Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

General Questions /

General questions about getting started with SilverStripe that don't fit in any of the categories above.

Moderators: martimiz, Sean, Ed, biapar, Willr, Ingo, swaiba

Security token doesn't match, possible CSRF attack.

Go to End

2 Posts   4553 Views


Community Member, 76 Posts

4 July 2011 at 2:42pm

Hi Guys,

This has me stumped. Just thought I would ask here before I try to work on a work around.

I have a very simple form below that I am trying (had a much more complex form and it gave the error so I have dumbed it down and I'm still getting the error).

Anyway, anytime I try to display the form like

I get the screen

Security token doesn't match, possible CSRF attack.

Am I just brain dead this morning and missing something glaringly obvious?

Thanks in advance for the help.



class AddItems extends Page {

	public static $db = array(

	public static $has_one = array(
        static $icon = "cms/images/famfam-silk/application_view_list";
        function getCMSFields() {

            $fields = parent::getCMSFields();
            $fields->removeFieldFromTab("Root.Content.Main", "Content");

            return $fields;

class AddItems_Controller extends Page_Controller {

    public function init() {
    //add our 'show' function as an allowed URL action
    public static $allowed_actions = array(
     * Create a form with just a single field.
    public function MyForm() {
        $fields = new FieldSet(
                new TextField('Title', '<span class="required"></span>Title')
        $actions = new FieldSet(
            new FormAction(
                _t('MyForm.SAVE', 'Save')
        $validator = new RequiredFields(

        $form = new Form(
            $validator  // optional
        return $form;
    public function doSave() {
        die('In doSave');
    public function doDelete() {
        die('In doDelete');


Community Member, 76 Posts

4 July 2011 at 2:58pm

@rentboxapp replied to me via twitter and said

"@ccburns you want to use $MyForm in the template, rather than accessing it directly. ~SW"

Which was the solution... Stupidly simple really :)