The action you have requested is not allowed.
  • hi,
    in a simple module, i set a field like this :
    class Spectacle_fields extends Base_model_fields(){
    [...]
    $this->set('slide', array(
    'type' => 'template',
    'display_label' => FALSE,
    'label' => 'Slider',
    'add_extra' => FALSE,
    'repeatable' => TRUE,
    'title_field' => 'slide',
    'fields' =>
    array(
    'fichier' => array(
    'type' => 'asset',
    'label' => 'fichier',
    'folder' => 'images/images-spectacles/',
    ),
    'alter' => array(
    'type' => "input",
    ),
    'classe' => array(
    'type' => "input",
    ),
    ),

    ));
    [...]
    }
    in the model i wrote :
    class Spectacles_model extends Base_module_model
    {
    [...]
    public $serialized_fields = array('slide');
    [...]
    }

    i can upload the asset (it is in the right place in assets folder), i see the thumbnail, but when i try to save the record it throw a error :"The action you have requested is not allowed."

    Everything works great when i use "select image" button...

    what do i wrong ?

    thank you for any idea.
  • "The action you have requested is not allowed" relates to CSRF security supported by CodeIgniter. How did you create the upload form (manually or using Fuel Form functions)? Check your CSRF settings in config.php
  • thank you for your response.
    i use Fuel Form Functions.
    you're right : it was related with CSRF security.
    i set :
    $config['csrf_protection'] = TRUE;
    $config['csrf_token_name'] = 'csrf_test_name';
    $config['csrf_cookie_name'] = 'csrf_cookie_name';
    $config['csrf_expire'] = 7200;
    $config['csrf_regenerate'] = TRUE;
    $config['csrf_exclude_uris'] = array('backoffice/.*');

    and now it works !
    thank you again. have a nice day.

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!