I developed an application with laravel locally with homestead and now I try to get it running on a shared host. As soon as I hit the login button I get the exception: TokenMismatchException in VerifyCsrfToken.php line 53
I read that many people have problems with the TokenMismatchException but all of the proposed solutions didn't work for me. I deleted all files in the storage/framework/sessions folder (and the folder has 777 permissions). I deleted all cookies and since I use {!! Form:open !!} the hidden _token field exists (I also posted the source code).
My whole app expects the user to be logged in, so immediately after visiting the page I get redirected to the login form.
auth/login.blade.php
#extends('app')
#section('content')
<div class="container-fluid">
<div class="row">
<div class="col-md-8 col-md-offset-2">
<div class="panel panel-default">
<div class="panel-heading">Login</div>
<div class="panel-body">
{!! Form::open(array('url' => '/auth/login', 'class' => 'form-horizontal')) !!}
<div class="form-group">
<label class="col-md-4 control-label">E-Mail Address</label>
<div class="col-md-6">
{!! Form::email('email', null, ['class' => 'form-control']) !!}
</div>
</div>
<div class="form-group">
<label class="col-md-4 control-label">Password</label>
<div class="col-md-6">
{!! Form::password('password', ['class' => 'form-control']) !!}
</div>
</div>
<div class="form-group">
<div class="col-md-6 col-md-offset-4">
{!! Form::checkbox('remember', '1', false, ['id' => 'remember']) !!}
{!! Form::label('remember', 'Remember Me') !!}
</div>
</div>
<div class="form-group">
<div class="col-md-6 col-md-offset-4">
{!! Form::submit("Login", ['class' => 'btn btn-block btn-primary']) !!}
</div>
</div>
{!! Form::close() !!}
#if (count($errors) > 0)
<div class="alert alert-danger">
<strong>Whoops!</strong> There were some problems with your input.<br><br>
<ul>
#foreach ($errors->all() as $error)
<li>{{ $error }}</li>
#endforeach
</ul>
</div>
#endif
</div>
</div>
</div>
</div>
</div>
#endsection
This is how the source code looks like:
<input name="_token" type="hidden" value="HoSZ4shS8b1avwrkJZzGiUQCWRZL0VPtj3mfvJmI">
<div class="form-group">
<label class="col-md-4 control-label">E-Mail Address</label>
<div class="col-md-6">
<input class="form-control" name="email" type="email">
</div>
</div>
<div class="form-group">
<label class="col-md-4 control-label">Password</label>
<div class="col-md-6">
<input class="form-control" name="password" type="password" value="">
</div>
</div>
<div class="form-group">
<div class="col-md-6 col-md-offset-4">
<input id="remember" name="remember" type="checkbox" value="1">
<label for="remember">Remember Me</label>
</div>
</div>
<div class="form-group">
<div class="col-md-6 col-md-offset-4">
<input class="btn btn-block btn-primary" type="submit" value="Login">
</div>
</div>
</form>
Part of my routes.php
Route::get('auth/login', 'Auth\AuthController#getLogin');
Route::post('auth/login', 'Auth\AuthController#postLogin');
Route::get('auth/logout', 'Auth\AuthController#getLogout');
I'm not sure which code is necessary to see to be able to help me with this, please let me know if I need to post some more.
Thanks to everyone who cares about my question.
Is the URL in the <form> tag correct? Is the host name the same as the one where you're visiting the page?
I'll explain:
Imagine you're developing a site at http://www.mypage.com and while you're developing, you're visiting http://localhost.
If you visit http://localhost/auth/login and the form tag looks like this:
<form action="http://www.mypage.com/something">
You're going to get the TokenMismatchException when you submit a form.
Why? It's all about cookies.
When you visit a page at http://localhost, Laravel creates a session and saves the session ID to your browser in a cookie. Cookies are (generally) only accessible to pages from the same host, so if you visit http://localhost/page1 and http://localhost/page2, the server knows that those two visits are part of the same session because the cookie is accessible on both page visits.
If, on the other hand, you visit http://localhost/page1, then you visit http://www.mypage.com/page2, the server has no way of knowing that those two visits are part of the same session, because the cookie that was set when you visited page1 is not available when you visit page2 (because the host name is different).
