Last active
June 23, 2016 12:24
-
-
Save Doopin/a86a8b2e95e1297a9f60eddebce10f78 to your computer and use it in GitHub Desktop.
ZF2 CSRF Field not working as expected
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/* | |
* Hello Guys, going through something weird with ZF2 CSRF Field | |
* Please check this gist for my non-working settings | |
*/ | |
// LoginForm.php | |
class LoginForm extends MainForm { | |
public function __construct($name = 'loginForm', $options = []) { | |
parent::__construct($name, $options); | |
$validator = new LoginFormValidator(); | |
$this->setInputFilter($validator->getInputFilter()); | |
/* | |
* Other fields settings here | |
*/ | |
$this->add([ | |
'type' => 'Csrf', | |
'name' => 'xdoop', | |
'options' => [ | |
'csrf_options' => [ | |
'timeout' => 120 | |
] | |
] | |
]); | |
} | |
} | |
// LoginFormValidator.php | |
class LoginFormValidator implements InputFilterAwareInterface { | |
protected $inputFilter; | |
public function __construct() { | |
parent::__construct(); | |
} | |
public function getInputFilter() { | |
$this->inputFilter = $this->getPInputFilter(); | |
$factory = new InputFactory(); | |
/* | |
* Other factories | |
*/ | |
$this->inputFilter->add($factory->createInput([ | |
'name' => 'xdoop', | |
'validators' => [ | |
[ | |
'name' => 'Csrf', | |
'options' => [ | |
'timeout' => 120, | |
'messages' => [ | |
Validator\Csrf::NOT_SAME => 'FORM_CSRF_INVALID' | |
] | |
] | |
] | |
], | |
])); | |
return $this->inputFilter; | |
} | |
public function setInputFilter(InputFilterInterface $inputFilter) { | |
$this->inputFilter = $inputFilter; | |
throw new \Exception("Error in ".__METHOD__); | |
} | |
} | |
/** | |
* Now the problem is: csrf field is always invalid when I get the error message from $loginForm->getMessages() method | |
* | |
* But If I remove the csrf field validator, | |
* everything works fine according to the time I set. | |
* I need this configuration to override the default message error | |
*/ |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment