Catchable Fatal Error: Argument 1 passed to ...CsrfTokenManager::isTokenValid() must be an instance of ...\CsrfToken, string given
Catchable Fatal Error: Argument 1 passed to ...CsrfTokenManager::isTokenValid() must be an instance of ...\CsrfToken, string given
目前,我正在现有的Symfony 2.3(目前是3.0.9)上更新系统运行,我正在验证操作。
当我尝试将文章状态更改为选定状态时,出现错误。您对如何确定原因有什么建议吗?
代码
BaseArticleController.php
/**
* Article status change
*/
protected function updateArticleStatusAction(Request $request, $ids)
{
// CSRF token check
$token = $request->request->get('_csrf_token');
if (!$this->get('security.csrf.token_manager')->isTokenValid('authenticate', $token))
{
throw new HttpException("400", "The CSRF token is invalid. Please try to resubmit
the form.");
}
// Check status
$articleStatus = $request->request->get("articleStatus");
if (!in_array($articleStatus, Parameters::getArticleStatusKeys())) {
throw new HttpException("400", "articleStatus is invalid.");
}
// Status change
try {
$ids = explode(',', $ids);
$count = $this->getArticleService()->updateArticleStatus($ids, $articleStatus, $t
his->getShop());
if ($count) {
$this->get('session')->getFlashBag()->add('success', "{$count}The status of the article has changed.");
}
} catch (ArticleValidationException $e) {
$article = $e->getArticle();
$statusArray = Parameters::getArticleStatus();
$this->get('session')->getFlashBag()->add(
'error',
sprintf(
"Article ID:% d could not be "% s". Please check your input.",
$article->getId(),
$statusArray[$article->getArticleStatus()]
)
);
}
// redirect
$backurl = $request->query->get("backurl");
if (!$backurl) {
$backurl = $this->generateUrl($this->indexRoute);
}
return $this->redirect($backurl);
}
ArticleController.php
/**
* Article status change
*
* @Method("POST")
* @Route("/article/{ids}/articleStatus")
* @Secure(roles="ROLE_HQ_MANAGE")
*/
public function updateArticleStatusAction(Request $request, $ids)
{
return parent::updateArticleStatusAction($request, $ids);
}
index.html.twig
{# Status change form #}
<form method="post" class="updateArticleStatus" data-url="{{ path("ahi_sp_admin_hq_article_updatearticlestatus", {"ids": "__ids__"}) }}">
<input type="hidden" name="methods" value="POST">
<input type="hidden" name="_csrf_token" value="{{ csrf_token("authenticate") }}">
<input type="hidden" name="articleStatus" value="">
</form>
security.yml
security:
firewalls:
secured_area2:
pattern: ^/admin/sp/
anonymous: ~
form_login:
login_path: /admin/sp/login
check_path: /admin/sp/login_check
csrf_token_generator: security.csrf.token_manager
always_use_default_target_path: true
default_target_path: /admin/sp/
target_path_parameter: _target_path
use_referer: false
logout:
path: /admin/sp/logout
target: /admin/sp/login
remember_me:
secret: "%secret%"
lifetime: 2592000 # 30 days in seconds
path: /
domain: ~ # Defaults to the current domain from $_SERVER
always_remember_me: true
secured_area:
pattern: ^/admin/
anonymous: ~
form_login:
login_path: /admin/login
check_path: /admin/login_check
csrf_token_generator: security.csrf.token_manager
always_use_default_target_path: true
default_target_path: /admin/
target_path_parameter: _target_path
use_referer: false
logout:
path: /admin/logout
target: /admin/login
该消息还提供了足够的细节供您调试,参数 1(在您的情况下是“验证”)必须是 crsf 令牌。试试这个:
$csrf_token = new CsrfToken('authenticate', $token);
$this->get('security.csrf.token_manager')->isTokenValid($csrf_token)
目前,我正在现有的Symfony 2.3(目前是3.0.9)上更新系统运行,我正在验证操作。 当我尝试将文章状态更改为选定状态时,出现错误。您对如何确定原因有什么建议吗?
代码 BaseArticleController.php
/**
* Article status change
*/
protected function updateArticleStatusAction(Request $request, $ids)
{
// CSRF token check
$token = $request->request->get('_csrf_token');
if (!$this->get('security.csrf.token_manager')->isTokenValid('authenticate', $token))
{
throw new HttpException("400", "The CSRF token is invalid. Please try to resubmit
the form.");
}
// Check status
$articleStatus = $request->request->get("articleStatus");
if (!in_array($articleStatus, Parameters::getArticleStatusKeys())) {
throw new HttpException("400", "articleStatus is invalid.");
}
// Status change
try {
$ids = explode(',', $ids);
$count = $this->getArticleService()->updateArticleStatus($ids, $articleStatus, $t
his->getShop());
if ($count) {
$this->get('session')->getFlashBag()->add('success', "{$count}The status of the article has changed.");
}
} catch (ArticleValidationException $e) {
$article = $e->getArticle();
$statusArray = Parameters::getArticleStatus();
$this->get('session')->getFlashBag()->add(
'error',
sprintf(
"Article ID:% d could not be "% s". Please check your input.",
$article->getId(),
$statusArray[$article->getArticleStatus()]
)
);
}
// redirect
$backurl = $request->query->get("backurl");
if (!$backurl) {
$backurl = $this->generateUrl($this->indexRoute);
}
return $this->redirect($backurl);
}
ArticleController.php
/**
* Article status change
*
* @Method("POST")
* @Route("/article/{ids}/articleStatus")
* @Secure(roles="ROLE_HQ_MANAGE")
*/
public function updateArticleStatusAction(Request $request, $ids)
{
return parent::updateArticleStatusAction($request, $ids);
}
index.html.twig
{# Status change form #}
<form method="post" class="updateArticleStatus" data-url="{{ path("ahi_sp_admin_hq_article_updatearticlestatus", {"ids": "__ids__"}) }}">
<input type="hidden" name="methods" value="POST">
<input type="hidden" name="_csrf_token" value="{{ csrf_token("authenticate") }}">
<input type="hidden" name="articleStatus" value="">
</form>
security.yml
security:
firewalls:
secured_area2:
pattern: ^/admin/sp/
anonymous: ~
form_login:
login_path: /admin/sp/login
check_path: /admin/sp/login_check
csrf_token_generator: security.csrf.token_manager
always_use_default_target_path: true
default_target_path: /admin/sp/
target_path_parameter: _target_path
use_referer: false
logout:
path: /admin/sp/logout
target: /admin/sp/login
remember_me:
secret: "%secret%"
lifetime: 2592000 # 30 days in seconds
path: /
domain: ~ # Defaults to the current domain from $_SERVER
always_remember_me: true
secured_area:
pattern: ^/admin/
anonymous: ~
form_login:
login_path: /admin/login
check_path: /admin/login_check
csrf_token_generator: security.csrf.token_manager
always_use_default_target_path: true
default_target_path: /admin/
target_path_parameter: _target_path
use_referer: false
logout:
path: /admin/logout
target: /admin/login
该消息还提供了足够的细节供您调试,参数 1(在您的情况下是“验证”)必须是 crsf 令牌。试试这个:
$csrf_token = new CsrfToken('authenticate', $token);
$this->get('security.csrf.token_manager')->isTokenValid($csrf_token)