Do you use the 1.1 beta 2 or /branches/1.1?
Do you use the code generated by the generate-crud CLI or have you
modified something?
It will easier to help you out if you can post the generated code as
I've just tested the generate-crud on a brand new project and it works
for me.
Thanks,
Fabien
Marijn wrote:
> Hi everybody,
>
> pretty indecent of me to bump my thread but I'm really in need of a
> solution :-(
>
> For the sake of clarity:
> - have installed the latest symfony 1.1 beta
> - created my model
> - generated crud actions with the symfony CLI
> - set the csfr_secret value in settings.yml > all > .settings
> - cleared the cache a 1000 times
> - assured that my view renders a hidden csfr_token input field (which
> only has a name and an ID, not a value)
> - still get an error message the a csfr token is required
>
> Any thoughts? Help is very much appreciated :-)
>
> Marijn
>
> On Apr 9, 2:07 am, Marijn <[EMAIL PROTECTED]> wrote:
>> Thanks Dustin,
>>
>> I didn't make myself clear enough. I don't want to use a hash sign in
>> the value. The problem is that even with the csfr_secret value defined
>> in my settings.yml my forms still don't work. If I try to add
>> something to my database with the crud actions that were generated by
>> symfony I still get the csfr required error.
>>
>> Do you have any thoughts on that?
>>
>> Thanks,
>>
>> Marijn
>>
>> On Apr 9, 1:12 am, Dustin Whittle <[EMAIL PROTECTED]>
>> wrote:
>>
>>> Marijn,
>>> In symfony yaml files #app_my_setting# will be replace with the equivalent
>>> of sfConfig::get('app_my_setting'). If you want to use # as a value, wrap it
>>> in single quotes. csrf_secret: 'my_crazy_#_value'.
>>> - Dustin
>>> On 4/8/08 3:55 PM, "Marijn" <[EMAIL PROTECTED]> wrote:
>>>> On Apr 8, 5:55 pm, "Thomas Rabaix" <[EMAIL PROTECTED]> wrote:
>>>>> in yml # symbol is used to comment text .... :)
>>>> Yeah, I love that symbol :-D
>>>> I just wasn't sure if it's meaning were the same if it came in two
>>>> pairs wrapped around a ##value##
>>>> Unfortunately that means the problem isn't solved yet... The code
>>>> generated by your example is the following:
>>>> <input type="hidden" name="$module_name$[_csrf_token]" id="$module_name
>>>> $__csrf_token" />
>>>> Any thoughts..? Thanks,
>>>> Marijn
>>>>> csrf_secret: my super token
>>>>> Thomas
>>>>> On Tue, Apr 8, 2008 at 5:44 PM, Marijn <[EMAIL PROTECTED]> wrote:
>>>>>> Hi Thomas,
>>>>>> Thanks for your quick reply.
>>>>>> in my view there was the following line of code for my csrf_token:
>>>>>> <?php echo $form['_csrf_token'] ?>
>>>>>> If I use that or the code you gave me the hidden input tag is created
>>>>>> but it has no value assigned to it.
>>>>>> Should the scfr_secret value in my config be wrapped in hash signs or
>>>>>> can I just use some arbitrary string..?
>>>>>> Thanks,
>>>>>> Marijn
>>>>>> On Apr 8, 5:18 pm, "Thomas Rabaix" <[EMAIL PROTECTED]> wrote:
>>>>>> > I am not 100% sure about that but you sould add a csrf secret in your
>>>>>> > settings.yml
>>>>>> > all:
>>>>>> > .settings:
>>>>>> > # Form security secret (CSRF protection)
>>>>>> > csrf_secret: ##CSRF_SECRET## # Unique secret to enable
>>>>>> > CSRF protection or false to disable
>>>>>> > In the view, check that field csrf is present, if not add
>>>>>> > <?= $form[$form->getCSRFFieldName()]->render() ?>
>>>>>> > Thomas
>>>>>>> On Tue, Apr 8, 2008 at 5:10 PM, Marijn <[EMAIL PROTECTED]>
>>>>>>> wrote:
>>>>>> > > Hi everybody,
>>>>>> > > I am having trouble finding documentation about csrf support in
>>>>>> > > symfony 1.1. When I generate crud actions for a Model and try to
>>>>>> > > populate it with data by using the create web interface it says
>>>>>> that
>>>>>> > > csrf_token is required.
>>>>>> > > Anybody here who knows this problem or who can tell me what I am
>>>>>> doing
>>>>>> > > wrong? I haven't changed a thing after generating the crud actions.
>>>>>> > > Thanks,
>>>>>> > > Marijn
> >
>
>
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"symfony users" group.
To post to this group, send email to symfony-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/symfony-users?hl=en
-~----------~----~----~----~------~----~------~--~---
