I have made a laravel project where users can upload images. I have tested the project on local server and found nothing wrong. After uploading the project to the production server I found that, when a user tries to upload images that are greater than 1.5mb size, it shows error TokenMismatchException in VerifyCsrfToken.php line 67 although i have csrf token in my form. After couple of searching I found that some people are suggesting to change the two things in php.ini file and restart the nginx server. So I have changed the post_max_size = 40M upload_max_filesize = 40M and also changed the max_execution_time = 0 which means unlimited execution time. Then I run this command sudo service nginx restart and php artisan up and tried to upload an image which is 21MB size. When I pressed the submit button, It took sometime to upload the image and eventually threw the token mismatch exception. I am using ubuntu 16.04 for local tests. Any solution to this problem please? I am sharing the codes: view:
{!! Form::open(['url'=> "pro/{$user->id}/upload",'files'=> 'true', 'class'=> 'form-horizontal']) !!}
<input id="filebutton" name="image" class="input-file" type="file">
<input name="title" class="form-control" type="text" required="">
<button type="submit" class="btn btn-danger btn-block btn-flat">Upload</button>
{!! Form::close() !!}
controller:
public function save($id, PortfolioRequest $request)
{
$pro = User::findOrFail($id);
$file = $request->file('image');
$original_path = public_path('uploads/portfolio/original/');
$file_name = str_random(64).'_'.$request->title.'_user_'. $pro->id . '.' . $file->getClientOriginalExtension();
Image::make($file)
->resize(750,null,function ($constraint) {
$constraint->aspectRatio();
})
->save($original_path . $file_name);
$portfolio = Portfolio::create([
'user_id' => $id,
'image' => $file_name,
'title' => $request->title
]);
return redirect("pro/{$id}/portfolio");
}
the generated form:
<form method="POST" action="www.xxxx.com/pro/3/upload" accept-charset="UTF-8" class="form-horizontal" enctype="multipart/form-data"><input name="_token" type="hidden" value="EsH8KaSSoXovzjZ0RnWWi7eEwNWNgYlBVRm7yUYr">
Try adding this to your <header>:
<meta name="csrf-token" content="{{ csrf_token() }}" />