache:clear
4). Restart the server and clear your browser cache, and whoaa may be all things are
up and running now.
1 like
Level 1
@extends('layouts.app') {{--@extends('pages.layouts.app')--}}
@section('content') Login {{ csrf_field() }} @if(count($errors) > 0)
-
@foreach($errors->all() as $error)
- {{ $error }} @endforeach
<div class="col-md-6">
<input id="email" type="email" class="form-control" name="email" value="{{ old('email') }}" required autofocus>
@if ($errors->has('email'))
<span class="help-block">
<strong>{{ $errors->first('email') }}</strong>
</span>
@endif
</div>
</div>
<div class="form-group{{ $errors->has('password') ? ' has-error' : '' }}">
<label for="password" class="col-md-4 control-label">Password</label>
<div class="col-md-6">
<input id="password" type="password" class="form-control" name="password" required>
@if ($errors->has('password'))
<span class="help-block">
<strong>{{ $errors->first('password') }}</strong>
</span>
@endif
</div>
</div>
<div class="form-group">
<div class="col-md-6 col-md-offset-4">
<div class="checkbox">
<label>
<input type="checkbox" name="remember" {{ old('remember') ? 'checked' : '' }}> Remember Me
</label>
</div>
</div>
</div>
<div class="form-group">
<div class="col-md-6 col-md-offset-4">
<div class="g-recaptcha" data-sitekey="6Lfwbd4ZAAAAAEI2dQDUHzFY1Q6oW4NAxSzguKct"></div>
</div>
</div>
<div class="form-group">
<div class="col-md-8 col-md-offset-4">
<a href="{{ url('login/google') }}" class="btn btn-danger">Login With Google</a>
<button type="submit" class="btn btn-primary">
Login
</button>
<a class="btn btn-link" href="{{ route('password.request') }}">
Forgot Your Password?
</a>
</div>
</div>
</form>
</div>
</div>
</div>
</div>
</div>
Level 1
I can login to my page but when I use it in server(host) I received this error, when I wanna login why!?
Please or to participate in this conversation.