0

I'm new at Codeigniter. I try to pass some data into a view. I have a route like this:

$route['accounts/(:any)'] = 'accounts/$1';

and in my Account class i have register function like this: 

public function register()
    {
        $csrf  = array(
            'name' => $this->security->get_csrf_token_name(),
            'hash' => $this->security->get_csrf_hash()
        );
        $this->load->view('partials/head');
        $this->load->view('partials/nav');
        $this->load->view('auth/register',$csrf);
        $this->load->view('partials/footer');
    }

then in my register.php i try to print that $crsf like this:

<input type="hidden" name="<?=$csrf['name'];?>" value="<?=$csrf['hash'];?>" />

when i access my page which in compro.xyz/accounts/register it give me this error:

A PHP Error was encountered
Severity: Notice

Message: Undefined variable: csrf

Filename: auth/register.php

Line Number: 13

Backtrace:

File: D:\xampp\htdocs\compro\application\views\auth\register.php
Line: 13
Function: _error_handler

File: D:\xampp\htdocs\compro\application\controllers\Accounts.php
Line: 19
Function: view

File: D:\xampp\htdocs\compro\index.php
Line: 315
Function: require_once

" value="
A PHP Error was encountered
Severity: Notice

Message: Undefined variable: csrf

Filename: auth/register.php

Line Number: 13

Backtrace:

File: D:\xampp\htdocs\compro\application\views\auth\register.php
Line: 13
Function: _error_handler

File: D:\xampp\htdocs\compro\application\controllers\Accounts.php
Line: 19
Function: view

File: D:\xampp\htdocs\compro\index.php
Line: 315
Function: require_once

" />

seem's like my register doesn't recognize $csrf. I really have no idea what can cause it, I usually using Twig and since it Codeiginter I don't know much about it. And currently I'm using latest version.

Improve this question

2 Answers 2

Reset to default
1

$csrf will not be an variable on the view.

name and hash will.

If you want to have $csrf you need this data array:

$csrf  = array(
    'csrf'=> array(
        'name' => $this->security->get_csrf_token_name(),
        'hash' => $this->security->get_csrf_hash()
    )
);

But, if you use the helper form_open you don't need to write your own input hidden.

Also, you can use $this->security inside the view.

Improve this answer
Sign up to request clarification or add additional context in comments.

4 Comments

i don't use form_open since i use Ajax to validate and sent data. that why i need to check it manually.
i see. ok i will use it seem like more efficient. by the way, if i want to validate get_csrf_token_name() and get_csrf_hash() and compare both of it with the input i just write above right?
Do you have CSFR enabled in config?
If yes, it will automatically validated.
1

https://www.codeigniter.com/user_guide/general/views.html#adding-dynamic-data-to-the-view

$data = array(
        'title' => 'My Title',
        'heading' => 'My Heading',
        'message' => 'My Message'
);

$this->load->view('blogview', $data);

Therefore, you can see that $data is not available in the view, but $title, $heading, and $message are.

Likewise, $csrf won't be available in your view, but $name and $hash will. For clarity, rename $csrf to $data.

$data  = array(
    'name' => $this->security->get_csrf_token_name(),
    'hash' => $this->security->get_csrf_hash()
);
$this->load->view('auth/register', $data);

Edit - A cleaner way to write and understand it is:

$this->load->view('auth/register', array(
   'name' => $this->security->get_csrf_token_name(),
   'hash' => $this->security->get_csrf_hash()
));
Improve this answer

7 Comments

still got same problem now it said Undefined variable: data
The variable passed to $this->load->view is never available to the view. It's contents are extrapolated into new variables for use. Try using $name and $hash instead.
one more thing, do you know how to check this csrf is valid?
It should be handled for you automatically - stackoverflow.com/questions/6244669/….
Your AJAX form needs to pass it to your application but the actual validation happens automatically - as long as you're sending a post request.
|

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.