I am currently working locally (myhostname.local) to begin a development project in CodeIgniter and am trying to do a simple login form submission and the CSRF protection is not working. I get the error:
An Error Was Encountered
The action you have requested is not allowed.
A couple of things to note:
My form:
<?=form_open('home/login');?>
... username/password fields in here ...
<?=form_close();>
My controller:
public function login()
{
$this->form_validation->set_rules('email','Email','trim|required');
$this->form_validation->set_rules('password','Password','required');
if($this->form_validation->run() === FALSE)
{
... form did not pass validation ...
}
else
{
... form passed ...
}
}
When I submit the form to http://myhostname.local/home/login I get the above error.
Any help on why this is happening is much appreciated.
Thanks! Sean
It appears that setting values in the config.php file for cookies has a big impact. Once I set these back to defaults everything started working correctly again:
$config['cookie_prefix'] = "";
$config['cookie_domain'] = "";
$config['cookie_path'] = "/";
$config['cookie_secure'] = FALSE;