I have a symfony form. Submitting it, I have an error message :
The CSRF token is invalid. Please try to resubmit the form.
I dont know why I have this. I bind request to form after checking the request method is post :
if ($request->getMethod() === 'POST') {
$form->handleRequest($request);
}
Here is the type of the form.
class PasswordActionType extends AbstractType {
protected $forgotten_password;
public function __construct($forgotten_password) {
$this->forgotten_password = $forgotten_password;
}
public function buildForm(\Symfony\Component\Form\FormBuilderInterface $builder, array $options) {
$builder->add('identifiant', 'text', array('attr' => array('style' => 'width:250px')));
if(!$this->forgotten_password) {
$builder->add('ancienMDP', 'password', array(
'label' => 'Ancien MDP',
'attr' => array(
'class' => 'ligne',
'style' => 'width:252px'
)));
$builder->add('nouveauMDP', 'repeated', array(
'type' => 'password',
'invalid_message' => 'Confirmation différente du nouveau mot de passe',
'first_options' => array('label' => 'Nouveau MDP'),
'second_options' => array('label' => 'Confirmer'),
'options' => array(
'attr' => array(
'class' => 'ligne',
'style' => 'width:252px'
))
));
} else {
$builder->add('ancienMDP', 'hidden', array('error_bubbling' => false, 'data' => 'NULL'));
$builder->add('nouveauMDP', 'hidden', array('error_bubbling' => false, 'data' => 'NULL'));
}
}
public function configureOptions(\Symfony\Component\OptionsResolver\OptionsResolver $resolver) {
$resolver->setDefaults(array(
'data_class' => 'My\Bundle\Security\PasswordAction',
'csrf_protection' => true,
'csrf_field_name' => 'token'
));
}
public function getName() {
return 'cramif_password_action';
}
}
So 2 forms use the same builder. The difference is the value of "forgotten_password".
form1 : forgotten_password = true
the 2 fields 'ancienMDP' and 'NouveauMDP' are hidden html fields
form2: forgotten_password = false
the 2 fields are what u can see.
There is not problem with form1, no CSRF error.
The problem occurs with form2.
Note : the 2 forms are displayed with Twig with the same commands.
Note2 : in the twig template I have a form_rest
Just to help people :
If u think u did it right :
bind the request after checking that the form is posted
used form_rest.
Check that you did not invalidate your session. Of course, for the CSRF to work, you need a valid session.
Related
I'm building a form like with two non mandatory fileds :
$form = $this->createFormBuilder($contact);
$form->add('name');
$form->add('subject', TextType::class);
$form->getForm();
After rendering the first field is not required (it's normal) but why the second is ?! What's wrong with this code ?
Thanks :)
The problem must be the related entity to this form. Are name and subject nullable?. If no ORM configured then you need to manually set the required attribute to each form field. Look the example of a contact form without ORM.
public function buildForm(FormBuilderInterface $builder, array $options) {
$builder
->add('fullName', null, array(
'required' => true,
'attr' => array(
'placeholder' => 'Name',
'class' => 'text gradient'
)))
->add('email','email', array(
'required' => true,
'attr' => array(
'placeholder' => 'Email',
'class' => 'text gradient'
)))
->add('subject', null, array(
'required' => true,
'attr' => array(
'placeholder' => 'Subject',
'class' => 'text gradient'
)))
->add('body', 'textarea', array(
'required' => true,
'attr' => array(
'placeholder' => 'Message',
'class' => 'text gradient'
)));
}
required default value is defined in type class method configureOptions()
public function configureOptions(OptionsResolver $resolver)
{
$resolver->setDefaults(array(
'required' => true,
));
}
and in all parents for this type (parent is defined by getParent() method)
first parent is Symfony\Component\Form\Extension\Core\Type\FormType and there required default value is defined as true, to it is strange that first input is not required.
you can define required while adding new element $form->add('subject', TextType::class, array('required' => false));
I have a Symfony 2 entity. When I create a new record, I must fill all the values using a form, but after saving it, one of the values, $amount shouldn't be updatable when I update the others members.
How can I accomplish this? It's possible to mark a form member as a read-only, in runtime?
