I'm new working with symfony2 and I have a problem when I try to validate the csrf token in a custom form, my question is ¿how can I validate the csrf token in the controller?
This is my code in my view.
<form role="form" action="{{ path('default_select_city_check') }}" method="post">
<input type="hidden" name="_csrf_token" value="{{ csrf_token('default_select_city_check') }}">
...
</form>
This is my code in the controller:
public function selectCityCheckAction(Request $request) {
// in this part, how can I compare the token value in the form with the token value in the session?
}
Thank you for your help
add a function in your controller:
public function isCsrfTokenValid($intention, $token_name = '_csrf_token')
{
return $this->get('form.csrf_provider')
->isCsrfTokenValid($intention, $this->getRequest()->get($token_name));
}
in your Action:
if ($this->isCsrfTokenValid('default_select_city_check')) {
//do something you want
}
Related
How can I prevent my form from resubmitting when I refresh the page. Solutions I've found suggest a redirection, which I am using.
The form in view admin.enrollform.blade.php:
<form id="enrollform" class="form-horizontal" role="form" method="post"
enctype="multipart/form-data"
action="{{route('storeStudent', ['site' => $site->site_url, 'lang' => $lang] )}}">
<input type="visible" name="_token" id="_token" value="{{ csrf_token() }}"/>
...
</form>
The laravel controller:
public function store(Request $request, $site, $lang = null)
{
....
return view('admin.enrollform', [
'message' => $message
]);
}
If successful, the controller returns a view, which points to the same page. So the same page is loaded again, with a message. And the form is empty.
However if I click refresh at this point, the form submits again. I would like for it just refresh the page, with or without the message it had received from the controller.
Is there any way for me to use the CSRF token to validate this? From what I understand the CSRF token only validates if the session is valid, and has nothing to do with the form itself.
Thanks.
Use return back()
return back()->with(['message' => $message]);
I use Laravel 5.4 and want to upload image.
But in controllrt $request->hasFile('pic') returns false.
This is my blade.php :
.
.
.
<form action="{{ route('my-url') }}" method="post">
<input type="file" name="pic">
</form>
.
.
.
And this is my controller :
<?php
namespace App\Http\Controllers;
use Illuminate\Http\Request;
class myclass extends Controller {
public function myfunc(Request $request) {
if($request->hasFile('pic')){
// never get this
}
}
}
Should i add another field to form or input in blade.php or controller?
You should try this:
The form data being encoded as “multipart/form-data”, which is required when files will be included as form data.
<form action="{{ route('my-url') }}" method="post" enctype="multipart/form-data">
<input type="file" name="pic">
</form>
just addd in your form
<form action="{{ route('my-url') }}" method="post" enctype="multipart/form-data">
<input type="file" name="pic">
</form>
//enctype="multipart/form-data" add this, this will your
I am facing problems with yii2 form get method. Here is my form:
<form class="search-form" method="get" action="<?php echo Yii::$app->urlManager->createAbsoluteUrl(['search/index']); ?>" id="search-form">
<div class="row search-box">
<div class="12u search-box-inner">
<input class="search-input" type="text" id="search-query" placeholder="Search" name="search_key" autocomplete="off" >
</div>
</div>
</form>
Here is my SearchController with actionIndex():
public function actionIndex()
{
$request = Yii::$app->request;
$search_key = $request->get('search_key');
return $this->render('index', ['search_key'=>$search_key]);
}
I want to submit to web/index?r=search/index&&search_key='something', but when I submit this form always returns web/index?searchkey='something'.
What need I do?
If you want use a parameter in your SearchController/Index
return $this->render('index', ['search_key'=>$search_key]);
You should declare in function declaration
public function actionIndex($search_key)
in this way you can use the value of $search_key passsed in render call
by your form submit action
<form class="search-form" method="get" action="
<?php echo Yii::$app->urlManager->createAbsoluteUrl(['search/index']); ?>"
id="search-form">
the resulting target is should be
web/index.php?r=search&id=search-form
and for use this get submit in your SearchController/Index
Your actionIndex function should be
public function actionIndex($id)
{
// $id contain the value you assigne in form action
// in you case you should obtain the value 'search-form'
.......
