Home » Php » php – The action you have requested is not allowed. Codeigniter

php – The action you have requested is not allowed. Codeigniter

Posted by: admin July 12, 2020 Leave a comment


I’m trying to make a simple login system in codeigniter. When I click on my button login I get an error:

The action you have requested is not allowed.

When I open my console I see this:

POST http://localhost/PHP/PROJECT/CodeIgniter/ 403 (Forbidden)

This is my view:

    <h1>LOG IN!</h1>
    <form action="" method="post">
        <label for="username">Username:</label>
        <input type="text" id="username" name="username" >
        <label for="password">Password</label>
        <input type="password" id="password" name="password" >
        <button id="btn_login" name="btn_login" >LOG IN!</button>
    <div class="errors" ><?php echo validation_errors(); ?></div>

This is my model:

class User_model extends CI_Model {
    public $m_sUsername;
    public $m_sPassword;
    public $m_sEmail;
    public $m_sPicture;

    function __construct()

    function get_user($username, $password)
        $query = $this->db->get();
        return $query->num_rows();

and this is my controller:


class Login extends CI_Controller {

    function __construct()
        $this->load->model("User_model", "", true);

    public function index()
        if ($this->input->server('REQUEST_METHOD') == 'POST') {
            $username = $this->input->post("username");
            $password = $this->input->post("password");
            $this->form_validation->set_rules("username", "Username", "trim|required");
            $this->form_validation->set_rules("password", "Password", "trim|required");

            if ($this->form_validation->run() == FALSE) {
                //validation fails
                echo "Vul alle velden in";
            } else {
                //validation succeeds
                if ($this->input->post('btn_login') == "Login") {
                    //check if username and password is correct
                    $usr_result = $this->User_model->get_user($username, $password);
                    if ($usr_result > 0) { //active user record is present
                        echo 'Ingelogd!';
                    } else {
                        echo "Wrong!";


How do I solve this problem?

How to&Answers:

Check your config.php If,

$config['csrf_protection'] = TRUE;

If it is set to true you need to use form_open(), this will auto append the ci_csrf_token. Otherwise you can just set to FALSE.

But its advisable to set it to TRUE. But you need to make sure all your request includes the ci_csrf_token including AJAX request.



Try this

<input type="hidden" name="<?php echo $this->security->get_csrf_token_name(); ?>" value="<?php echo $this->security->get_csrf_hash(); ?>">


With me it was browser cache, once I cleared it, the form started working again.


for me the problem was that I was loading the page in index, I changed as follow and it worked:

public function index()
    // Load Login Page


public function login_page()
    $data['title'] = 'Login Page';

    $this->load->view('templates/header', $data);
    $this->load->view('users/login_view', $data);