I'm creating 2 forms in one action and these forms are submitted by jquery ajax to other 2 actions. Now, problem is - only first form works. Edit form throws that csrf token is invalid. Why is that happening? My code:
Creating forms:
$project = new Project();
$addProjectForm = $this->createForm(new AddProjectType(), $project, [
'action' => $this->generateUrl('tfpt_portfolio_versionhistory_addproject'),
'method' => 'POST',
'attr' => ['id' => 'newProjectForm']
]);
$editProjectForm = $this->createForm(new EditProjectType(), $project, [
'action' => $this->generateUrl('tfpt_portfolio_versionhistory_editproject'),
'method' => 'POST',
'attr' => ['id' => 'editProjectForm']
]);
Handling submit edit form (but add form is pretty much identical):
$project = new Project();
$form = $this->createForm(new EditProjectType(), $project);
$form->handleRequest($request);
if($form->isValid()){
//handle form
}
}
The only diffrence between these 2 forms is that edit form have one more field - hidden id. Both are submitted by jquery like that:
var form = $("#editProjectForm")
if(form.valid()){
$("#loader").show();
$.ajax({
type: form.attr('method'),
url: form.attr('action'),
data: form.serialize()
}).done(function(data){
//result
}
});
And i display forms like that:
{{ form_start(editProjectForm) }}
{{ form_errors(editProjectForm) }}
{{ form_widget(editProjectForm.name) }}
{{ form_widget(editProjectForm.id) }}
{{ form_rest(editProjectForm) }}
{{ form_end(editProjectForm) }}
Can somebody point my mistake? Isn't it possible to embed 3 forms in one action? Or i have to generate CSRF other way?
#Edit: I updated symfony to the newest release and now it's working prefect. Seems like this version had a bug or i got some lack of vendors code. Anyway, problem resolved.
I think you have to create two tokens in the controller:
$token_add = $this->get('form.csrf_provider')->generateCsrfToken('add');
$token_edit = $this->get('form.csrf_provider')->generateCsrfToken('edit');
and put in the view in hidden field. And then validate in the controller action that proccess the form
# Here you can validate the 'add' or 'edit' token
if (!$this->get('form.csrf_provider')->isCsrfTokenValid('add', $token)) {
$respuesta = array('mensaje' => 'Oops! Invalid token.',
'token' => $token);
return new Response(json_encode($respuesta));
}
Related
Im using laravel 5.7, I implemented login using make-auth().
also folowing is my login funtion:
public function login(Request $request)
{
$this->validate($request, [
'email' => 'required|email',
'password' => 'required|min:6'
]);
$validator = Validator::make($request->all(), [
'email' => 'required|unique:users|max:255',
'password' => 'required',
]);
$credentials= ['email' => $request->get('email'), 'password'=>$request->get('password')];
if (Auth::guard('web')->attempt($credentials)) {
$user = Auth::user();
return redirect(route('home'));
}
$validator->errors()->add('login', 'Invalid Credentials');
return redirect()->back()
->with('loginError','Invalid Credentials')
->withInput($request->only('email', 'remember'));
}
When I try login, the page get redirected back to the login page.
Am I missing out something or is there anything to be added in middleware or any other file
I suspect this part might be the issue?
$validator = Validator::make($request->all(), [
'email' => 'required|unique:users|max:255',
'password' => 'required',
]);
By adding a unique validation rule to the login page (as opposed to the registration page), an existing user would be redirected back with a validation error every time because their email is already in the database.
Check your login page and make sure you're displaying form validation errors. If you see an error stating that the email must be unique, then this is the cause.
Here's a snippet you can use to display errors (from https://laravel.com/docs/5.7/validation#quick-displaying-the-validation-errors)
#if ($errors->any())
<div class="alert alert-danger">
<ul>
#foreach ($errors->all() as $error)
<li>{{ $error }}</li>
#endforeach
</ul>
</div>
#endif
I am trying to update a record but when passing the data, it throws me this error:
MethodNotAllowedHttpException in RouteCollection.php line 218:
I understand that there are problems with routing but I'm unable to find what is causing this.
