问题
Error:
Unable to verify your data submission error
Create one public function in Yii2. But, submit data not accept in this method, see following error images. Why is this happen?
回答1:
Add this in the head section of your layout: <?= Html::csrfMetaTags() ?>
回答2:
If you create the form manually (i.e. without using the yii form methods), you should add an input field like this:
<input type="hidden" name="_csrf" value="<?=Yii::$app->request->getCsrfToken()?>" />
source: http://zero-exception.blogspot.com/2015/01/yii2-using-csrf-token.html
回答3:
There are various solutions to this problem, I guess understanding why it happened in the first place helps solve the problem.
- It is either caused by an invalid csrf token,user generated csrf token, expired csrf token, all these 'csrf' issues will arise when you have custom forms built not using the 'ActiveForm' class.
If CSRF is not the issue,
- Its other cause occurs when you try to upload multiple files and the web server cannot handle the load. Some properties to check on this to make sure you are on the right track is to claculate the size of files one is attempting to upload and check the web server's post_max_size and upload_max_filesize
If you are running linux, check php.ini file for inputs like these:
; Maximum size of POST data that PHP will accept.
; Its value may be 0 to disable the limit. It is ignored if POST data reading
; is disabled through enable_post_data_reading.
; http://php.net/post-max-size
post_max_size = 8M
; Whether to allow HTTP file uploads.
; http://php.net/file-uploads
file_uploads = On
; Maximum allowed size for uploaded files.
; http://php.net/upload-max-filesize
upload_max_filesize = 2M
Based on your calculations, adjust the above php.ini parameters to suite your needs, then test. I had a similar problem and I solved it.
回答4:
Also sometimes you can get this error using Yii 2.0 due to the post_max_size, upload_max_filesize, max_input_time also too maybe the webserver can be trimming the post so verify on nginx - client_max_body_size or in apache - LimitRequestBody
回答5:
Check whether there is hidden input in your form with CSRF token. It should look like
<input type="hidden" name="_csrf" value="ZEZ6Y0xrY3ARGS42fTwhMQgkDgF6BCEGEx4SMXQMBR4CPy0iPCIwNQ==">
回答6:
A long story has been discussed here github
So disabling csrf somehow unsure for ajax request. I have met this issue many times.
So remember to send _csrf key when you send data by POST via ajax.
回答7:
To permanently disable csrf validation in whole application add below code in your configurations.
$config = [
'components' => [
'request' => [
'enableCsrfValidation' => false,
],
],
];
回答8:
$csrf = \yii::$app->request->csrfParam;
$token = \yii::$app->request->csrfToken;
//start from
echo Html::hiddenInput($csrf,$token);
//end from
回答9:
A little differentiation to dchakarov's answer due to Yii2 tiers using instead of
_csrf variable _frontendCsrf.
<input type="hidden" name="_frontendCsrf" value="<?=Yii::$app->request->getCsrfToken()?>" />
This is a second time this question did not help me even though I posted a comment previously, so I have to post a response.
回答10:
Updated from yii 2.0.12 to 2.0.30
Have this bad request error 400
- Got the
Html::csrfMetaTags()in the header layout. - using activeform,therefore is not caused by missing csrf token in the form. And checked already through inspect.
I solved this through adding below code to the backend/config/main.php.
'components' => [
'request' => [
'csrfParam' => '_backend_csrf',
],
Is it a correct way or will it cause security issue?
回答11:
Add this in your controller:
public $enableCsrfValidation = false;
来源:https://stackoverflow.com/questions/26459419/why-get-unable-to-verify-your-data-submission-error-in-yii2