So, that's what I think is happening:
you visit http://localhost/auth/login while you're developing.
Laravel sets up a CSRF token and adds it to the form on the page
Laravel also inserts the action for the form tag as http://www.mypage.com/auth/login (or whatever the default value is).
You click submit and the request is sent to http://www.mypage.com/auth/login (because that's what's in the form tag)
Laravel gets a token which does not match what it saved for your session at http://www.mypage.com (if a session even exists) because it doesn't have the session ID that it assigned to the session visiting http://localhost
The solution is to check your config & ensure that you're doing all the development via visits to a single hostname.
I somehow solved this now. I installed Laravel from scratch on the server and tried to copy as little as possible and make most changes manually. Don't know what lead to this Exception though.
Here is the thread that led me to the solution: https://laracasts.com/discuss/channels/code-review/request-session-token-not-equal-token/
Related
Today I install package Laravel Captcha (https://github.com/mewebstudio/captcha)
But in Blade not working {!! captcha_img() !!}.
Register Blade
<div class="form-group mb-2">
<div class="captcha">
{!! captcha_img() !!}
<button type="button" class="btn btn-danger" class="reload" id="reload">
↻
</button>
</div>
</div>
<div class="form-group mb-2">
<div class="captcha">
<input id="captcha" type="text" class="form-control" placeholder="Enter Captcha" name="captcha">
</div>
</div>
Browser show html
Error in Console
GET http://simfind.loc/captcha/default?Ff3XLM4u 404 (Not Found)
I don’t understand why the capcher doesn’t show. Any help. (Laravel 8).
This package not optimized for Laravel version 8, I remove this package and install https://github.com/anhskohbo/no-captcha google no-captcha. Its fine work! Thanks all.
Closed. This question needs debugging details. It is not currently accepting answers.
Edit the question to include desired behavior, a specific problem or error, and the shortest code necessary to reproduce the problem. This will help others answer the question.
Closed 3 years ago.
Improve this question
I've an update function for my Gamecontroller but it gets completely ignored when I call it and it just redirects to show view instead of executing the function despite calling it, am I missing something obvious?
Things I know and tried:
Every other function works in the GameController
I tried calling other functions like game.create and game.delete from that same view so I doubt it has to do with my view
I tried making the validate fail which got ignored because the function somehow doesn't get called
I tried just commenting the entire function and it did nothing didn't even give an error like it should
Checked to see if there was somehow a double function (there wasn't)
My update function in GameController class
public function update(Request $request, $id)
{
$validated = $request->validate([
'naam' => 'required|max:1',
'img' => 'required',
'formaat' => 'required',
'datum' => 'required',
'locatie' => 'required',
]);
if($validated->fails()){
return redirect()->back()->withErrors($validated);
}
DB::table('games')
->where('id', $id)
->update([
'naam' => $request->naam,
'img' => $request->img,
'formaat' => $request->formaat,
'datum' => $request->datum,
'locatie' => $request->locatie,
]);
return Redirect::to('games')
->with('success','Great! game updated successfully.');
}
My view:
<form action="{{ route('games.update',$data->id) }}" method="PUT" name="edit_games">
#csrf
<div class="row">
<div class="col-md-12">
<div class="form-group">
<strong>Naam</strong>
<input type="text" name="naam" class="form-control" value= "{{ $data->naam }}" />
</div>
</div>
</div>
<div class="row">
<div class="col-md-12">
<div class="form-group">
<strong>Pad van de afbeelding</strong>
<input type="text" name="img" class="form-control" value="{{$data->img}}" />
</div>
</div>
</div>
<div class="row">
<div class="col-md-12">
<div class="form-group">
<strong>Formaat</strong>
<input type="text" class="form-control" name="formaat" value="{{$data->formaat}}" />
