我有一个注册表单User \ UserForm,其中包含一个字段集User \ UserFieldset。在User \ UserFieldset中,我输入了一个名为“passwordVerify”的字段,该字段应该与字段集中名为“password”的另一个字段相同。 这很好。
但是,如果管理员想要修改Admin \ UserForm中的用户帐户(也包含User \ UserFieldset),则应删除字段集User \ UserFieldset中的字段“passwordVerify”。因此,我在Admin \ UserForm中调用以下内容:
$this->get('user')->remove('passwordVerify');
$this->getInputFilter()->get('user')->remove('passwordVerify')
正如预期的那样,表单现在缺少“passwordVerify”字段。
如果我在编辑了一些东西之后保存了表单,我的自定义过滤器“PasswordFilter”就不能再检索字段集的绑定对象了($this->getOption('object');返回一个User-object) - 但绑定对象的所有属性都是空的。如果我使用Admin \ UserForm而不删除“passwordVerify”-field和“passwordVerify”-inputfilter一切正常,绑定对象将传递给具有填充属性的“PasswordFilter”(关于值,由用户在Admin中插入)用户窗体)。打破一切的行是$this->getInputFilter()->get('user')->remove('passwordVerify')。因此,这导致了我的假设,通过移除输入过滤器,水合物体以某种方式被取消/清空。下面是我的一些代码摘录,如果需要,我可以提供有关工厂等的更多信息。
管理\用户窗体:
class UserForm extends Form
{
/**
* @var EntityManager
*/
protected $entityManager = null;
/**
* @var Translator
*/
protected $translator = null;
public function __construct(EntityManager $entityManager, Translator $translator)
{
$this->entityManager = $entityManager;
$this->translator = $translator;
parent::__construct("userForm");
$this->setHydrator(new DoctrineHydrator($entityManager));
}
public function init()
{
// Adding UserFieldset
$this->add(array(
'name' => 'user',
'type' => \User\Form\UserFieldset::class,
'options' => array(
'use_as_base_fieldset' => true,
),
));
$this->get('user')->remove('passwordVerify');
$this->getInputFilter()->get('user')->remove('passwordVerify');
$this->add(array(
'type' => 'Zend\Form\Element\Csrf',
'name' => 'csrf',
));
$this->add(array(
'type' => 'submit',
'name' => 'submit',
'options' => array(
'label' => $this->translator->translate('Btn.submit.user', 'Form')
),
));
}
}
用户\ UserFieldset:
class UserFieldset extends Fieldset implements InputFilterProviderInterface
{
/**
* @var EntityManager
*/
protected $entityManager = null;
/**
* @var Translator
*/
protected $translator = null;
public function __construct(EntityManager $entityManager, Translator $translator)
{
$this->entityManager = $entityManager;
$this->translator = $translator;
parent::__construct("userFieldset");
$this->setHydrator(new DoctrineHydrator($entityManager))->setObject(new User());
}
public function init()
{
$this->add(array(
'type' => 'text',
'name' => 'firstName',
'options' => array(
'label' => $this->translator->translate('label.firstName', 'Form'),
'label_attributes' => array(
'class' => 'col-sm-3',
),
'column-size' => 'sm-5',
),
'attributes' => array(
'id' => 'firstName',
),
));
/* ... */
$this->add(array(
'type' => 'text',
'name' => 'password',
'options' => array(
'label' => $this->translator->translate('label.password', 'Form'),
'label_attributes' => array(
'class' => 'col-sm-3',
),
'column-size' => 'sm-5',
),
'attributes' => array(
'id' => 'password',
),
));
$this->add(array(
'type' => 'password',
'name' => 'passwordVerify',
'options' => array(
'label_attributes' => array(
'class' => 'col-sm-3 control-label'
),
'label' => $this->translator->translate('label.verifyPassword', 'Form'),
'column-size' => 'sm-8',
),
'attributes' => array(
'class' => 'form-control',
'id' => 'password'),
));
/* ... */
// Adding AddressFieldset
$this->add(array(
'name' => 'address',
'type' => \User\Form\AddressFieldset::class,
));
/* ... */
$this->add(array(
'type' => 'datetime',
'name' => 'created',
'options' => array(
'label' => $this->translator->translate('label.created', 'Form'),
'format' => 'd.m.Y H:i',
'label_attributes' => array(
'class' => 'col-sm-3',
),
'column-size' => 'sm-5',
),
'attributes' => array(
'id' => 'created',
),
));
}
public function getInputFilterSpecification()
{
return array(
'firstName' => array(
'required' => true,
'filters' => array(
array('name' => 'StringTrim'),
array('name' => 'StripTags'),
),
'validators' => array(),
),
/* ... */
'password' => array(
'required' => true,
'filters' => array(
array('name' => 'StringTrim'),
array('name' => 'StripTags'),
[
'name' => PasswordFilter::class,
'options' => [
'object' => $this->getObject(),
'field' => 'password'
]
]
),
'validators' => array(),
),
'passwordVerify' => array(
'required' => true,
'filters' => [
[
'name' => PasswordFilter::class,
'options' => [
'object' => $this->getObject(),
'field' => 'password'
]
]
],
'validators' => array(
array(
'name' => 'StringLength',
'options' => array(
'min' => 6
)
),
array(
'name' => 'Identical',
'options' => array(
'token' => 'password'
)
)
)
),
/* ... */
'created' => array(
'required' => false,
'filters' => array(
array('name' => 'StringTrim'),
),
'validators' => array(
array(
'name' => 'Date',
'options' => array('format' => 'd.m.Y H:i')
),
),
)
);
}
}
PasswordFilter:
class PasswordFilter extends AbstractFilter
{
/** @var EntityManager */
protected $entityManager;
/** @var PasswordInterface */
protected $passwordManager;
/**
* PasswordFilter constructor.
* @param EntityManager $entityManager
* @param PasswordInterface $passwordManager
* @param array $options
*/
public function __construct(EntityManager $entityManager, PasswordInterface $passwordManager, $options = [])
{
$this->entityManager = $entityManager;
$this->passwordManager = $passwordManager;
$this->options = $options;
}
public function filter($value)
{
$object = $this->getOption('object');
$field = $this->getOption('field');
$getter = 'get'.ucfirst($field);
if (!$object || !$field) {
throw new \Exception('Options "object" and "field" are required.');
}
if ($object->getId()) {
$dbObject = $this->entityManager->getRepository(get_class($object))->find($object->getId());
if ($value === $dbObject->{$getter}()) {
return $value;
}
}
// hash password here...
return $this->passwordManager->create($value);
}
private function getOption($option)
{
if (array_key_exists($option, $this->options)) {
return $this->options[$option];
}
return false;
}
}
任何线索?我是否在实例化过程的早期调用了“passwordVerify”的remove inputfilter? 我还测试了在我的控制器中“$ this-> form-> bind($ user)”之后删除了inputFilter和field,这也有效。如果我在Admin \ UserForm中删除它,为什么它不起作用,在我看来,这是管理“passwordVerify”-stuff的更简洁方法?
答案 0 :(得分:0)
如果您致电$this->getInputFilter(),则会调用InputProviderInterface::getInputSpecification中的UserForm方法。
如果您尚未附加对象,则无法检索它。 但我不明白为什么你甚至需要它。如果值不适合数据库值,则您正在对密码进行哈希处理,但显然数据库值似乎是纯文本作为输入,或者为什么要比较它?
恕我直言,你应该对密码进行哈希处理,无论数据库中的当前值是什么。
如果您使用的是doctrine并且密码不会更改,则无论如何都不会执行UPDATE查询。