如何解决可捕获的致命错误:传递给 ...CsrfTokenManager::isTokenValid() 的参数 1 必须是 ...\CsrfToken 的实例,给出的字符串
目前,我正在更新在现有 Symfony 2.3(当前为 3.0.9)上运行的系统,我正在验证操作。 当我尝试将文章状态更改为选定状态的功能时,出现错误。您对如何确定原因有什么建议吗?
/**
* Article status change
*/
protected function updateArticleStatusAction(Request $request,$ids)
{
// CSRF token check
$token = $request->request->get('_csrf_token');
if (!$this->get('security.csrf.token_manager')->isTokenValid('authenticate',$token))
{
throw new HttpException("400","The CSRF token is invalid. Please try to resubmit
the form.");
}
// Check status
$articleStatus = $request->request->get("articleStatus");
if (!in_array($articleStatus,Parameters::getArticleStatusKeys())) {
throw new HttpException("400","articleStatus is invalid.");
}
// Status change
try {
$ids = explode(',',$ids);
$count = $this->getArticleService()->updateArticleStatus($ids,$articleStatus,$t
his->getShop());
if ($count) {
$this->get('session')->getFlashBag()->add('success',"{$count}The status of the article has changed.");
}
} catch (ArticleValidationException $e) {
$article = $e->getArticle();
$statusArray = Parameters::getArticleStatus();
$this->get('session')->getFlashBag()->add(
'error',sprintf(
"Article ID:% d Could not be "% s". Please check your input.",$article->getId(),$statusArray[$article->getArticleStatus()]
)
);
}
// redirect
$backurl = $request->query->get("backurl");
if (!$backurl) {
$backurl = $this->generateUrl($this->indexRoute);
}
return $this->redirect($backurl);
}
/**
* Article status change
*
* @Method("POST")
* @Route("/article/{ids}/articleStatus")
* @Secure(roles="ROLE_HQ_MANAGE")
*/
public function updateArticleStatusAction(Request $request,$ids)
{
return parent::updateArticleStatusAction($request,$ids);
}
index.html.twig
{# Status change form #}
<form method="post" class="updateArticleStatus" data-url="{{ path("ahi_sp_admin_hq_article_updatearticlestatus",{"ids": "__ids__"}) }}">
<input type="hidden" name="methods" value="POST">
<input type="hidden" name="_csrf_token" value="{{ csrf_token("authenticate") }}">
<input type="hidden" name="articleStatus" value="">
</form>
security.yml
security:
firewalls:
secured_area2:
pattern: ^/admin/sp/
anonymous: ~
form_login:
login_path: /admin/sp/login
check_path: /admin/sp/login_check
csrf_token_generator: security.csrf.token_manager
always_use_default_target_path: true
default_target_path: /admin/sp/
target_path_parameter: _target_path
use_referer: false
logout:
path: /admin/sp/logout
target: /admin/sp/login
remember_me:
secret: "%secret%"
lifetime: 2592000 # 30 days in seconds
path: /
domain: ~ # Defaults to the current domain from $_SERVER
always_remember_me: true
secured_area:
pattern: ^/admin/
anonymous: ~
form_login:
login_path: /admin/login
check_path: /admin/login_check
csrf_token_generator: security.csrf.token_manager
always_use_default_target_path: true
default_target_path: /admin/
target_path_parameter: _target_path
use_referer: false
logout:
path: /admin/logout
target: /admin/login
解决方法
该消息还提供了足够的细节供您调试,参数 1(在您的情况下为“身份验证”)必须是 crsf 令牌。试试这个:
$csrf_token = new CsrfToken('authenticate',$token);
$this->get('security.csrf.token_manager')->isTokenValid($csrf_token)
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。