My form:
<form action="{{route('profesorControll.update', $datosProfesor->id)}}" method="POST">
My routing:
Route::resource('profesorControll', 'profesor\ProfesorController');
My controller:
public function update(Request $request, $id){
$camposProfesor = array('nombre_profesor' => $request['nombre_profesor'], 'apellido_profesor' => $request['apellido_profesor'], 'documento_profesor' => $request['documento_profesor'], 'fecha_nacimiento_profesor' => $request['fecha_nacimiento_profesor'], 'telefono_profesor' => $request['telefono_profesor'], 'telefono_movil_profesor' => $request['telefono_movil_profesor'], 'correo_profesor' => $request['correo_profesor'], 'domicilio_profesor' => $request['domicilio_profesor'], 'institucion_id' => $request['idInstitucion']);
$update = DB::table('profesor')->where('id', $id)->update($camposProfesor);
Session::flash('mensaje_profesor', 'Profesor modificado correctamente');
return redirect('Profesores/Editar/'. $id);
}
How do I solve this problem?
in resource update method is called using the put method to use put method in your form add below
<form action="{{route('profesorControll.update', $datosProfesor->id)}}" method="POST">
{{ method_field('PUT') }}
check here
https://laravel.com/docs/5.3/routing#form-method-spoofing
I have a number of forms on the one page under different tabs
After the form is processed, I would like to return to the same tab as the form was sent from.
Basically, I would like to modify the target_route to go to the current page with an Anchor at the end of the URL. (EG company/view/6#editdetails)
Could someone provide or link to an example that I can put in my controller or into twig?
The answer is simply:
$form = $this->createForm(new ContactType($contact), $contact, array(
'method' => 'POST',
'action' => '#editdetails'
));
You may also set this in the template itself as an attribute. See example:
{{ form_start(form, {attr: { novalidate: "novalidate", class: 'requiredStar', action: '#form' }}) }}
The goal is to submit a POST form with two radiobuttons (tipo) and a text field (numero) to make a query in my DB and show the data to the user.
I am trying to submit the form below, however when I submit the form, the request coming accross is a 'GET REQUEST'. The form is in "SupuestoConfig.html.twig":
<div id="cuadro">
<form id="configurador" action="{{ path('configsup') }}" method="POST">
<p class="titulo_configurador">Elija supuesto penal:</p>
{{ form_row(form.tipo) }}
{{ form_row(form.numero, { 'label' : ' ', 'attr' : { 'class' : 'rec3' }}) }}
{{ form_rest(form) }}
<input type="submit" name="cargar" value="Cargar" class="inputbt"/>
</form>
</div>
I render the previous form in "principal.html.twig":
{{ render(controller('PprsBundle:Default:SupuestoConfig'), {'strategy': 'inline'}) }}
My "Controller.php":
/**
* #Route("/pprs/principal/supuesto={numero_supuesto}", name="configsup")
* #Template("PprsBundle:Default:SupuestoConfig.html.twig")
*/
public function SupuestoConfigAction($numero_supuesto = null)
{
$form = $this->createFormBuilder(null)
->add('tipo', 'choice', array(
'choices' => array(
'aleatorio' => 'Aleatorio',
'pornumero' => 'Por número'),
'multiple' => false,
'expanded' => true,
'data' => 'aleatorio'
))
// This add may contains error
->add('numero', 'text', array('label' => ' ','disabled' => true))
->getForm();
$peticion = $this->getRequest();
echo ('<script type="text/javascript">alert ("'.$peticion->getMethod().'");</script>');// Returns 'GET'
if ($peticion->isMethod('POST')) {
// Symfony2.2
$form->bind($peticion);
**$datos = $form->getData();**
*//foreach(array_keys($datos) as $p) {
//echo ('<script type="text/javascript">alert ("'.$datos.'");</script>');
//}*
if ($form->isValid()) { ... }
In Controller.php, despite I´ve got a GET request (when I remove the line
->add('numero', 'text',..
