I'm working on some backend project and want to load form via jQueryUI tabs
<div id="parameters_tabs" style="width:920px;">
<ul>
<li><a href="<?=base_url()?>link1"><?=$this->lang->line('tab_name')?></a></li>
</ul>
</div>
in response I produce few forms as in example below:
<?
for ($i = 0; $i < count($groups); $i++)
{
?>
<form id="group_form<?=$i?>" method="POST" action="<?=base_url()?>update_group">
<input type="hidden" name="<?=$this->config->item('csrf_token_name')?>" value="<?=$token?>" />
<input type="hidden" name="id" value="<?=$groups[$i]['id']?>" />
<tr>
<td>
<input type="text" value="<?=$groups[$i]['name']?>" name="name" />
</td>
<td>
<input type="text" value="<?=$groups[$i]['short_name']?>" name="short_name" />
</td>
<td>
<textarea cols="80" rows="4" name="desc"><?=$mgroups[$i]['desc']?></textarea>
</td>
<td style="width: 30px">
<a class="save" onclick="$('#group_form<?=$i?>').submit();"><?=$this->lang->line('save')?></a>
</td>
</tr>
</form>
<?
}
?>
when clicking on "save" I got standard error about CSRF protection:
"An Error Was Encountered
The action you have requested is not allowed."
Can anyone help me and tell where I made mistake? Of course in source I see proper csrf_token_name.
This article helped me when I was experiencing the same issue. Using the built-in form helper form_open() function might also help solve the problem (as it generates the hidden CSRF field for you).