By default codeigniter come with cookies base CSRF protection.
To enable CSRF protection :
Go to app/Config/Filters.php and enabling the csrf filter:
public $globals = [
'before' => [
/* 'honeypot', */
'csrf',
],
];
<?php
namespace App\Controllers;
use CodeIgniter\Controller;
class Contact extends BaseController
{
public function __construct(){
}
public function index()
{
$data['title'] = "Contact";
return view('contact',$data);
}
public function save(){
$data = $this->request->getVar();
$validation = \Config\Services::validation();
$validation->setRules([
'name' => 'required|string',
'age' => 'required|integer|greater_than[0]',
'email' => 'required|valid_email'
]);
$res = $validation->withRequest($this->request)
->run();
if(!$res){
$data['title'] = "Contact";
echo view('contact',$data, [
'validation' => $validation
]);
}
else{
$contactModel = new \App\Models\ContactModel();
$session = \Config\Services::session();
try{
$contactModel->insert($data);
$session->setFlashdata('msg', 'Record Inserted successfully');
}
catch(\Exception $e){
$session->setFlashdata('msg', 'Something went wrong');
}
$data['title'] = "Contact";
echo view('contact',$data);
}
}
}