this is my URL.
http://localhost/savyy/home/home_page/Islamabad
i want to show it like
http://localhost/savyy/home
i m using uri routing code
$route['home/(:any)'] = 'home/home_page/$1;
but nothings happen...it shows same URL. can anyone please help me ? please tell me how to hide function name and parameter.
I dont think it will work that way, the request is the route to controller. the request uri will be the same. you will still have the "home/home_page/islamabad" in your url. unless you redirect with the home_page() to home() and save the islamabad in a session.
Hello every body I have a problem when i call to a certain function in controller to update a record, it duplicate the my controller in URL which not let me work fine.Help please thanks in advance..
it show URL like this:
localhost/codetest/practice_controller/practice_controller/practice_update/1
In above practice_controller is coming two time.
Two possibilities.. either you have a redirect code in your controller which is redirecting in a false way or in the form action you have not written complete URL starting with base_url().
I would suggest to write complete url in form action like
<?php echo base_url()?>practice_controller/practice_update/<?php echo $update_id?>
I made a module named Gallery which works fine on my localhost with version 2.0.3, but when using version 2.1.0 on a remote site I can not submit a form and I get the error:
The action you have requested is not allowed.
Why is this?
I agree with #Jhourlad Estrella on fixing the problems instead of disabling a security feature, however I feel that the real problem is with the hidden input field that holds the token.
Instead of using plain HTML to create a form element use the the form_open() and form_close() helper functions. The reason why is because when you use the helper function it automatically inserts the csrf token as a hidden field in the form.
You could do this manually as well by adding the token as a hidden input field in the form
<input type="hidden" name="csrf_hash_name" value="your-hash-value-here">
Doing it this way will allow you to stay protected from CSRF attacks and fix the problem you are having.
Hope this helps someone else out there as this was driving me nuts the first time figuring this out.
It is a Codeigniter error related to the CSRF protection. You can cancel it in cms/config/config.php
On matters of programming, you don't go around problems, you fix it. What I mean to say is, this feature won't be here if it is unusable: 'coz it is and it works for me. You just have a problem on the implementation.
My answer: Remove all dashes, periods and any other non-alphanumeric characters from the values of following entries on application/config/config.php as seen below:
$config['sess_cookie_name'] = 'mycookiename'; //instead of "my_cookie_name"
$config['csrf_token_name'] = 'mycsrftoken'; //instead of "my.csrf.token"
$config['csrf_cookie_name'] = 'mycsrfcookie'; //instead of "my/csrf/cookie"
BTW, dashes sometimes work but I suggest using single words whenever possible when naming config values. Not unless you have the time and skills to study Codeigniter's core files related to what ever you are working on just to make sure it's safe to do so.
Anyways, I hope this help somebody out there even though my answer is more than a year late.
I have a form that was built outside of CI (in Joomla), but that I wanted to process with CI. My fix was to selectively disable csrf for specific referrers. I added this to config, directly after the default config options for csrf:
/* Set csrf off for specific referrers */
$csrf_off = array(
"http://yourdomain.com/your-form-url",
"http://yourdomain.com/some-other-url"
);
if (isset($_SERVER["HTTP_REFERER"])) {
if (in_array($_SERVER["HTTP_REFERER"],$csrf_off)) {
$config['csrf_protection'] = false;
}
}
This disables csrf protection for specific URLs in the $csrf_off array, but leaves it intact for all other requests.
I have found using the form helper functions
Example
<?php echo form_open('controller/function');?>
<?php echo form_input('username', 'Username');?>
<?php echo form_close();?>
Using the helper functions like above should stop the CSRF error message showing.
If I don't use echo form_input() if I place just normal input will trigger the CSRF error when reload.
<?php echo form_open('controller/function');?>
<input type="text" name="username" />
<?php echo form_close();?>
So I recommend using all form helper functions now.
It is an old question but this same problem did cost me so much time that I wanted to share what the problem was in my case. It may help someone.
I am using Codeigniter 3.0.6 and CommunityAuth 3 together with it and I was getting this error after a login.
It was confusing since the problem would sometimes happen and would not other times.
My 'base_url' in CI's config.php was set to something like 'www.mysite.com'
When you browse the site with 'mysite.com' (notice 'www' is not in the address) and you do a form submission that uses CI's 'base_url' setting, like CommunityAuth's login does, then CSRF check fails and you get 'The action you have requested is not allowed.' error.
This error is thrown by the function csrf_show_error() in system/core/Security.php when the CSRF token in $_COOKIE doesn't match your $_POST['csrf_token_name'].
Inside config.php, I had to ensure that $config['cookie_domain'] matched $config['base_url'], without the protocol (i.e. http(s)://).
Otherwise, the cookie wasn't being passed which meant the match couldn't be made.
Use the codeigniter form opener like this:
<php echo form_open(url,method,attributes);?>
see codeigniter form documentation for more.
This is probably a rare case, but I didn't see my issue since my server has many different domain names that are very similar. The problem was that I was landing on a domain that was completely wrong, but since "The action you have requested is not allowed." error takes precedence over " 404 Not Found Error" I couldn't see it. My problem was that I didn't change my base_url to the correct domain. So if none of the above solutions work for you, you might check your settings for $config['base_url'] in application/config.
For me the problem was that I was loading the view in the index, than I changed as follow and it worked:
public function index()
{
// Load Login Page
redirect('login/login_page','refresh');
}
public function login_page()
{
$data['title'] = 'Login Page';
$this->load->view('templates/header', $data);
$this->load->view('users/login_view', $data);
$this->load->view('templates/footer');
}
Im Using Codeigniter 3 same problem with
The action you have requested is not allowed.
Based on Isaac Pak's point, i changed my base_url to what i usally typed at the address bar. like this...
instead of putting
http://www.domain.org
i write it this way..
http://domain.org
since my base_url() is just..
$config['base_url'] = 'http://domain.org/';
the fix works for my site...
I have a form to update some profile information. After making changes when the user clicks on the submit button my to be redirected to the profile page.
so after inserting the updated information into database I have the following code to redirect to the profile page:
database query goes here...
redirect('studentprofile/get/$id');
Here the $id is the the profile id and "get" is the function and "studentprofile" is the controller. But this is not working at all. It seems like the "redirect" is not getting the value of $id.
When the user submits data it shows an error saying "The URI you submitted has disallowed characters." and the URL looks like this
http://localhost/sundial/studentprofile/get/$id
would you please kindly tell me what is wrong with my script? Just for your information I am using Codeigniter
Thanks in advance :)
You need the redirect path string to be in double quotes:
redirect("studentprofile/get/$id");
or write it like this:
redirect('studentprofile/get/'.$id);
You are using single quotes use single quotes instead and btw that is not an issue of CodeIgnitor. Read more about strings: http://www.php.net/manual/de/language.types.string.php#language.types.string.syntax.double
I got stack on this in Codeigniter route, What do I want is to remove the function_name in url to be able to have a short url.
Here is the example want to have in my url
http://mysite.com/controller_name/function_name/id
to this
http://mysite.com/controller_name/id
Is there any other solution to have this if cannot be done in route? thanks!
If the above didn't work you could try:
$route['controller_name/(:num)'] = 'controller_name/lookup_function/$1';
Not much different from what was already suggested other than a hard coded controller name.
You can probably do it by trying:
$route['([a-z]+)/(\d+)'] = "$1/method/$2";
That is if you don't need to change the name of your method.