I have a website made with CakePHP 3.6 that seemed to work fine on my computer (using WAMP, PHP 5.6.31, Apache 2.4.27) but has a different behaviour when put in a production server (Ubuntu 14.04, PHP 5.6.37, Apache 2.4.7).
There is this one POST request that generates the following error ONLY on the production server :
'_Token' was not found in request data.
Cake\Controller\Exception\AuthSecurityException
I have the security component enabled, and I don't want to disable it. All form fields are created with the FormHelper. The fields are not modified with Javascript.
The error does not always happen and mostly depend on the content that is entered in the forms by the user. I could not identify what kind of content would generate this error. The data sent is a groupe of strings that might contain anything. But I don't see how the content is relevant for this error.
Here is a sample of the code that generates the form
<?php
echo '<div class="custom-card">';
echo $this->Form->create($keyword);
echo '<table class="table table-striped table-bordered">';
// Create Table Headers with languages name
$tableHeaders = ["Mot clé"];
for ($i = 0; $i < count($languagesEnabled); $i++)
{
array_push($tableHeaders, "{$languagesEnabled[$i]->name} (version {$languagesEnabled[$i]->version})");
}
array_push($tableHeaders, "");
echo '<thead>';
echo $this->Html->tableHeaders($tableHeaders);
echo '</thead>';
//Fill Table Cells with keywords and sentences
for ($i = 0; $i < count($keywords); $i++)
{
$keywordName = $this->Form->text("keywords.$i.name", ["value" => $keywords[$i]->name, 'class' => 'form-control']);
$keywordId = $this->Form->hidden("keywords.$i.id", ["value" => $keywords[$i]->id]);
$tableCells = [$keywordName . " " . $keywordId];
$tableCells = array_pad($tableCells, count($languages) - 1, "");
for ($j = 0; $j < count($languagesEnabled); $j++)
{
$sentenceLanguageId = $this->Form->hidden("keywords.$i.sentences.$j.language_id", ["value" => $languagesEnabled[$j]->id]);
$sentenceKeywordId = $this->Form->hidden("keywords.$i.sentences.$j.keyword_id", ["value" => $keywords[$i]->id]);
$sentenceArray = ["value" => findSentenceValueInArray($keywords[$i]->sentences, $languagesEnabled[$j]->id)];
$sentenceValue = $this->Form->textarea("keywords.$i.sentences.$j.sentence", [
'value' => $sentenceArray,
'class' => 'form-control',
'id' => "area-$i-$j",
'onfocus' => "autosize(document.getElementById('area-$i-$j'))"
]);
$tableCells[$j + 1] = $sentenceValue . $sentenceLanguageId . $sentenceKeywordId;
}
$tableCells[count($languagesEnabled) + 1] = $this->Html->link('Supprimer',
['controller' => 'Keywords', 'action' => 'remove', $keywords[$i]->id],
['confirm' => 'Êtes vous sûr de vouloir supprimer la phrase ?']);
echo $this->Html->tableCells($tableCells);
}
echo "</table>";
echo $this->Form->submit('Valider', ['class'=>'btn btn-primary']);
echo $this->Form->end();
echo '</div>';
?>
