php - Symfony isValid False CSRF token is invalid -

-

i have form , entity , not understand why have error:

"error: csrf token invalid. please try resubmit form.\n"

i try use form entity , 'data_class' => 'artel\profilebundle\entity\teams', , out not entity , have dump not enough information:

formerroriterator {#1194 ▼ -form: form {#1245 ▶} -errors: array:1 [▼ 0 => formerror {#1244 ▼   -message: "the csrf token invalid. please try resubmit form."   #messagetemplate: "the csrf token invalid. please try resubmit form."   #messageparameters: []   #messagepluralization: null   -cause: null   -origin: form {#1245} } ] }  userprofilecontroller.php on line 178: false//this $form->isvalid()   userprofilecontroller.php on line 178: "error: csrf token invalid. please try resubmit form.\n"

form: 

class teaminformationtype extends abstracttype { private $optioncontent;  public function __construct($options) {     $this->optioncontent = $options; } /**  * @param formbuilderinterface $builder  * @param array                $options  */ public function buildform(formbuilderinterface $builder, array $options) {     $builder         ->add('company', null, array('label' => 'company', 'max_length' => 255))         ->add('technologies', 'skills', array('label' => 'technologies'))         ->add('website', 'text', array('label' => 'website url', 'required' => false))         ->add('description', null, array('label' => 'company description', 'max_length' => 65000, 'required' => false))         ->add('markets',  'chosen', array('choices' => $this->optioncontent['markets'],             'attr' => array('placeholder' => '...'),             'label' => 'vertical markets',             'required' => true, 'multiple' => true         ))          ->add('save', 'submit'); }  /**  * @return string  */ public function getname() {     return ''; } }

and action:

//  team information submit public function submitteaminformationaction($username) {     $em = $this->getdoctrine()->getmanager();     $request = $this->get('request');     $profilerepository = $this->get('artel.profile.users.repository');     $teamrepository = $this->get('artel.profile.team.repository');     $user_check_username = $profilerepository;     $user = $profilerepository->findonebyusername($username);      if (!$user) {         throw $this->createnotfoundexception('unable find profile.');     }     $authenticator = $this->get('artel.profile.authenticator');     if (!$authenticator->check($user)) {         throw new accessdeniedexception('access denied!');     }      $functionhelper = $this->get('artel.profile.additional_function');     $em = $this->getdoctrine()->getmanager();     $option['markets'] = $functionhelper->getmarkets();      $team_id = $user->getteams()->getid();     $team = $teamrepository->findonebyid($team_id);      $form = $this->createform(new teaminformationtype($option), $team);      if ($request->ismethod('post')) {         $form->bind($request);         if ($form->isvalid()) {             $data = $form->getdata();              $em->persist($data);             $em->flush();              return $this->redirect($this->generateurl('artel_user_profile_homepage', array('username' => $username)) .'#team_infornation');         }     }     dump($form->geterrors(), $form->isvalid(), $form->geterrorsasstring());exit;      $response = $this->render('artelprofilebundle:' . $this->template . ':form_team_information.html.twig', array(         'form' => $form->createview(),         'user' => $user     ));      return $response; }

and twig:

{{ form_errors(teamform) }} {{ form_start(teamform, {'action': path('artel_user_team_submit_information', {'username': user.username}), 'method': 'post'}) }}  <div class="form-group"> {{ form_label(teamform.company, label|default(null), {'label_attr': {'class': 'control-label'}}) }} {{ form_widget(teamform.company, {'attr': {'class': 'form-control bs-select'}}) }} </div>   <div class="form-group"> {{ form_label(teamform.website, label|default(null), {'label_attr': {'class': 'control-label'}}) }} {{ form_widget(teamform.website, {'attr': {'class': 'form-control bs-select'}}) }}  </div>  <div class="form-group"> {{ form_label(teamform.description, label|default(null), {'label_attr': {'class': 'control-label'}}) }} {{ form_widget(teamform.description, {'attr': {'class': 'form-control bs-select'}}) }} </div>  <div class="form-group"> {{ form_label(teamform.markets, label|default(null), {'label_attr': {'class': 'control-label'}}) }} {{ form_widget(teamform.markets, {'attr': {'class': 'form-control bs-select'}}) }} </div>   <div class="form-group skills col-xs-12"> {{ form_label(teamform.technologies, label|default(null), {'label_attr': {'class': 'control-label'}}) }} {{ form_widget(teamform.technologies, {'attr': {'class': 'form-control chosen-select input-xlarge'}}) }} </div>   <div class="margin-top-20"> {{ form_widget(teamform.save, {'attr': {'class': 'btn green-haze'}}) }} </div>  {{ form_end(infoform) }}

you can add token twig template:

{{ form_widget(form._token) }}

or don't use csrf protection (not good):

public function configureoptions(optionsresolver $resolver)     {         $resolver->setdefaults(array(             'data_class'      => 'appbundle\entity\task',             'csrf_protection' => false,             'csrf_field_name' => '_token',             // unique key generate secret token             'intention'       => 'task_item',         ));     }

more csrf protection in symfony


Comments

Post a Comment

Popular posts from this blog

qt - Using float or double for own QML classes -

-
i've created components , helper methods using c++ , qt used in qml gui. of methods calculate gui elements (size, transformations, scene graph items creation). target arm 32 bit using opengl / eglfs render output. opengl using float , qml using real (defined double ). what should use in c++ do not lose precision? if use qreal ( double ) shouldn't lose precision. if git grep float in qtbase.git , can find out bit more: dist/changes-5.2.0-**************************************************************************** dist/changes-5.2.0-* important behavior changes * dist/changes-5.2.0-**************************************************************************** dist/changes-5.2.0- dist/changes-5.2.0- - qt compiled qreal typedef'ed double on dist/changes-5.2.0: platforms. qreal float on arm chipsets before. guarantees more dist/changes-5.2.0- consistent behavior between platforms qt supports, binary dist/chan...
Read more

Create Outlook appointment via C# .Net -

-
i need create outlook appointment using microsoft.office.interop.outlook , while can work locally on own workstation , works if run web application via server's browser, not work when connect server externally. hence, think might permission issue. i changed application pool identity " localsystem " don't access denied error. unfortunately, doesn't work. the app behaves if appointment created, appointment doesn't appear in outlook. here include file on top of aspx.cs page using outlook = microsoft.office.interop.outlook; here code using pop appointment. outlook.application apptapp = new outlook.application(); outlook.appointmentitem appt = apptapp.createitem(outlook.olitemtype.olappointmentitem) outlook.appointmentitem; appt.subject = txtfirstname.text + " " + txtlastname.text; appt.body = txtcomment.text; appt.alldayevent = false; appt.start = datetime.parse(txtreminderdate.text + " 8:00 am"); appt.end = datetime.p...
Read more

ios - Swift Array Resetting Itself -

-
i have 2 arrays: pointhistory , datehistory . have nstimer , , when timer runs out, action called. in action appending int pointhistory , , current date string datehistory . here timer action: func timeraction() { let steppervalue = int(stepper.value) employee.numberofpoints = steppervalue networking.saveemployee(employee, completion: { (error) -> void in if error != nil { let alert = uialertcontroller(title: "error", message: "there error updating \(self.employee.name)'s points", preferredstyle: .alert) let alertaction = uialertaction(title: "ok", style: .cancel, handler: nil) alert.addaction(alertaction) self.presentviewcontroller(alert, animated: true, completion: nil) } }) var dateformatter = nsdateformatter() dateformatter.dateformat = "mm-dd-yyyy" dateformatter.timezone = nstimezone.localtimezone() var date = nsdate() var ...
Read more