Catchable Fatal Error: Argument 1 passed to ...CsrfTokenManager::isTokenValid() must be an instance of ...\CsrfToken, string given

Catchable Fatal Error: Argument 1 passed to ...CsrfTokenManager::isTokenValid() must be an instance of ...\CsrfToken, string given

目前,我正在现有的Symfony 2.3(目前是3.0.9)上更新系统运行,我正在验证操作。 当我尝试将文章状态更改为选定状态时,出现错误。您对如何确定原因有什么建议吗?

代码 BaseArticleController.php

    /**
     * Article status change
     */
    protected function updateArticleStatusAction(Request $request, $ids)
    {
        // CSRF token check
        $token = $request->request->get('_csrf_token');

        if (!$this->get('security.csrf.token_manager')->isTokenValid('authenticate', $token))
 {
            throw new HttpException("400", "The CSRF token is invalid. Please try to resubmit
 the form.");
        }

        // Check status
        $articleStatus = $request->request->get("articleStatus");
        if (!in_array($articleStatus, Parameters::getArticleStatusKeys())) {
            throw new HttpException("400", "articleStatus is invalid.");
        }

        // Status change
        try {
            $ids = explode(',', $ids);
            $count = $this->getArticleService()->updateArticleStatus($ids, $articleStatus, $t
his->getShop());
            if ($count) {
                $this->get('session')->getFlashBag()->add('success', "{$count}The status of the article has changed.");
            }
        } catch (ArticleValidationException $e) {
            $article = $e->getArticle();
            $statusArray = Parameters::getArticleStatus();
            $this->get('session')->getFlashBag()->add(
                'error',
                sprintf(
                    "Article ID:% d could not be "% s". Please check your input.",
                    $article->getId(),
                    $statusArray[$article->getArticleStatus()]
                )
            );
        }

        // redirect
        $backurl = $request->query->get("backurl");
        if (!$backurl) {
            $backurl = $this->generateUrl($this->indexRoute);
        }
        return $this->redirect($backurl);
    }

ArticleController.php

    /**
     * Article status change
     *
     * @Method("POST")
     * @Route("/article/{ids}/articleStatus")
     * @Secure(roles="ROLE_HQ_MANAGE")
     */
    public function updateArticleStatusAction(Request $request, $ids)
    {
        return parent::updateArticleStatusAction($request, $ids);
    }

index.html.twig

    {# Status change form #}
    <form method="post" class="updateArticleStatus" data-url="{{ path("ahi_sp_admin_hq_article_updatearticlestatus", {"ids": "__ids__"}) }}">
        <input type="hidden" name="methods" value="POST">
        <input type="hidden" name="_csrf_token" value="{{ csrf_token("authenticate") }}">
        <input type="hidden" name="articleStatus" value="">
    </form>

security.yml

security:
    firewalls:
        secured_area2:
            pattern:    ^/admin/sp/
            anonymous: ~
            form_login:
                login_path:  /admin/sp/login
                check_path:  /admin/sp/login_check
                csrf_token_generator: security.csrf.token_manager
                always_use_default_target_path: true
                default_target_path:            /admin/sp/
                target_path_parameter:          _target_path
                use_referer:                    false

            logout:
                path:   /admin/sp/logout
                target: /admin/sp/login

            remember_me:
                secret:      "%secret%"
                lifetime: 2592000 # 30 days in seconds
                path:     /
                domain:   ~ # Defaults to the current domain from $_SERVER
                always_remember_me: true

        secured_area:
            pattern:    ^/admin/
            anonymous: ~
            form_login:
                login_path:  /admin/login
                check_path:  /admin/login_check

                csrf_token_generator: security.csrf.token_manager
                always_use_default_target_path: true
                default_target_path:            /admin/
                target_path_parameter:          _target_path
                use_referer:                    false

            logout:
                path:   /admin/logout
                target: /admin/login

该消息还提供了足够的细节供您调试,参数 1(在您的情况下是“验证”)必须是 crsf 令牌。试试这个:

$csrf_token = new CsrfToken('authenticate', $token);

$this->get('security.csrf.token_manager')->isTokenValid($csrf_token)