}
First of all, you need to configuring-web-servers correctly.
The url should not include 'web/index'.
Then change your form with ActiveForm
<?php
use yii\widgets\ActiveForm;
?>
<?php $form = ActiveForm::begin(); ?>
Your form content here.
<?php ActiveForm::end(); ?>
OR
Just change url.
<?php echo Url::to(['search/index']); ?>
I have GET route which shows the contact form, and POST route when user submits the form, then in my controller method I do some validation tests on data being submitted.. how would I now send user back to form if data is not valid, with entered data being re-populated in form fields?
I know I can use isset(#POST.fieldname) in my template, but what's the right way of
sending entered data back to that view, and how to redirect user back to the
form? Is the f3->reroute method right way of doing that?
I think you can take as a rule to include input data inside your form views. This way, any form view will be easily reusable with any source of data.
For example:
Your form view:
<form action="" method="post">
<input type="text" name="email" value="{{ ##input.email }}"/>
<input type="text" name="message" value="{{ ##input.message }}"/>
<button type="submit">Submit form</button>
</form>
Your controller class:
class myController {
function get($f3) {
$this->renderForm();
}
function post($f3) {
$post=$f3->clean($_POST);
//validate form data here
if ($form_validated) {//valid form data
} else //invalid form data
$this->renderForm($post);
}
protected function renderForm($input=array()) {
$tpl=Template::instance();
//variant 1:
echo $tpl->render('form.html','text/html',array('input'=>$input))
// or variant 2:
Base::instance()->set('input',$input);
echo $tpl->render('form.html');
}
}
In some other contexts, you can feed a form view with data coming from a db mapper (for example when editing an entry from a back-office): $this->renderForm($mapper->cast())
I wana create a front-end joomla component and this is my first experience.
here is important things:
1-component/controller.php
class TestController extends JControllerLegacy
{
public function display($cachable = false, $urlparams = false)
{
$view= JFactory::getApplication()->input->getCmd('view','items');
JFactory::getApplication()->input->set('view', $view);
parent::display($cachable, $urlparams);
}
}
2: com_test/model/items.php
<?php
defined('_JEXEC') or die();
jimport( 'joomla.application.component.modellist' );
class TestModelItems extends JModelList
{
public function __construct($config = array())
{
if (empty($config['filter_fields']))
$config['filter_fields'] = array('id', 'title', 'catid');
parent::__construct($config);
}
function getListQuery()
{
$db = JFactory::getDBO();
$query = $db->getQuery(true);
$query->select(...)
return $query;
}
}
I can print the query result on default.php on view folder!
but I wana another thing.
I have a form like this in the front page of my site in a custom module:
<form action="" method="post">
<input type="text" name="wordsearch" value="search">
.
.
<input type="submit" />
</form>
Now!
I do not know how can I send this form (with post method) to getListQuery() function in model folder...how can do it?
i wana when sb click submit form, the component filter query sql according to values of form and then show new result to user!
i googled for hourse but no chance to solve. thanks for your help.
You can submit Form from module to component as follows.
Suppose your component name is com_helloworld The in your module form should have the following things.
<form action="" method="post">
<input type="text" name="wordsearch" value="search">
.
.
<input type="hidden" name="option" value="com_helloworld" />
<input type="hidden" name="view" value="yourview" />
<input type="hidden" name="task" value="my_controller_fun" />
<input type="hidden" value="your_controller_file_name" name="controller">
<input type="submit" />
</form>
In this example your controller file should have my_controller_fun method from controller to model you can use regular method. This methods will get all the form data in your controller , then you can pass that to model.
Detailed :
In your controller file.
function my_controller_fun(){
$post_array = $_POST;
$model = $this->getModel('Profile', 'UsersModel');//example for including profile model you can specify your model file name
$model->function_inyourmodel($post_array);//this function should be in model
}
Hope its help..