1. 首页
  2. 问答
  3. Symfony2/SonataAdmin:尝试更新记录时出现CSRF错误

Symfony2/SonataAdmin:尝试更新记录时出现CSRF错误

2016-08-03 115 views
1

使用mongodb odm处理symfony2项目时,尝试设置sonata-admin。Symfony2/SonataAdmin:尝试更新记录时出现CSRF错误

我能:

  • 设置奏鸣曲上2种ODM文件
  • 列表

但是,当我试图更新记录,我有一个当前的问题CSRF。 我试过这两种记录。

An error has occurred during update of item "AppBundle\Document\Domain:0000000013e9983500007fbae117c6a0". 
The CSRF token is invalid. Please try to resubmit the form.

看来CSRF标记存在于源代码:

<input type="hidden" id="s57a195b9a533f__token" name="s57a195b9a533f[_token]" class=" form-control" value="W-pG62dT7hn6mHUu15bQQ4ChU0P55w9pmXsfP7HDnQE" />
我使用Apache

。重写模块已启用。

这里是我的设置:

索纳塔捆绑

[email protected]:/var/www/publishr$ php composer.phar show sonata-project/* 
sonata-project/admin-bundle     3.x-dev 7386ec0 The missing Symfony Admin Generator 
sonata-project/block-bundle     3.1.1   Symfony SonataBlockBundle 
sonata-project/cache       1.0.7   Cache library 
sonata-project/core-bundle     3.0.3   Symfony SonataCoreBundle 
sonata-project/doctrine-mongodb-admin-bundle 3.x-dev 1157efc Symfony Sonata/Integrate Doctrine MongoDB ODM into the Son... 
sonata-project/exporter      1.6.0   Lightweight Exporter library

Symfony的捆绑

[email protected]:/var/www/publishr$ php composer.phar show symfony/* 
symfony/assetic-bundle  v2.8.0 Integrates Assetic into Symfony2 
symfony/monolog-bundle  2.11.1 Symfony MonologBundle 
symfony/phpunit-bridge  v3.1.3 Symfony PHPUnit Bridge 
symfony/polyfill-apcu  v1.2.0 Symfony polyfill backporting apcu_* functions to lower PHP versions 
symfony/polyfill-intl-icu v1.2.0 Symfony polyfill for intl's ICU-related data and classes 
symfony/polyfill-mbstring v1.2.0 Symfony polyfill for the Mbstring extension 
symfony/polyfill-php56  v1.2.0 Symfony polyfill backporting some PHP 5.6+ features to lower PHP versions 
symfony/polyfill-php70  v1.2.0 Symfony polyfill backporting some PHP 7.0+ features to lower PHP versions 
symfony/polyfill-util  v1.2.0 Symfony utilities for portability of PHP codes 
symfony/security-acl  v3.0.0 Symfony Security Component - ACL (Access Control List) 
symfony/swiftmailer-bundle v2.3.11 Symfony SwiftmailerBundle 
symfony/symfony   v3.1.3 The Symfony PHP framework

PHP版本

[email protected]:/var/www/publishr$ php -v 
PHP 5.6.23-1+deprecated+dontuse+deb.sury.org~trusty+1 (cli) 
Copyright (c) 1997-2016 The PHP Group 
Zend Engine v2.6.0, Copyright (c) 1998-2016 Zend Technologies 
    with Zend OPcache v7.0.6-dev, Copyright (c) 1999-2016, by Zend Technologies

来源

2016-08-03 Jean-Tristan Chanegue

+0

如果我在FormTypeCsrfExtension.php中禁用了“defaultEnabled”为false。记录被更新。 –

+0

是的,但你不再对CSRF提供保护 – greg0ire

+0

你应该尝试在'vendor/symfony/symfony/src/Symfony/Component/Form/Extension/Csrf/EventListener/CsrfValidationListener.php'中一步步调试。 – greg0ire

回答

1

我找到了解决方案。 它与我的流浪设置有关。

现在可以解决我的问题。这似乎是在会话保存路径上写入权限的问题。如果我更改配置为使用默认的会话保存路径如下:

# app/config/config.yml 
framework: 
    session: 
     save_path: null

然后/var/lib/php/session代替/var/www/myproject/app/cache/dev/sessions

然后它的工作!

来源

2016-08-04 08:51:12

+0

尽管如此,您应该考虑正确设置权限。如果你不能写入应用程序缓存,你将有其他问题。请参阅http://symfony.com/doc/current/setup/file_permissions.html – greg0ire

相关问题

 相关问题