`gipfl/web/Form`: Fix form validation
This commit is contained in:
parent
bfb13d5cbb
commit
ba1e1cbac9
|
@ -12,6 +12,9 @@
|
|||
"sort-packages": true,
|
||||
"platform": {
|
||||
"php": "5.6.3"
|
||||
},
|
||||
"allow-plugins": {
|
||||
"cweagans/composer-patches": true
|
||||
}
|
||||
},
|
||||
"require": {
|
||||
|
@ -42,11 +45,20 @@
|
|||
"gipfl/translation": ">=0.1.1",
|
||||
"gipfl/web": ">=0.11",
|
||||
"gipfl/zfdb": ">=0.4",
|
||||
"gipfl/zfdbstore": ">=0.3"
|
||||
"gipfl/zfdbstore": ">=0.3",
|
||||
"cweagans/composer-patches": "~1.0"
|
||||
},
|
||||
"scripts": {
|
||||
"post-update-cmd": [
|
||||
"bin/refresh-public.sh"
|
||||
]
|
||||
},
|
||||
"extra": {
|
||||
"composer-exit-on-patch-failure": true,
|
||||
"patches": {
|
||||
"gipfl/web": {
|
||||
"Gipfl Form: Csrf element validation": "patches/gipfl-web-form.patch"
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -0,0 +1,28 @@
|
|||
diff --git a/vendor/gipfl/web/src/Form.php b/vendor/gipfl/web/src/Form.php
|
||||
index e5e52f9..348ec9d 100644
|
||||
--- a/vendor/gipfl/web/src/Form.php
|
||||
+++ b/vendor/gipfl/web/src/Form.php
|
||||
@@ -201,8 +201,9 @@ class Form extends iplForm
|
||||
|
||||
protected function addCsrfElement()
|
||||
{
|
||||
- $element = new HiddenElement('__CSRF__', [
|
||||
+ $element = new HiddenElement('__FORM_CSRF', [
|
||||
'ignore' => true,
|
||||
+ 'required' => true
|
||||
]);
|
||||
$element->setValidators([
|
||||
new PhpSessionBasedCsrfTokenValidator()
|
||||
@@ -210,11 +211,7 @@ class Form extends iplForm
|
||||
// prepend / register -> avoid decorator
|
||||
$this->prepend($element);
|
||||
$this->registerElement($element);
|
||||
- if ($this->hasBeenSent()) {
|
||||
- if (! $element->isValid()) {
|
||||
- $element->setValue(PhpSessionBasedCsrfTokenValidator::generateCsrfValue());
|
||||
- }
|
||||
- } else {
|
||||
+ if (! $this->hasBeenSent()) {
|
||||
$element->setValue(PhpSessionBasedCsrfTokenValidator::generateCsrfValue());
|
||||
}
|
||||
}
|
Loading…
Reference in New Issue