Home » Php » php – The action you have requested is not allowed. Codeigniter

php – The action you have requested is not allowed. Codeigniter

Posted by: admin July 12, 2020 Leave a comment

Questions:

I’m trying to make a simple login system in codeigniter. When I click on my button login I get an error:

The action you have requested is not allowed.

When I open my console I see this:

POST http://localhost/PHP/PROJECT/CodeIgniter/ 403 (Forbidden)

This is my view:

<body>
    <h1>LOG IN!</h1>
    <form action="" method="post">
        <label for="username">Username:</label>
        <input type="text" id="username" name="username" >
        <label for="password">Password</label>
        <input type="password" id="password" name="password" >
        <br>
        <button id="btn_login" name="btn_login" >LOG IN!</button>
    </form>
    <div class="errors" ><?php echo validation_errors(); ?></div>
</body>

This is my model:

<?php 
class User_model extends CI_Model {
    public $m_sUsername;
    public $m_sPassword;
    public $m_sEmail;
    public $m_sPicture;

    function __construct()
    {
        parent::__construct();
    }

    function get_user($username, $password)
    {
        $this->db->select("username","password");
        $this->db->from(user);
        $this->db->where('username',$username);
        $this->db->where('password',$password);
        $this->db->limit(1);
        $query = $this->db->get();
        return $query->num_rows();
    }
}

and this is my controller:

<?php

class Login extends CI_Controller {

    function __construct()
    {
        parent::__construct();
        $this->load->library('session');
        $this->load->helper('form');
        $this->load->helper('url');
        $this->load->helper('html');
        $this->load->database();
        $this->load->library('form_validation');
        $this->load->model("User_model", "", true);
    }

    public function index()
    {
        if ($this->input->server('REQUEST_METHOD') == 'POST') {
            $username = $this->input->post("username");
            $password = $this->input->post("password");
            $this->form_validation->set_rules("username", "Username", "trim|required");
            $this->form_validation->set_rules("password", "Password", "trim|required");

            if ($this->form_validation->run() == FALSE) {
                //validation fails
                echo "Vul alle velden in";
            } else {
                //validation succeeds
                if ($this->input->post('btn_login') == "Login") {
                    //check if username and password is correct
                    $usr_result = $this->User_model->get_user($username, $password);
                    if ($usr_result > 0) { //active user record is present
                        echo 'Ingelogd!';
                    } else {
                        echo "Wrong!";
                    }
                }
            }
        }

        $this->load->view("admin/login_view.php");
    }
}

How do I solve this problem?

How to&Answers:

Check your config.php If,

$config['csrf_protection'] = TRUE;

If it is set to true you need to use form_open(), this will auto append the ci_csrf_token. Otherwise you can just set to FALSE.

But its advisable to set it to TRUE. But you need to make sure all your request includes the ci_csrf_token including AJAX request.

https://www.codeigniter.com/user_guide/helpers/form_helper.html

Answer:

Try this

<input type="hidden" name="<?php echo $this->security->get_csrf_token_name(); ?>" value="<?php echo $this->security->get_csrf_hash(); ?>">

Answer:

With me it was browser cache, once I cleared it, the form started working again.

Answer:

for me the problem was that I was loading the page in index, I changed as follow and it worked:

public function index()
{
    // Load Login Page
    redirect('login/login_page','refresh');

}

public function login_page()
{
    $data['title'] = 'Login Page';

    $this->load->view('templates/header', $data);
    $this->load->view('users/login_view', $data);
    $this->load->view('templates/footer');
}