Thanks to visit codestin.com
Credit goes to github.com

Skip to content

[Form] fixes possible php fatal error in CsrfValidationListener. #7126

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 3 commits into from
Closed

[Form] fixes possible php fatal error in CsrfValidationListener. #7126

wants to merge 3 commits into from

Conversation

chbruyand
Copy link
Contributor

[Form] [Extension] [Csrf] fixes possible php fatal error in CsrfValidationListener.

Q A
Bug fix? yes
New feature? no
BC breaks? no
Deprecations? no
License MIT

fabpot and others added 3 commits February 19, 2013 08:38
@fabpot
[HttpKernel] fixed locale management when exiting sub-requests
3e40c17 
This fix is temporary as #7007 will fix it properly in Symfony 2.3.
@fabpot
merged branch fabpot/locale-fix (PR #7099)
50c3de3 
This PR was merged into the 2.1 branch.

Commits
-------

3e40c17 [HttpKernel] fixed locale management when exiting sub-requests

Discussion
----------

[HttpKernel] fixed locale management when exiting sub-requests

| Q             | A
| ------------- | ---
| Bug fix?      | yes
| New feature?  | no
| BC breaks?    | no
| Deprecations? | no
| Tests pass?   | yes
| Fixed tickets | #7063
| License       | MIT
| Doc PR        | n/a

This fix is temporary as #7007 will fix it properly in Symfony 2.3.

---------------------------------------------------------------------------

by vicb at 2013-02-17T20:17:44Z

changelog ?

---------------------------------------------------------------------------

by fabpot at 2013-02-17T20:27:22Z

The changelogs are updated when we release a new version only.

---------------------------------------------------------------------------

by stof at 2013-02-17T20:41:00Z

@fabpot the intl locale should be reset to the right value too

---------------------------------------------------------------------------

by stof at 2013-02-17T20:42:31Z

hmm sorry, I missed the fact that you are changing the locale in the Request again, which will set the intl one
@chbruyand
Update src/Symfony/Component/Form/Extension/Csrf/EventListener/CsrfVa…
80bef45 
…lidationListener.php

Fixes php fatal error when submitting a form with no csrf token.
@vicb
Copy link
Contributor

vicb commented Feb 19, 2013

@chbruyand The check you add is useless http://3v4l.org/99ngB. Closing this issue;

@vicb vicb closed this Feb 19, 2013
@chbruyand
Copy link
Contributor Author

Thanks for your reply, the patch was wrong.

The issue appears when $data is a string, the error is the following :
Fatal error: Cannot unset string offsets in vendor/symfony/symfony/src/Symfony/Component/Form/Extension/Csrf/EventListener/CsrfValidationListener.php

The check performed in branch 2.2 is the right one and I think should be included in 2.1 :
https://github.com/symfony/symfony/blob/master/src/Symfony/Component/Form/Extension/Csrf/EventListener/CsrfValidationListener.php
if (is_array($data)) {
unset($data[$this->fieldName]);
}

@vicb
Copy link
Contributor

vicb commented Feb 20, 2013

Could you please setup a little testcase that triggers the issue (in a gist or a PR) ? Thanks.

@chbruyand chbruyand mentioned this pull request Feb 20, 2013
Closed
@chbruyand
Copy link
Contributor Author

Hi,

w/ unit test : #7136

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@chbruyand @vicb @fabpot