This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

We've moved the forum!

Please use forum.silverstripe.org for any new questions (announcement).
The forum archive will stick around, but will be read only.

You can also use our Slack channel or StackOverflow to ask for help.
Check out our community overview for more options to contribute.

General Questions /

General questions about getting started with SilverStripe that don't fit in any of the categories above.

Moderators: martimiz, Sean, Ed, biapar, Willr, Ingo, swaiba

Security token doesn't match, possible CSRF attack.

2 Posts 7101 Views

ccburns

Community Member, 79 Posts

4 July 2011 at 2:42pm

Hi Guys,

This has me stumped. Just thought I would ask here before I try to work on a work around.

I have a very simple form below that I am trying (had a much more complex form and it gave the error so I have dumbed it down and I'm still getting the error).

Anyway, anytime I try to display the form like

http://domain.com/AddItemPage/MyForm

I get the screen

Security token doesn't match, possible CSRF attack.

Am I just brain dead this morning and missing something glaringly obvious?

Thanks in advance for the help.

Cheers,
Colin


<?php

class AddItems extends Page {

	public static $db = array(
	);

	public static $has_one = array(
	);
        
        static $icon = "cms/images/famfam-silk/application_view_list";
        
        function getCMSFields() {

            $fields = parent::getCMSFields();
            $fields->removeFieldFromTab("Root.Content.Main", "Content");

            return $fields;

        }
}
class AddItems_Controller extends Page_Controller {

    public function init() {
        parent::init(); 
    }
    
    //add our 'show' function as an allowed URL action
    public static $allowed_actions = array(
            'MyForm'
    );
    
    /**
     * Create a form with just a single field.
     *
     */
    public function MyForm() {
        $fields = new FieldSet(
                new TextField('Title', '<span class="required"></span>Title')
        );
        $actions = new FieldSet(
            new FormAction(
                'doSave',
                _t('MyForm.SAVE', 'Save')
            )
        );
        $validator = new RequiredFields(
            'Title'
        );

        $form = new Form(
            $this,
            'MyForm',
            $fields,
            $actions,
            $validator  // optional
        );
        return $form;
    }
    
    public function doSave() {
        
        die('In doSave');
    }
    
    
    public function doDelete() {
        
        die('In doDelete');
    }
    
}

ccburns

Community Member, 79 Posts

4 July 2011 at 2:58pm

@rentboxapp replied to me via twitter and said

"@ccburns you want to use $MyForm in the AddItem.ss template, rather than accessing it directly. ~SW"

Which was the solution... Stupidly simple really :)

Thanks

Return to top