Csrf令牌无效
我一直认为Csrf令牌无效我试图添加{{ form_end(form) }}
或从{{ form_widget(form._token) }}删除令牌,但它确实有效,请帮助我解决此问题
这里是我的注册内容文件
{% trans_default_domain 'FOSUserBundle' %}
<div class="login-container bg-white">
<div class="p-l-50 m-l-20 p-r-50 m-r-20 p-t-50 m-t-30 sm-p-l-15 sm-p-r-15 sm-p-t-40">
<img src="assets/img/logo.png" alt="logo" data-src="assets/img/logo.png"
data-src-retina="assets/img/logo_2x.png" width="78" height="22">
<p class="p-t-35">Sign into your pages account</p>
<form action="{{ path("fos_user_security_check") }}" method="post">
<div class="form-group form-group-default">
<label>Username</label>
<div class="controls">
{{ form_widget(form.username,{'attr' : {'class' : 'form-control' , 'placeholder' : 'E-mail'}}) }}
</div>
</div>
<div class="form-group form-group-default">
<label>E-mail</label>
<div class="controls">
{{ form_widget(form.email,{'attr' : {'class' : 'form-control' , 'placeholder' : 'E-mail'}}) }}
</div>
</div>
<div class="form-group form-group-default">
<label>Passowrd</label>
<div class="controls">
{{ form_widget(form.plainPassword.first,{'attr' : {'class' : 'form-control' , 'placeholder' : 'Mot de passe'}}) }}
</div>
</div>
<div class="form-group form-group-default">
<label>Passowrd</label>
<div class="controls">
{{ form_widget(form.plainPassword.second,{'attr' : {'class' : 'form-control' , 'placeholder' : 'Confirmez mot de passe'}}) }}
</div>
</div>
{{ form_rest(form) }}
{{ form_widget(form._token) }}
<input type="submit" value="{{ 'registration.submit'|trans }}"class="btn btn-primary btn-cons m-t-10" />
</form>
<div class="pull-bottom sm-pull-bottom">
<div class="m-b-30 p-r-80 sm-m-t-20 sm-p-r-15 sm-p-b-20 clearfix">
<div class="col-sm-3 col-md-2 no-padding">
<img alt="" class="m-t-5" data-src="assets/img/demo/pages_icon.png"
data-src-retina="assets/img/demo/pages_icon_2x.png" height="60"
src="assets/img/demo/pages_icon.png" width="60">
</div>
<div class="col-sm-9 no-padding m-t-10">
<p>
<small>
Create a pages account. If you have a facebook account, log into it for this
process. Sign in with <a href="#" class="text-info">Facebook</a> or <a href="#"
class="text-info">Google</a>
</small>
</p>
</div>
</div>
</div>
</div>
</div>
<?php
/*
* This file is part of the FOSUserBundle package.
*
* (c) FriendsOfSymfony <http://friendsofsymfony.github.com/>
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
namespace FOS\UserBundle\Controller;
use FOS\UserBundle\Event\FilterUserResponseEvent;
use FOS\UserBundle\Event\FormEvent;
use FOS\UserBundle\Event\GetResponseUserEvent;
use FOS\UserBundle\Form\Factory\FactoryInterface;
use FOS\UserBundle\FOSUserEvents;
use FOS\UserBundle\Model\UserInterface;
use FOS\UserBundle\Model\UserManagerInterface;
use Symfony\Bundle\FrameworkBundle\Controller\Controller;
use Symfony\Component\EventDispatcher\EventDispatcherInterface;
use Symfony\Component\HttpFoundation\RedirectResponse;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
use Symfony\Component\Security\Core\Exception\AccessDeniedException;
/**
* Controller managing the registration.
