Laravel 5 - TokenMismatchException in VerifyCsrfToken.php line 67. How to solve this without using the FORM class?

Question

Laravel 5 - TokenMismatchException in VerifyCsrfToken.php line 67. How to solve this without using the FORM class?

Navigation

#1 by (4 votes)

0

I have a project in php / html and I'm moving it to laravel. Which means that a lot of things I will not create from scratch and I want to make the most of what is already written.

I'm currently working with a form. In the original code it is written using action="#" like this:

<form action="#" method="post" enctype="multipart/form-data" id="sky-form1" class="sky-form">

....

<button id="btn_login" type="submit" class="btn-u btn-block">Go Hme</button>
</form>

Then in JavaScript I respond to the click event and direct to the desired page:

$(function(){
      $(document).on("click", "#btn_login", function(){
           //alert("ok");
           //return false;          
           $('form').attr('action','home.php');    

      }); //End of $(document).on("change", ...    
});//End of $(function(){

By clicking the btn_login the user is directed to the home page.

Note: The code is not complete, only the most important parts. You do not have login test or user test, and so on. It's just a button inside a form on the index page that should direct to the home page.

Now moving to Laravel:

I have this route code that works. It directs me to the home page if I type in the URL myApp.com/home

Route::get('/home', function () {
    return view('home',['usertype'=>"2"]);
});

And the home page is accessed, as expected.

For the scenario of pressing the form button to be directed to home I made the following route code:

Route::post('/home', function () {
        return view('home',['usertype'=>"2"]);
    });

I used post and that was the only change.

In javascript I made a small change tbm:

$(function(){
          $(document).on("click", "#btn_login", function(){
               //alert("ok");
               //return false;          
               $('form').attr('action','home');    

          }); //End of $(document).on("change", ...    
 });//End of $(function(){

I changed the home.php to home (which is what the route expected).

So this is the logic:

The user presses the login button, javascript passes the action of the form from action="#" to action="home" and the laravel route captures the request and returns the desired page. It's working.

The only problem is that when the home page tries to be accessed after the click, I get the error: TokenMismatchException in VerifyCsrfToken.php line 67

I imagine it to be _token to prevent CSRF attacks.

As I'm not using the FORM class of laravel the token is not generated inside my form.

So my question is how to solve this problem without using the FORM class? How can I create the input hidden and put the value of the token manually? Where do I find this value? And finally, is there a token for each form?

token laravel-5

asked by anonymous 02.08.2016 / 17:17

1 answer

Add in MYSQL query in varchar field by removing Strings What is the difference between setAttibute, getAttribute and hasAttribute?

score 4 · Accepted Answer

You can put this inside the form (if you are using blade templating ):

<form method="POST" action="{{url('ROUTA DO POST')}}">
   {!! csrf_field() !!}
   ...
</form>

{!! csrf_field() !!} produces anything like: <input type="hidden" name="_token" value="8VI98KkDdCdHd0Wn62ha8OONrTAvViDFOW383ux2"> , so it will send the token via post to the server along with the other data.

You can also include the token csrf input manually, like this:

...
<input type="hidden" name="_token" value="<?php echo csrf_token(); ?>">
...

To answer your other question. You can disable checking for this token for the routes you want (but I do not think it's this that wants). So, yes, you need to send a token every time you make a post type request