By using the validation_groups and name options when creating your form, you can change the form.
The name attribute sets the form creation, and the validation_groups takes care of the validation.
For example, in the create/new method of your controller;
public function createAction(Request $request)
{
// Instantiate new Foo object
$client = new Foo();
// create the form (setting validation group)
$form = $this->formFactory->create('foo', $foo, array(
'name' => 'create',
'validation_groups' => array('create')
)
);
// form has been submitted...
if ('POST' === $request->getMethod()) {
// submits the form
$form->handleRequest($request);
// do validation
if ($form->isValid()) {
// do whatever
}
}
// either GET or validation failed, so show the form
return $this->template->renderResponse('FooBundle:foo:add.html.twig', array(
'form' => $form->createView(),
'foo' => $foo
));
}
And in the edit/update function of your controller;
public function updateAction($id, Request $request)
{
// Instantiate Client object
$client = new Foo($id);
// create the form (setting validation group)
$form = $this->formFactory->create('foo', $foo, array(
'name' => 'update',
'validation_groups' => array('update')
));
// form has been submitted...
if ('POST' === $request->getMethod()) {
// submits the form
$form->handleRequest($request);
// do validation
if ($form->isValid()) {
// do whatever
}
}
// either GET or validation failed, so show the form
return $this->template->renderResponse('FooBundle:foo/edit:index.html.twig', array(
'form' => $form->createView(),
'foo' => $foo
));
}
And your Form Type will look something like;
class FooType extends BaseAbstractType
{
protected $options = array(
'data_class' => 'FooBundle\Model\Foo',
'name' => 'foo',
);
private $roleManager;
public function __construct($mergeOptions = null)
{
parent::__construct($mergeOptions);
}
/**
* {#inheritdoc}
*/
public function buildForm(FormBuilderInterface $builder, array $options)
{
$this->$options['name']($builder, $options);
}
private function create(FormBuilderInterface $builder, array $options)
{
// ID
$builder->add('Id', 'text', array(
'required' => true,
'label' => 'ID',
'attr' => array(
'placeholder' => 'Format: 2 alphanumeric (e.g. A1)'
)
));
// Name - only show on create
$builder->add('Name', 'text', array(
'required' => true,
'label' => 'Name',
'attr' => array(
'placeholder' => 'Your name'
)
));
// add the submit form button
$builder->add('save', 'submit', array(
'label' => 'Save'
));
}
private function update(FormBuilderInterface $builder, array $options)
{
// ID
$builder->add('Id', 'text', array(
'required' => true,
'label' => 'ID',
'attr' => array(
'placeholder' => 'Format: 2 alphanumeric (e.g. A1)',
)
));
// Name - just for show
$builder->add('Name', 'text', array(
'required' => true,
'label' => 'Name',
'attr' => array(
'readonly' => 'true' // stops it being editable
)
));
// add the submit form button
$builder->add('save', 'submit', array(
'label' => 'Save'
));
}
}
P.S. All my classes are declared as services, so how you call create forms/views/etc may be different.
