How to Protect CodeIgniter Forms with CSRF Tokens

csrf token

Edit Config.php file

$config[‘csrf_protection’] = FALSE;
$config[‘csrf_token_name’] = ‘csrf_test_name’;
$config[‘csrf_cookie_name’] = ‘csrf_cookie_name’;
$config[‘csrf_expire’] = 7200;
$config[‘csrf_regenerate’] = TRUE;
$config[‘csrf_exclude_uris’] = array();

Replace the above code with :

$config[‘csrf_protection’] = TRUE;
$config[‘csrf_token_name’] = ‘csrf_test_name’;
$config[‘csrf_cookie_name’] = ‘csrf_cookie_name’;
$config[‘csrf_expire’] = 7200;
$config[‘csrf_regenerate’] = TRUE;
$config[‘csrf_exclude_uris’] = array();

 

<form action=” ” method=” “>

</form>

Replace the form

<?php

$attributes= array(‘role’=>’form’);

echo form_open(‘ ‘,$attributes);

echo form_close();

?>

 

Leave a Reply

Your email address will not be published. Required fields are marked *

Back To Top