Support the ongoing development of Laravel.io →
posted 9 years ago
Security

##1.Tools I use

2.Code

2.1Route

Route::post('topics/upload', ['as' => 'upload.images','uses' => 'TopicsController@upload']);

2.2View


<meta name="csrf-token" content="{{ csrf_token() }}">


<form>
{!! csrf_field() !!}

<textarea id="content" name="body"> </textarea>

<form>


<script type="text/javascript">
$(function()
  {	
	$('#content').redactor({
	    imageUpload: '{{route('upload.images')}}',
	  });
  });					        
 </script>


<script type="text/javascript">
	$.ajaxSetup({
    headers: {
        'X-CSRF-TOKEN': $('meta[name="csrf-token"]').attr('content')
    }
});
</script>

###2.3Controller

public function upload(Request $request)
    {

	      $file = Input::file('file');
	      $fileName = time().'.jpg';
	      //$move = Image::make($file->getRealPath())->fit(300,120)->save('public/uploads/images/topics/'.$fileName);
	      $move = $file->move(public_path().'uploads/images/topics/',$fileName);
	      
		if($move){
			return Response::json(['filelink'=>'uploads/images/topics/'. $fileName]);
		}else{
			return Response::json(['error'=>true]);
		}
    }

##3.Respon

Failed to load resource: the server responded with a status of 500 (Internal Server Error)  

##4.laravel.log

[2015-10-12 12:56:23] local.ERROR: exception 'Illuminate\Session\TokenMismatchException' in /home/vagrant/Code/Donghua/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/VerifyCsrfToken.php:53
Stack trace:
#0 [internal function]: Illuminate\Foundation\Http\Middleware\VerifyCsrfToken->handle(Object(Illuminate\Http\Request), Object(Closure))
#1 /home/vagrant/Code/Donghua/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(124): call_user_func_array(Array, Array)
#2 /home/vagrant/Code/Donghua/vendor/laravel/framework/src/Illuminate/View/Middleware/ShareErrorsFromSession.php(49): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))
#3 [internal function]: Illuminate\View\Middleware\ShareErrorsFromSession->handle(Object(Illuminate\Http\Request), Object(Closure))
#4 /home/vagrant/Code/Donghua/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(124): call_user_func_array(Array, Array)
......

Thank you very much to help me , I have been plagued by three days.

Last updated 3 years ago.
0

Go to app/Http/Middleware/VerifyCsrfToken.php on line 14 exclude your upload images route.

/**
     * The URIs that should be excluded from CSRF verification.
     *
     * @var array
     */
    protected $except = [
        'upload/images'
    ];

Your getting the TokenMismatchException because Laravel 5 requires a csrf_token() to be on every form. http://laravel.com/docs/5.1/routing#csrf-protection

Last updated 9 years ago.
0

Sign in to participate in this thread!

Eventy

Your banner here too?

kenfu kenfu Joined 4 Jun 2015

Moderators

We'd like to thank these amazing companies for supporting us

Your logo here?

Laravel.io

The Laravel portal for problem solving, knowledge sharing and community building.

© 2025 Laravel.io - All rights reserved.