I asked a question here How to use Repository custom functions in a FormType but nobody anwsered, so i did a little digging and advanced a little but i still get this error:
Notice: Object of class Proxies\__CG__\Kpr\CentarZdravljaBundle\Entity\Category
could not be converted to int in /home/kprhr/public_html/CZ_Symfony/vendor/symfony/symfony/src/Symfony/Component/Form/Extension/Core/ChoiceList/ChoiceList.php line 457
Now this is how my CategoryType looks like:
<?php
namespace Kpr\CentarZdravljaBundle\Form\Type;
use Symfony\Component\Form\AbstractType;
use Symfony\Component\Form\FormBuilderInterface;
use Symfony\Component\OptionsResolver\OptionsResolverInterface;
use Symfony\Bridge\Doctrine\RegistryInterface;
class CategoryType extends AbstractType
{
private $doctrine;
public function __construct(RegistryInterface $doctrine)
{
$this->doctrine = $doctrine;
}
public function setDefaultOptions(OptionsResolverInterface $resolver)
{
$resolver->setDefaults(array(
'data_class' => 'Kpr\CentarZdravljaBundle\Entity\Category',
'catID' => null,
));
}
public function buildForm(FormBuilderInterface $builder, array $options)
{
$someId = $builder->getData()->getId();
$param = ($someId) ? $someId : 0;
$catID = $options['catID'];
$builder->add('name', 'text', array('attr' => array('class' => 'span6')));
$builder->add('file', 'file', array('image_path' => 'webPath', 'required' => false));
$builder->add('parent', 'choice', array(
'choices' => $this->getAllChildren($catID),
'required' => false,
'attr' => array('data-placeholder' => '--Izaberite Opciju--'),
));
$builder->add('tags', 'tag_selector', array(
'required' => false,
));
$builder->add('status', 'choice', array(
'choices' => array('1' => 'Aktivna', '0' => 'Neaktivna'),
'required' => true,
));
$builder->add('queue', 'text', array('attr' => array('class' => 'span3')));
}
private function getAllChildren($catID)
{
$choices = array();
$children = $this->doctrine->getRepository('KprCentarZdravljaBundle:Category')->findByParenting($catID);
foreach ($children as $child) {
$choices[$child->getId()] = $child->getName();
}
return $choices;
}
public function getName()
{
return 'category';
}
}
I am accessing the CategoryRepository function findByParenting($parent) from the CategoryType and I am getting the array populated with accurate data back from the function getAllChildren($catID) but the error is there, i think that Symfony framework is expecting an entity field instead of choice field, but dont know how to fix it.
I also changet the formCreate call in the controller giving $this->getDoctrine() as an argument to CategoryType():
$form = $this->createForm(new CategoryType($this->getDoctrine()), $cat, array('catID' => $id));
Ok i managed to resolve the dilemma. The answer was easy all I had to do is change
$builder->add('parent', 'choice', array(
'choices' => $this->getAllChildren($catID),
'required' => false,
'attr' => array('data-placeholder' => '--Izaberite Opciju--'),
));
to this:
$builder->add('parent', 'entity', array(
'class' => 'KprCentarZdravljaBundle:Category',
'choices' => $this->getAllChildren($catID),
'property' => 'name',
'required' => false,
'attr' => array('data-placeholder' => '--Izaberite Opciju--'),
));
And change the getAllChildren(..) function so that it returns objects
private function getAllChildren($catID)
{
$choices = array();
$children = $this->doctrine->getRepository('KprCentarZdravljaBundle:Category')->findByParenting($catID);
foreach ($children as $child) {
$choices[$child->getId()] = $child->getName();
}
return $choices;
}
I changed it to:
private function getAllChildren($catID)
{
$children = $this->doctrine->getRepository('KprCentarZdravljaBundle:Category')->findByParenting($catID)
return $children;
}
Lots of thanks to user redbirdo for pointing out the choices option on an entity field.
It seems like you are doing something too much complicated.
You are on the right way when you write Symfony framework is expecting an entity field instead of choice field.
To do this, replace:
$builder->add('parent', 'choice', array(
'choices' => $this->getAllChildren($catID),
'required' => false,
'attr' => array('data-placeholder' => '--Izaberite Opciju--'),
));
by:
$builder->add('users', 'entity', array(
'class' => 'KprCentarZdravljaBundle:Category',
'property' => 'name',
'query_builder' => function(EntityRepository $er) use($catID) {
return $er->findByParenting($catID);
},
'required' => false,
'empty_value' => '--Izaberite Opciju--'
));
(and you don't need getAllChildren($catID) anymore unless used somewhere else)
http://symfony.com/doc/current/reference/forms/types/entity.html
I created form EditFormType with code:
// ...
public function buildForm(FormBuilderInterface $builder, array $options)
{
// ...
$builder->addEventSubscriber(new UnsetReadOnlyForEmailField());
}
// ...
and UnsetReadOnlyForEmailField:
// ...
public static function getSubscribedEvents()
{
return array(
FormEvents::PRE_SET_DATA => 'preSetData'
);
}
public function preSetData(FormEvent $event)
{
$form = $event->getForm();
$data = $event->getData();
if ($data === null) {
return;
}
if ($data->getId() === null) {
$form->add(
'plainPassword',
'repeated',
array(
'type' => 'password',
'options' => array('translation_domain' => 'FOSUserBundle', 'required' => true),
'first_options' => array('label' => 'form.password'),
'second_options' => array('label' => 'form.password_confirmation'),
'invalid_message' => 'fos_user.password.mismatch',
)
);
}
}
// ...