I´ve got a POST request, why is that?), in getData I don´t get the text field.
Finally, my routing.yml:
pprs_principal:
pattern: /pprs/principal/supuesto={numero_supuesto}/
defaults: { _controller: PprsBundle:Default:principal, numero_supuesto: 1 }
_pprs_principal:
pattern: /pprs/principal/
defaults: { _controller: FrameworkBundle:Redirect:redirect, route: pprs_principal }
Sorry for my bad english, Thanks in advance
Edit:
1) Anybody knows why I obtain a GET request instead of a POST when I add the text field in my createFormBuilder?
2) Anybody knows why Don't I get the text field when I call getData?
Help me please...
Maybe this answer could help you out:
getRequest() returns "GET" when posting form
Basically, when rendering a form with a {% render %} tag, it actually creates "another" request... It doesn't pass in the locale, the method, etc.
I opened a bug about this, and it went as By Design:
https://github.com/symfony/symfony/issues/7551
Hey I am saving every page in two different languages on my website. I want to manage my pages with an admin area that I am developing with symfony2 at the moment.
Following controller code is able to display two forms on the same page containing the right data from the database. One form to manage the DE language and another for EN:
View:
<form action="{{ path('admin_about') }}" method="post" {{ form_enctype(formEN) }}>
{{ form_widget(formEN) }}
<button type="submit" class="btn btn btn-warning" naem="EN">Save</button>
</form>
<form action="{{ path('admin_about') }}" method="post" {{ form_enctype(formDE) }}>
{{ form_widget(formDE) }}
<button type="submit" class="btn btn btn-warning" name="DE">Save</button>
</form>
Controller:
public function aboutAction(Request $request)
{
$pageEN = $this->getDoctrine()
->getRepository('MySitePublicBundle:Page')
->findOneBy(array('idName' => 'about', 'lang' => 'EN'));
$pageDE = $this->getDoctrine()
->getRepository('MySitePublicBundle:Page')
->findOneBy(array('idName' => 'about', 'lang' => 'DE'));
if (!$pageDE) {
throw $this->createNotFoundException('About page (DE) not found.');
}
if (!$pageEN) {
throw $this->createNotFoundException('About page (EN) not found.');
}
$formDE = $this->createFormBuilder($pageDE)
->add('title', 'text')
->add('content', 'text')
->getForm();
$formEN = $this->createFormBuilder($pageEN)
->add('title', 'text')
->add('content', 'text')
->getForm();
//Save Form here
return $this->render('MySitePublicBundle:Admin:about.html.twig', array(
'aboutPageDE' => $pageDE, 'aboutPageEN' => $pageEN, 'formDE' => $formDE->createView(), 'formEN' => $formEN->createView(),
));
}
My Question is: How to save the form that has been used out of one controller?
Based on the Forms and Doctrine section of the Symfony2 Docs (or in your case, since you're not using a Form class) --
So where you have //save form here assuming you've set up MySitePublicBundle:Page to save the Title and Content (and has the normal getters/setters).
if ($request->getMethod() == 'POST') {
$form->bindRequest($request);
// data is an array with "title" and "content" keys
$data = $form->getData();
// You'll need to have some switch depending on which language you're dealing
// with... (unless its both, then just repeat for $pageDE)
$pageEn->setTitle($data['title']);
$pageEn->setContent($data['content']);
$em = $this->getDoctrine()->getEntityManager();
$em->persist($pageEn);
$em->flush();
}
In your controller you could test if the request contains the forms, such as:
if($this->getRequest()->get('form1')) {
//
} elseif($this->getRequest()->get('form2')) {
//
}