CSRF again

I met one more problem with CSRF protection. All works fine, but when I'm trying to post ANY CSRF-protected form from FIRST PAGE is always fails. I'm using pagnation: ```php public function indexAction($boardAbbr, $currentPage = 1) { ........ // Passing a resultset as data $paginator = new Paginator(array( 'data' => Threads::find(array( 'boardid = ?0', 'bind' => array($board->id), 'order' => 'modifiedat DESC' )), 'limit' => $this->config->hakaba->threadsPerPage, 'page' => $currentPage ));

... $this->view->page = $paginator->getPaginate(); $this->view->token = $this->security->getToken(); $this->view->tokenKey = $this->security->getTokenKey(); ``` view: ```volt {% for thread in page.items %} {{ partial('partials/thread') }} {% endfor %} ``` Notice, that the error appears on first page only. No matter is URL : http://localhost/nature or http://localhost/nature/page/1 in any case I got changed tokens But when I trying to post the form on http://localhost/nature/page/2 it's posted successfully. Any ideas?

Sorry, all is okay. I spent half day to realize that my action what I post to is from another controller and I just add $this->view->disable(); Now it's works!

I mistaken. Problem still exists. :((



81.1k

Is the validation code right after the token generation $this->view->token = $this->security->getToken(); ?

Yes. Like this: if ($this->security->checkToken()) { /* all is ok / } else { / bad token */ }

But it works only few times... I don't know why and when it happens it's very mysterious thing.