Unfortunately required for repeated field doesn't work, field is't required. Any suggestions? If I do it wrong, then please write to set the fields in the form are required or not, depending on the form to edit or add. On add form required, on edit form not required.
I think you can do it in such way:
$form->add(
'plainPassword',
'repeated',
array(
'type' => 'password',
'options' => array('translation_domain' => 'FOSUserBundle'),
'first_options' => array(
'label' => 'form.password',
'required' => true
),
'second_options' => array(
'label' => 'form.password_confirmation',
'required' => true
),
'invalid_message' => 'fos_user.password.mismatch',
)
);
I created form with date field using single_text widget.
I'm choose this one over choice because I'm using Bootstrap datepicker
Problem I have is that field is always populated with current date instead of being empty.
According to this it should work if i set required to false but id does not.
I tried setting empty_value to empty string same for data but in first case nothing happened probably because this option is for choice fields. In second case I'm getting exception "Expected argument of type "\DateTime", "string" given"
I tried using DataTransformer but didn't make any difference. I found out that for data fields value always goes through DateTimeToLocalizedStringTransformer and if I understand it correctly it is returning empty string if empty value so problem is somewhere further after datatransformers.
One more thing I tried is to set value using attr array and it worked unfortunately the side effect was that populating form with some values doesn't affect date field.
Is there any way to set default value of data field as empty with single_text widget?
Here goes a code
<?php
namespace Psw\AdminBundle\Form;
use Symfony\Component\Form\AbstractType;
use Symfony\Component\Form\FormBuilderInterface;
use Symfony\Component\OptionsResolver\OptionsResolverInterface;
use Doctrine\ORM\EntityRepository;
use Psw\AdminBundle\Form\DataTransformer\EmptyDateTransformer;
use Psw\AdminBundle\Form\DataTransformer\EmptyDateViewTransformer;
class OrdersFilterType extends AbstractType
{
private $admin;
public function __construct($admin=false) {
$this->admin = $admin;
}
public function buildForm(FormBuilderInterface $builder, array $options)
{
$builder->add('client', 'entity', array(
'class' => 'PswAdminBundle:User',
'required' => false,
'multiple' => false,
'label' => 'orders.client',
'empty_value' => 'orders.allclients',
'query_builder' => function(EntityRepository $er) {
$qb = $er->createQueryBuilder('u');
return $qb->where($qb->expr()->like('u.roles', '?0'))
->setParameters(array('%ROLE_CLIENT%'));
}
));
if($this->admin) {
$builder->add('staff', 'entity', array(
'class' => 'PswAdminBundle:User',
'required' => false,
'multiple' => false,
'label' => 'orders.staff',
'empty_value' => 'orders.allStaff',
'query_builder' => function(EntityRepository $er) {
$qb = $er->createQueryBuilder('u');
return $qb->where($qb->expr()->like('u.roles', '?0'))
->orWhere($qb->expr()->like('u.roles', '?1'))
->orWhere($qb->expr()->like('u.roles', '?2'))
->setParameters(array('%ROLE_STAFF%','%ROLE_ADMIN%','%ROLE_SUPER_ADMIN%'));
}
));
}
$builder->add('start', 'date', array(
'label' => 'orders.start',
'widget' => 'single_text',
'required' => false,
))
->add('end', 'date', array(
'label' => 'orders.end',
'widget' => 'single_text',
'required' => false,
))
->add('min', null, array(
'label' => 'orders.min',
'required' => false,
))
->add('max', null, array(
'label' => 'orders.max',
'required' => false,
));
}
public function getDefaultOptions(array $options)
{
$options = parent::getDefaultOptions($options);
$options['csrf_protection'] = false;
return $options;
}
public function getName()
{
return 'psw_adminbundle_ordersfiltertype';
}
}