Manually written forms and the request token

See, that’s for example something I do dislike at Contao. The documentation for developers sucks. Even simple things like adding the request-token to your self-written forms is not documented or I am absolutely blind. I also have the feeling that they (people who wrote the documentation) assume that a developer will read Contao’s source code if he/she has any questions. That’s like assuming a cleaning-lady checks the mechanics of a vacuum cleaner to see how it works. Anyway:

If you write forms yourself (in templates for example) you can use the following snippet, which will add the request token:

 <input type="hidden" name="REQUEST_TOKEN" value="{{request_token::*}}" />

And hence you won’t get the annoying error anymore, nor you need to disable the request-token-check which is what I did until today.

No Comments

Post a Comment