Level 7
Try to change {{ csrf_field() }} to this {!! csrf_field() !}}
Sep 4, 2016
9
Level 4
Problem with CSRF - VerifyCsrfToken.php line 67
Hello,
I am trying to submit a simple form :
<div class="row">
<form name="article" method="POST" action= "/ASweb/public/articles/{{$article->id}}">
{{--@Todo: FIND OUT WHY IS THIS NEEDED?!!--}}
{{ csrf_field() }}
{{ method_field('PATCH') }}
<div class="col-md-4">
<textarea name="description" class="form-control">{{$article->description}}</textarea>
</div>
<div class="col-md-8">
<button type="submit" class="btn btn-primary">Save</button>
</div>
</form>
</div>
But I am always getting the following error message:
TokenMismatchException in VerifyCsrfToken.php line 67:
As you can see I have already included the {{ csrf_field() }}. I did this as I read that it will fix this issue and the correct token will be matched. But the problem persists. I am trying to do a post that I convert to a patch as suggested in the "Laravel from scratch" lectures and then I simply want my controller to update the fields and return to the page. Nothing special.
Any hints are appreciated! THANKS! :-)
Level 4
I've tried that but that just seems to break my code. What was the idea behind that suggestion?
Level 4
The thing is that if I look into the source on my page the token seems to be replaced in the correct way. Once I submit the form I get the mismatch exception. I now wonder what it the token compared to? Do I have any way to dump both values and see where the mismatch is? I've just started with Laravel and still do not know much about CSRF.
Level 51
How you route looks?
And how you session is configured
Level 4
My routes look like this:
Route::get('articles/{article}/edit', 'ArticlesController@edit');
Route::patch('articles/{article}', 'ArticlesController@update');
In my session.php is says:
'driver' => env('SESSION_DRIVER', 'file'),
Is that info sufficient?
Level 51
Does you folder storage/framework/sessions is writeable?
https://laravel.com/docs/5.2/session#introduction
http://laravel.io/forum/01-30-2015-laravel5-tokenmismatchexception-in-verifycsrftoken/?page=1
Level 4
The folder storage/framework/sessions is writeable. As far as I understood I did things as they're supposed to be. Have the csrf_field() inside my form tags and sessions can be written... Problem persists.
Level 4
I have now also compared the value of the token in the session file and the one which gets taken into the form after I add csrf_field() and they match!! I really do not know what the problem is.
Does anyone know where exactly those 2 values are being compared within the code such that I can track that down?
Level 4
I have solved the issue. I was having a wrong path in the link and hence the mismatch exception!
Please or to participate in this conversation.