Jump to content
Sign in to follow this  
Mike Rockett

Unable to set CSRF token

Recommended Posts

Hi all :)

I have built my own module for processing forms on my site.

The module does check to see of the request was forged or not, but I am unable to inset the token name and value into my template.

I use Twig for my templates, and this is what I'm calling:

<form data-form-ident="contact-form" data-form-token-name="{{ this.session.CSRF.getTokenName() }}" data-form-token-value="{{ this.session.CSRF.getTokenValue() }}">

The output for that is an empty string.

Could it perhaps be because I am using Twig?

Side note: disabling Twig is not an option as the templates I'm using are very complex - it would be a darn mission to revert to native PHP.


(PW 2.4.0)

Share this post


Link to post
Share on other sites

Not to worry - looks like I got it.

Simply added this to my module:

$this->session->tokenName = $this->session->CSRF->getTokenName();
$this->session->tokenValue = $this->session->CSRF->getTokenValue();

Then in my view, called it like so:

<form data-form-ident="contact-form" data-form-token-name="{{ session.get('tokenName') }}" data-form-token-value="{{ session.get('tokenValue') }}" autocomplete="off">

EDIT: Well, that screws it up I'm calling it from within a module:

Fatal error: Call to a member function path() on a non-object in [omitted]\wire\core\SessionCSRF.php on line 51

So, I'll just make my own CSRF token within the module that does not depend on the page name and path.

Edited by mike-anthony
  • Like 2

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.

  • Similar Content

    • By calago
      after the migration to version 3.0.145 our export templates all of a sudden dont work properly, 
      we have a functionality where we use a boiler template with a set of fields. for some reason since the upgrade when we select the export template to export it. it wont show any of the fields added after the migration, 

      as you can see the offer certificate remarks field has been added to the export, 
      but when we select it it wont come trough

    • By quickjeff
      Hi Guys, 
      I have been debugging a site for the last 2 hours and cannot solve the issue. 
      I have a site running on 3.0.148. 
      I installed the Kongondo Blog module and was updating the templates to include the website style. 
      Once everything was set and done, I checked the page tree to see an error appear. 
      Template must be assigned a name before 'filename' can be accessed
      The same error appears in templates. 
      Debugging Steps
      I checked the templates in the server to ensure I didnt accidentally delete the namespace.  Deleted cache in browser and server under assets Still no go. 
      Any help is appreciated. 
      Thanks! 
    • By Spyros
      Hello
      I'm having a strange issue with the $page->find(), for some reason I'm missing some of the pages from the results. I found then that I was missing all the pages with the same "PAGE NAME". Is it a bug or am I missing something?
      PS 
      If I change the "PAGE NAME" of one of the missing ones then I'm retrieving the page without any problem.
      Thank you
    • By benbyf
      Hi, Looking to create form elements on a page–some input with a colection of form inputs and the appropriate labels and variables for that input. I've used ProForms in the past and rolled out my own when creating simply one off forms, but I wonder if anyone has found a good way of allowing form creation on page editing so that clients can adhocly make and edit forms?
      Thanks
    • By Guy Incognito
      This short script loops through some images from an XML feed and pushes new ones to an image field. It all works perfectly, except for some reason the last image (only) in the loop each time doesn't receive the image description... can everyone spot why? TIA! 🙂 
      foreach ($propertyImages as $img) { $fileName = trim($img[0]); if ( !empty($fileName) ) { $imgPath = '../property_data/'.$fileName; if(file_exists($imgPath) && !in_array(strtolower($fileName),$currentImages)) { $p->property_images->add($imgPath); $p->save(); $newImg = $p->property_images->last(); $newImg->description = $img[1]; $p->save(); } } }  
×
×
  • Create New...