0.修改application/config/$config.php文件中
$config['csrf_protection'] = false;
1.修改system/core/Security.php文件注释掉
function __construct()其中的第一行代码如下
//if (config_item('csrf_protection') === TRUE)
2.手动使用
1>controller
2>view文件
3>提交
$config['csrf_protection'] = false;
1.修改system/core/Security.php文件注释掉
function __construct()其中的第一行代码如下
//if (config_item('csrf_protection') === TRUE)
2.手动使用
1>controller
1
2
3
4
5
6
7
8
|
public
function
index()
{
$data
=
new
stdClass();
$data
->token_name =
$this
->security->get_csrf_token_name();
$data
->token_hash =
$this
->security->get_csrf_hash();
$this
->load->view(
'sec'
,
$data
);
}
|
2>view文件
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
|
<!doctype html>
<html>
<head>
<meta charset=
"utf-8"
/>
<title>security check!</title>
</head>
<body>
<form method=
"post"
action=
"/index.php/sec/post"
>
<label
for
=
"user"
>user</label>
<input id=
"user"
name=
"user"
value=
""
/>
<label
for
=
"age"
>age</label>
<input id=
"age"
name=
"age"
value=
""
/>
<input type=
"submit"
value=
"提交"
/>
<input type=
"hidden"
name=
"<?php echo $token_name; ?>"
value=
"<?php echo $token_hash; ?>"
/>
</form>
</body>
</html>
|
3>提交
1
2
3
4
5
6
7
|
public
function
post()
{
$this
->security->csrf_verify();
//csrf检查
var_dump(
$_POST
);
}
|