</div>
</div>
</div>
<div class="row">
<div class="col-md-12">
<div class="form-group">
<strong>Datum</strong>
<input type="date" class="form-control" name="datum" value={{$data->datum}}/>
</div>
</div>
</div>
<div class="row">
<div class="col-md-12">
<div class="form-group">
<strong>Locatie</strong>
<input type="text" class="form-control" name="locatie" value="{{$data->locatie}}"/>
</div>
</div>
</div>
<div class="row">
<div class="col-md-12">
<button type="submit" class="btn btn-primary">Submit</button>
</div>
</div>
</form>
The route in web
Route::resource('/games', 'GameController');
HTML Forms can only have GET or POST method used. You have defined the method attribute as PUT: method="PUT"; this will end up using the GET method, which would end you up at your show route. Change your method attribute to POST then add a hidden field named _method with the desired HTTP method (PUT) in your case. (Form method spoofing)
<form method="POST" ....>
{{ method_field('PUT') }}
method_field('PUT') will end up putting a hidden input into your form:
<input type="hidden" name="_method" value="PUT">
Laravel 6.x Docs - Routing - Form Method Spoofing
I'm trying to recreate a blog application form old laravel version in new version (5.8). In old version, I used laravel collective for forms, and my edit post form looks like this:
#extends('layouts.app')
#section('content')
<h1>Edit Post</h1>
{!! Form::open(['action' => ['PostsController#update', $post->id], 'method' => 'POST', 'enctype' => 'multipart/form-data']) !!}
<div class="form-group">
{{Form::label('title', 'Title')}}
{{Form::text('title', $post->title, ['class' => 'form-control', 'placeholder' => 'Title'])}}
</div>
<div class="form-group">
{{Form::label('body', 'Body')}}
{{Form::textarea('body', $post->body, ['class' => 'form-control', 'placeholder' => 'Body Text'])}}
</div>
{{Form::hidden('_method', 'PUT')}}
{{Form::submit('Submit', ['class'=>'btn btn-primary'])}}
{!! Form::close() !!}
#endsection
Now I'm trying to recreate the same form without laravel collective forms because it seems to be deprecated.
This is my attempt at recreating this form:
#extends('layouts.app')
#section('content')
<h1>Edit post</h1>
<form action="{{ route('posts.update'), $post->id }}" method="POST">
#csrf
<div class="form-group">
<label for="title">Title</label>
<input class="form-control" type="text" id="title" name="title" value={{$post->title}}>
</div>
<div class="form-group">
<label for="body">Body</label>
<textarea class="form-control" id="body" rows="3" name="body" value={{$post->body}}></textarea>
</div>
<input type="submit" class="btn btn-primary">
</form>
#endsection
I'm getting the following error:
Missing required parameters for [Route: posts.update] [URI: posts/{post}]. (View: C:\xampp\htdocs\blog\resources\views\posts\edit.blade.php)
Looks like I'm not sending the id parameter correctly.
Also,how can I recreate this part: {{Form::hidden('_method', 'PUT')}} in plain HTML?
You can recreate the method input with this:
#method('PUT')
You need to put the $post->id inside the route() and use the Form method Spoofing (#method('PUT')). Try this:
#extends('layouts.app')
#section('content')
<h1>Edit post</h1>
<form action="{{ route('posts.update', $post->id) }}" method="POST">
#csrf
#method('PUT')
<div class="form-group">
<label for="title">Title</label>
<input class="form-control" type="text" id="title" name="title" value={{$post->title}}>
</div>
<div class="form-group">
<label for="body">Body</label>
<textarea class="form-control" id="body" rows="3" name="body" value={{$post->body}}></textarea>
</div>
<input type="submit" class="btn btn-primary">
</form>
#endsection
Your error is caused by $post->id being outside of the route() function.
Change:
route('posts.update'), $post->id
to:
route('posts.update', $post)
As for the second question, this is how Form::hidden('_method', 'PUT') is rendered as HTML:
<input type="hidden" name="_method" value="PUT">
But you can use #method if you prefer a shorter way of writing it:
<form action="{{ route('posts.update', $post) }}" method="POST">
#method('PUT')
#csrf
...