*
* @author Thibault Duplessis <thibault.duplessis@gmail.com>
* @author Christophe Coevoet <stof@notk.org>
*/
class RegistrationController extends Controller
{
/**
* @param Request $request
*
* @return Response
*/
public function registerAction(Request $request)
{
/** @var $formFactory FactoryInterface */
$formFactory = $this->get('fos_user.registration.form.factory');
/** @var $userManager UserManagerInterface */
$userManager = $this->get('fos_user.user_manager');
/** @var $dispatcher EventDispatcherInterface */
$dispatcher = $this->get('event_dispatcher');
$user = $userManager->createUser();
$user->setEnabled(true);
$event = new GetResponseUserEvent($user, $request);
$dispatcher->dispatch(FOSUserEvents::REGISTRATION_INITIALIZE, $event);
if (null !== $event->getResponse()) {
return $event->getResponse();
}
$form = $formFactory->createForm();
$form->setData($user);
$form->handleRequest($request);
if ($form->isSubmitted()) {
if ($form->isValid()) {
$event = new FormEvent($form, $request);
$dispatcher->dispatch(FOSUserEvents::REGISTRATION_SUCCESS, $event);
$userManager->updateUser($user);
if (null === $response = $event->getResponse()) {
$url = $this->generateUrl('fos_user_registration_confirmed');
$response = new RedirectResponse($url);
}
$dispatcher->dispatch(FOSUserEvents::REGISTRATION_COMPLETED, new FilterUserResponseEvent($user, $request, $response));
return $response;
}
$event = new FormEvent($form, $request);
$dispatcher->dispatch(FOSUserEvents::REGISTRATION_FAILURE, $event);
if (null !== $response = $event->getResponse()) {
return $response;
}
}
return $this->render('@FOSUser/Registration/register.html.twig', array(
'form' => $form->createView(),
));
}
/**
* Tell the user to check their email provider.
*/
public function checkEmailAction()
{
$email = $this->get('session')->get('fos_user_send_confirmation_email/email');
if (empty($email)) {
return new RedirectResponse($this->get('router')->generate('fos_user_registration_register'));
}
$this->get('session')->remove('fos_user_send_confirmation_email/email');
$user = $this->get('fos_user.user_manager')->findUserByEmail($email);
if (null === $user) {
throw new NotFoundHttpException(sprintf('The user with email "%s" does not exist', $email));
}
return $this->render('@FOSUser/Registration/check_email.html.twig', array(
'user' => $user,
));
}
/**
* Receive the confirmation token from user email provider, login the user.
*
* @param Request $request
* @param string $token
*
* @return Response
*/
public function confirmAction(Request $request, $token)
{
/** @var $userManager \FOS\UserBundle\Model\UserManagerInterface */
$userManager = $this->get('fos_user.user_manager');
$user = $userManager->findUserByConfirmationToken($token);
if (null === $user) {
throw new NotFoundHttpException(sprintf('The user with confirmation token "%s" does not exist', $token));
}
/** @var $dispatcher EventDispatcherInterface */
$dispatcher = $this->get('event_dispatcher');
$user->setConfirmationToken(null);
$user->setEnabled(true);
$event = new GetResponseUserEvent($user, $request);
$dispatcher->dispatch(FOSUserEvents::REGISTRATION_CONFIRM, $event);
$userManager->updateUser($user);
if (null === $response = $event->getResponse()) {
$url = $this->generateUrl('fos_user_registration_confirmed');
$response = new RedirectResponse($url);
}
$dispatcher->dispatch(FOSUserEvents::REGISTRATION_CONFIRMED, new FilterUserResponseEvent($user, $request, $response));
return $response;
}
/**
* Tell the user his account is now confirmed.
*/
public function confirmedAction()
{
$user = $this->getUser();
if (!is_object($user) || !$user instanceof UserInterface) {
throw new AccessDeniedException('This user does not have access to this section.');
}
return $this->render('@FOSUser/Registration/confirmed.html.twig', array(
'user' => $user,
'targetUrl' => $this->getTargetUrlFromSession(),
));
}
/**
* @return mixed
*/
private function getTargetUrlFromSession()
{
$key = sprintf('_security.%s.target_path', $this->get('security.token_storage')->getToken()->getProviderKey());
if ($this->get('session')->has($key)) {
return $this->get('session')->get($key);
}
}
}
0 个答案:
没有答案
相关问题
最新问题
- 我写了这段代码,但我无法理解我的错误
- 我无法从一个代码实例的列表中删除 None 值,但我可以在另一个实例中。为什么它适用于一个细分市场而不适用于另一个细分市场?
- 是否有可能使 loadstring 不可能等于打印?卢阿
- java中的random.expovariate()
- Appscript 通过会议在 Google 日历中发送电子邮件和创建活动
- 为什么我的 Onclick 箭头功能在 React 中不起作用?
- 在此代码中是否有使用“this”的替代方法?
- 在 SQL Server 和 PostgreSQL 上查询,我如何从第一个表获得第二个表的可视化
- 每千个数字得到
- 更新了城市边界 KML 文件的来源?