Disallowed Key Characters – CodeIgniter Error

Receiving the error “Disallowed Key Characters” when you load a page in codeigniter?

This error for me was caused by developing locally on my machine (127.0.0.1) with xampp and with my setup I used the windows host file to re-direct a subdomain sub.example.com for example to my local web server for development. However the problem then occured when I switched to developing online, I removed the host file entry for the sub domain and then received this error.

To solve the problem I had to clear my cookies, I believe it was a cookie session problem as when I also changed the unique encryption_key in the config file it also solved the issue.

22 responses to “Disallowed Key Characters – CodeIgniter Error”

  1. This error drove me nuts for quite some time. Even your suggestion didn’t fix the problem. Here is what I did to find the issue.

    In the core CI code in system/libraries is a file called input.php I made a small modification to that file so that it would show the actual data in question.

    Around line number 199

    function _clean_input_keys($str)
    {
    if ( ! preg_match(“/^[a-z0-9:_\/-]+$/i”, $str))
    {
    exit(‘Disallowed Key Characters: ‘.$str); // Added the variable to display.
    }

    return $str;
    }

    I certainly hope this helps others.

    • Tom says:

      I’ve done this as well. In CI 2.0, this function is located in system/core/Input.php at or near line 530.

    • Ola says:

      Yea, thanks man. It worked.

      function _clean_input_keys($str)
      {
      if ( ! preg_match(“/^[a-z0-9:_\/-]+$/i”, $str))
      {
      exit(‘Disallowed Key Characters.’.$str);
      }
      // Clean UTF-8 if supported
      // if (UTF8_ENABLED === TRUE)
      //{
      //$str = $this->uni->clean_string($str);
      // }

      return $str;
      }

      and I cleared my cookies after doing this.

  2. Jeremy says:

    Thanks so much for this! I’ve been pulling my hair out for hours… great solution!

  3. Naved says:

    Thanks for the solution I also had a same problem on
    http://www.snushah.com
    when I removed my cookies from Firefox it start working.

    Thanks

  4. tom says:

    Glad I hit your website very early in my debugging routine – could easily had no hair left.

    The same problem exists in CI 2.0.1
    the code is around line 562 in input.php

  5. Bruno says:

    Man…Very good information. Marvelous tip. :mrgreen:

  6. msa says:

    Thank you .. great info ….

  7. Kay says:

    Thanks a lot mate 😀

  8. Sumeet Gautam says:

    Thanks a lot … me 2 i have been pulling off my hairs for 4 hrs now .. 🙂

  9. pegas says:

    EXCELENT !!!!!!
    THANK YOU 🙂

  10. khan asim says:

    thanks a lot it was very helpful to me . as i was strugling for it for hours 😆

  11. Vitor Siqueira says:

    Yes, clearing the cookies solved for me too

  12. vinay says:

    problem gets solve.
    Please remove blank spaces from name
    like
    name=” textbox1″ (This is wrong format)
    name=”textbox1″ (This is correct format)

    I have found IE9, FF, Chrome, Opera supports Wrong format but not in IE7 and IE8.

    IE always creates problem for website we have to make site browser compatible but how many browsers? (IE6, IE7, IE8, IE9, FF, Safari, Chrome, Opera) and most imp thing is Microsoft every year developing new browser. This is really funny thing. 😆

  13. bebo says:

    I cleared the cookies and is still showing me the error message Disallowed Key Characters.Apartado/recibir_categoria?id_categoria just after “index.php?”. but if I put a / instead the ? tells me “no input file specified”. It’s driving me crazy!

  14. Mic says:

    Hi,

    I had this problem because of a form element name.

    I was converting an ASP.NET site to PHP when i copied the forms i was going to use the same form element names until I actually posted the form and i got this error.

    The names were formatted as such:
    ctl00$cphPrimaryContent$ayoManageBroker$txtBrokerId

    I used Glen Barnhardt solution to find out what the string was that was causing the problem. After that i had to rename all the form elements and it worked fine.

    Thanks

  15. Robert says:

    Hi, please don’t modify core-files. Use Overrides or Hooks instead.
    For CI 2.0 create a file in “application/core” named “MY_Input.php”. Contents:

    class MY_Input extends CI_Input {

    function __construct() {
    parent::__construct();
    }

    function _clean_input_keys($str) {
    if ( ! preg_match(“/^[a-z0-9\.:_\/-]+$/i”, $str)) { // added \. for allowing “.” in request-params
    exit(‘Disallowed Key Characters: ‘.$str);
    }

    // Clean UTF-8 if supported
    if (UTF8_ENABLED === TRUE) {
    $str = $this->uni->clean_string($str);
    }

    return $str;
    }

    } // class

  16. David Knight says:

    I found this to be caused by the name field having unacceptable characters.


    "$shift->id['MaxCovers']", 'value' => $shift->MaxCovers, 'class' => 'input-text')); ?>

    Notice the:

    'name' => "$shift->id['MaxCovers']"

    The single quotation marks broke it, removing them fixes the issue, so the correct name code:

    'name' => "$shift->id[MaxCovers]"

  17. […] This article describes both the problem and a solution as described above by extending the Input […]

  18. This is a cookie problem..

    I change my encryption_key and it works again

  19. vlad says:

    This error drove me nuts for quite some time. Even your suggestion didn’t fix the problem. Here is what I did to find the issue.

    In the core CI code in system/libraries is a file called input.php I made a small modification to that file so that it would show the actual data in question.

    Around line number 199

    function _clean_input_keys($str)
    {
    if ( ! preg_match(“/^[a-z0-9:_\/-]+$/i”, $str))
    {
    exit(‘Disallowed Key Characters: ‘.$str); // Added the variable to display.
    }

    return $str;
    }

Leave a Reply