Error on activating CSRF protection

Question

I'm getting the following error message when I set $config['csrf_protection'] = TRUE;:

Fatal error: Class 'CI_Controller' not found in /opt/codeigniter/system/core/CodeIgniter.php on line 369 A PHP Error was encountered Severity: Error Message: Class 'CI_Controller' not found Filename: core/CodeIgniter.php Line Number: 369 Backtrace:

I'm following the manual, but I can't see clear cause for it.

By the way, it only happens when I try (by F5) to reload a FORM submitted with POST. I know that an error is expected, but I think that it should be shown in an error page (or something), and might be another kind of error.

Anyone can help me out?

Answer 1

My problem is that I modified the views/errors/error_general.php to dynamize reporting responses getting variables from CI instance, then, someway, the error response from CSRF protection become misconfigured.

Apparently, this file can not see CI instance, so it is not possible to use instance references in it.

This was fixed by returning the file views/errors/error_general.php to the original version, but I'm still studying ways to customize it.

Thanks for the attention.

Answer 2

Make sure you have correctly named your files and class names https://www.codeigniter.com/user_guide/general/styleguide.html#file-naming

https://www.codeigniter.com/user_guide/general/styleguide.html#class-and-method-naming

For CSRF

I find it's best to create a vHost for your project once that done domain like example

example.com

config.php

$config['cookie_prefix']    = 'ci_';
$config['cookie_domain']    = '.example.com';
$config['cookie_path']      = '/';
$config['cookie_secure']    = FALSE;
$config['cookie_httponly']  = FALSE;


$config['csrf_protection'] = TRUE;
$config['csrf_token_name'] = 'csrf_test_name';
$config['csrf_cookie_name'] = 'csrf_cookie_name';
$config['csrf_expire'] = 7200;
$config['csrf_regenerate'] = TRUE;
$config['csrf_exclude_uris'] = array();

And use the form helper functions That fixed it for me.