Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.

simtrax's avatar

Can't pass errors to View, and csrf won't work

Hello,

First post here hope to get some help. I've tried googling now for last couple of hours, but no luck yet.

I'm following this tutorial on user authentication, http://code.tutsplus.com/tutorials/authentication-with-laravel-4--net-35593

So i got stuck when trying to pass errors to the view, when the user tries to register. Code:

public function postCreate()
{

    $validator = Validator::make(Input::all(), User::$rules);

    if ($validator->passes())
    {

        $user = new User;
        $user->firstname = Input::get('firstname');
        $user->lastname = Input::get('lastname');
        $user->email = Input::get('email');
        $user->password = Hash::make(Input::get('password'));
        $user->save();

        return Redirect::to('users/login')->with('message', 'Din användare är nu skapad.');

    } else
    {
        /*
        $messages = $validator->messages();

        foreach ($messages->all() as $message)
        {
            print($message);
        }

        exit;

        */

        return Redirect::to('users/register')->with('message', 'The following errors occurred')->withErrors($validator)->withInput();
    }

}

So, if i enter wrong values in the fields, i return to the same page, but the errors doesn't show. Code in register.blade.php:

No matter what i do, it won't work. As you can see in the controller i have commented out a foreach loop that will print all the messages, and that works fine! I have no idea why i can't see the errors in register.blade.php.

The next problem is csrf, that won't work at all, written like the tutorial. I get this error with Laravel in debug true, Illuminate \ Session \ TokenMismatchException Open: /var/www/laravel/app/filters.php | */

Route::filter('csrf', function() { if (Session::token() !== Input::get('_token')) { throw new Illuminate\Session\TokenMismatchException; } });

So that doesn't work either. I have this as well: $this->beforeFilter('auth', array('only' => array('getDashboard'))); In my controller constructor, just like the tutorial. When i use that, and try to log in, i just return to the login page. If i comment it out it works, i get redirected to dashboard.

So there seems to be something weird going on with the Sessions, or something. I hope there's someone who can save my day!

I noticed that the tutorial is quite old, if you guys have any other one's you prefer, feel free to post a link, preferably here on Laracasts

0 likes
7 replies
christopher's avatar
if ($validator->fails()) {
    return Redirect::to('users/register')
        ->withErrors($validator) // send back all errors to the login form
        ->withInput(Input::except('password'));

And in your register view for example with bootstrap

@if (count($errors) > 0)
        <div class="alert alert-danger">
            <strong>Whoops!</strong> There were some problems with your input.<br><br>
            <ul>
                @foreach ($errors->all() as $error)
                    <li>{{ $error }}</li>
                @endforeach
            </ul>
        </div>
    @endif

btw: here on laracasts there are a lot of those videos. Another good blog for laravel would be https://scotch.io/tutorials/simple-and-easy-laravel-login-authentication

And here`s a sample on Github: https://github.com/scotch-io/simple-laravel-login-authentication/blob/master/app/controllers/HomeController.php

Did you added the csrf token to your form ?

<input type="hidden" name="_token" value="{{ csrf_token() }}">
simtrax's avatar

@hostianer: I inserted you're code, but still the register page just updates with no error messages.

christopher's avatar

Can you post your view also ?

Did you also created the rules in your user model ?

simtrax's avatar

Here is my view:

@extends('layouts.master')

@section('content') {{ Form::open(array('url'=>'users/create', 'class'=>'form-signup')) }}

@if (count($errors) > 0)
        <div class="alert alert-danger">
            <strong>Whoops!</strong> There were some problems with your input.<br><br>
            <ul>
                @foreach ($errors->all() as $error)
                    <li>{{ $error }}</li>
                @endforeach
            </ul>
        </div>
    @endif

<!-- Förnamn input field -->
<div class="form-group">
    {{ Form::label('firstname', 'Förnamn:') }}
    {{ Form::text('firstname', null, ['class' => 'form-control']) }}
</div>

<!-- Efternamn input field -->
<div class="form-group">
    {{ Form::label('lastname', 'Efternamn:') }}
    {{ Form::text('lastname', null, ['class' => 'form-control']) }}
</div>

<!-- Epost input field -->
<div class="form-group">
    {{ Form::label('email', 'Epost:') }}
    {{ Form::text('email', null, ['class' => 'form-control']) }}
</div>

<!-- Lösenord input field -->
<div class="form-group">
    {{ Form::label('password', 'Lösenord:') }}
    {{ Form::password('password', ['class' => 'form-control']) }}
</div>

<!-- Upprepa lösenord input field -->
<div class="form-group">
    {{ Form::label('password_confirmation', 'Upprepa lösenord:') }}
    {{ Form::password('password_confirmation', ['class' => 'form-control']) }}
</div>

<input type="hidden" name="_token" value="{{ csrf_token() }}">

{{ Form::submit('Skicka uppgifter', array('class'=>'btn btn-large btn-primary btn-block'))}}

{{ Form::close() }}

@stop

And here is the model:

<?php

use Illuminate\Auth\UserTrait; use Illuminate\Auth\UserInterface; use Illuminate\Auth\Reminders\RemindableTrait; use Illuminate\Auth\Reminders\RemindableInterface;

class User extends Eloquent implements UserInterface, RemindableInterface {

use UserTrait, RemindableTrait;

public static $rules = array(
    'firstname'=>'required|alpha|min:2',
    'lastname'=>'required|alpha|min:2',
    'email'=>'required|email|unique:users',
    'password'=>'required|alpha_num|between:6,12|confirmed',
    'password_confirmation'=>'required|alpha_num|between:6,12'
);

/**
 * The database table used by the model.
 *
 * @var string
 */
protected $table = 'users';

/**
 * The attributes excluded from the model's JSON form.
 *
 * @var array
 */
protected $hidden = array('password', 'remember_token');

}

I will try with the code you posted from GitHub.

christopher's avatar

The error block should be placed in your master blade file not in the specific view files because errors are "global".

@if (count($errors) > 0)
        <div class="alert alert-danger">
            <strong>Whoops!</strong> There were some problems with your input.<br><br>
            <ul>
                @foreach ($errors->all() as $error)
                    <li>{{ $error }}</li>
                @endforeach
            </ul>
        </div>
    @endif

But the registration is working ?

simtrax's avatar

So i try this in Chrome, instead of Safari, and it works as intended. Can someone tell me how to get it working in Safari as well? This is pretty weird...

simtrax's avatar
simtrax
OP
11 years ago
Best Answer
Level 4

Alright, so when i understood that it didn't work in Safari, it was a matter of time before i found a site telling me about System time on the server. So i checked, its a newly installed VM, and sure as hell the system time was of by a bit. So, now it works in Safari as well. Hope this can help someone.

@hostianer - Thank you for you're help!

Please or to participate in this conversation.