</form>
I have some cotroller like this:
Route::get('/article/create', 'ArticlesController#create');
and here's my ArticlesController#create:
public function create(){
return view('articles.create',
[
'title'=>'Add Artikel',
'username'=>'Whatever Myname',
'status' => 'Offline'
]
);
}
when i trying to access blog.dev/article/create i got this strange errors:
"Trying to get property of non-object (View: E:\xampp\htdocs\blog\resources\views\articles\single.blade.php)"
how come i can get this kind of error when my view is pointing at articles.create but the error is at single.blade.php which it suppose for ArticlesController#view?
this is what in create.blade.php:
#extends('admin.layout')
#section('content')
<div class="box box-info">
<div class="box-header with-border">
<h3 class="box-title">Horizontal Form</h3>
</div>
#include('admin.formerrors')
<form method="post" class="form-horizontal" action="/articles">
{{ csrf_field() }}
<div class="box-body">
<div class="form-group">
<label for="title" class="col-sm-2 control-label">Title</label>
<div class="col-sm-10">
<input class="form-control" id="title" name="title" placeholder="Judul Artikel">
</div>
</div>
<div class="form-group">
<label for="content" class="col-sm-2 control-label">Content</label>
<div class="col-sm-10">
<textarea class="form-control" rows="3" id="content" name="content"></textarea>
</div>
</div>
<div class="box-footer">
<button type="submit" class="btn btn-primary">Save</button>
</div>
</form>
</div>
#endsection
and here's in my single.blade.php :
#extends('admin.layout')
#section('content')
<h1>{{ $article->title }}</h1>
<p>{{ $article->content }}</p>
<hr>
#foreach($article->comments as $comment)
<blockquote>
<p>{{ $comment->comment }}</p>
<small>{{ $comment->created_at->diffForHumans() }}</small>
</blockquote>
#endforeach
#include('admin.formerrors')
<form method="post" class="form-horizontal" action="/article/{{ $article->id }}/comment">
{{ csrf_field() }}
<div class="box-body">
<div class="form-group">
<label for="comment" class="col-sm-2 control-label">Comment</label>
<div class="col-sm-10">
<textarea class="form-control" rows="3" id="comment" name="comment"></textarea>
</div>
</div>
<div class="box-footer">
<button type="submit" class="btn btn-primary">Save</button>
</div>
</form>
#endsection
and here's my router:
Route::get('/articles', 'ArticlesController#index')->name('home');
Route::post('/articles', 'ArticlesController#save');
Route::get('/article/{id}', 'ArticlesController#view');
Route::get('/article/create', 'ArticlesController#create');
Route::post('/article/{article}/comment', 'CommentsController#save');
Route::get('/register', 'RegistrationController#create');
Route::post('/register', 'RegistrationController#store');
I try to change the create function by pointing into another view, but still it showing same error and pointing at single.blade view.
I delete all code at single.blade and write 'test' text, i don't get any errors. but i'm pointing my controller for viewing into create.blade not sigle.blade
After seeing you routes the problem is in this two routes :
Route::get('/article/{id}', 'ArticlesController#view');
Route::get('/article/create', 'ArticlesController#create');
In this case Laravel will consider the create in your path blog.dev/article/create as an id parameter of the view route here => /article/{id}.
So as a solution you should simply inverse the two routes :
Route::get('/article/create', 'ArticlesController#create');
Route::get('/article/{id}', 'ArticlesController#view');
You need to find what's in the file by reading more than just that line. Maybe you're including that file in the articles.create? Maybe you're accessing a variable that doesn't exist whenever you load the page. Edit your answer with more of the error and what's inside both blades and we can pinpoint what's wrong.
Below is the part of input field and submit button.
I want to increase the width of submit button as the input field using bootstrap.
Here is my code.
<div class="form-group col-md-6">
{!! Form::label('Event Photo') !!}
</div>
<div class="form-group col-md-6">
<input type='file' name='photo' id ='photo' class ='form-control'/>
</div>
<div class="form-group col-md-12">
{!! Form::submit('Add', array('class'=>'btn btn-primary')) !!}
</div>
But the button size can't get increased like that. Where am I wrong? How should I solve that?
The array() part of your form allows you to pass in any other parameters that you want.
Just as you are using it to define the class, you can use it to define the style:
<div class="form-group col-md-12">
{!! Form::submit('Add', array('class'=>'btn btn-primary', 'style' => 'width:50px;)) !!}
</div>
Just change 50px to whatever width you want to use.
Adding the class btn-lg will work.
You can find that in the documentation