[symfony-users] ahDoctrineEasyEmbeddedRelationsPlugin csrf
Hello. I`m using ahDoctrineEasyEmbeddedRelationsPlugin in the amin part of my app. My problem is I still get the CSRF attack errors whenever I want to save, even though I added $this-disableLocalCSRFProtection(); to ALL of my form filters. Can anyone help? Also, I can`t figure out how to configure my form display part of the generator.yml without loosing the subforms. -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups symfony users group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to symfony-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en
[symfony-users] Re: ahDoctrineEasyEmbeddedRelationsPlugin csrf
Thank you for your reply, however i get the following error:
The validator _csrf_token does not exist.
On Jun 15, 6:27 pm, Stéphane stephane.er...@gmail.com wrote:
You might need to do it for the embedded forms too.
Cheers,
Before Printing, Think about Your Environmental Responsibility!
Avant d'Imprimer, Pensez à Votre Responsabilitée Environnementale!
On Tue, Jun 15, 2010 at 5:27 PM, Stéphane stephane.er...@gmail.com wrote:
When you do $this-disableLocalCSRFProtection();
You have to do this too (AFAIK it works for my code) :
$this-getValidator('_csrf_token')-setOption('required', false);
Cheers,
Before Printing, Think about Your Environmental Responsibility!
Avant d'Imprimer, Pensez à Votre Responsabilitée Environnementale!
On Tue, Jun 15, 2010 at 5:24 PM, DC ciprian.dob...@gmail.com wrote:
Hello.
I`m using ahDoctrineEasyEmbeddedRelationsPlugin in the amin part of my
app.
My problem is I still get the CSRF attack errors whenever I want to
save, even though I added
$this-disableLocalCSRFProtection();
to ALL of my form filters.
Can anyone help?
Also, I can`t figure out how to configure my form display part of the
generator.yml without loosing the subforms.
--
If you want to report a vulnerability issue on symfony, please send it to
security at symfony-project.com
You received this message because you are subscribed to the Google
Groups symfony users group.
To post to this group, send email to symfony-users@googlegroups.com
To unsubscribe from this group, send email to
symfony-users+unsubscr...@googlegroups.comsymfony-users%2bunsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/symfony-users?hl=en
--
If you want to report a vulnerability issue on symfony, please send it to
security at symfony-project.com
You received this message because you are subscribed to the Google
Groups symfony users group.
To post to this group, send email to symfony-users@googlegroups.com
To unsubscribe from this group, send email to
symfony-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/symfony-users?hl=en
[symfony-users] sfWidgetFormInputHidden is not visible
I`m using:
$this-widgetSechema['user_id'] = new sfWidgetFormInputHidden();
$this-setDefault('user_id', sfContext::getInstance()-getUser()-
getGuardUser()-getId());
in order for the user_id field to be invisible, and automatically
populated,
but instead it shows as a text input, with the value correctly set.
--
If you want to report a vulnerability issue on symfony, please send it to
security at symfony-project.com
You received this message because you are subscribed to the Google
Groups symfony users group.
To post to this group, send email to symfony-users@googlegroups.com
To unsubscribe from this group, send email to
symfony-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/symfony-users?hl=en
[symfony-users] sfJqueryTreeDoctrineManagerPlugin events
Does anyone know how I can trigger the Category::save() event every time I create a new category? That is, assumming I`m using Category as the nested model. -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups symfony users group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to symfony-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en
[symfony-users] Re: Redirecting to filtered admin page
Thank you very much!
It worked flawlessly!
On Feb 2, 10:03 am, Florian sideral.undergro...@gmail.com wrote:
Hi DC,
When I want to do that, i need to disable the csrf check by
configuring thefilterform like this:
// in the configure() method of your *FormFilter
$this-disableLocalCSRFProtection();
Then, I use link_to:
?php echo link_to(format_number_choice('[0]Aucune commande|[1]Une
seule commande|(1,+Inf]%nb% commandes', array('%nb%' =
$nb_commandes), $nb_commandes), 'commande_collection', array('action'
= 'filter'), array(
'method' = 'post',
'query_string' = sprintf('commande_filters
[semaine_id]=%s', $semaine-getId()),
)) ?
On 2 fév, 01:40, DC ciprian.dob...@gmail.com wrote:
Can anyone tell me how toredirectfrom an admin list item to another
admin list, filtering the second one by secondList.firstListItem_id =
firstListItem.id ?
I can't, for the life of me, get over the CSRF attack detected
message!
Please help me,
Thanks.
--
You received this message because you are subscribed to the Google Groups
symfony users group.
To post to this group, send email to symfony-us...@googlegroups.com.
To unsubscribe from this group, send email to
symfony-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/symfony-users?hl=en.
[symfony-users] admin redirect
Hello,
I've been spending about 2 hours trying to figure out how to implement
something like this.
I have the following tables:
Make: id, name
Model: id, name, make_id
In the admin backend, on the makes list, I want for each Make entry, a
list to all Models for that make
this:
public function executeListViewModels(sfWebRequest $request){
$make = $this-getRoute()-getObject();
$this-redirect(model/filter?model_filters[_csrf_token]=.
sfForm::getCSRFToken() .model_filters[make_id]=.$make-getId());
}
gives me: CSRF attack detected
Can anyone help me?
--
You received this message because you are subscribed to the Google Groups
symfony users group.
To post to this group, send email to symfony-us...@googlegroups.com.
To unsubscribe from this group, send email to
symfony-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/symfony-users?hl=en.
[symfony-users] Redirecting to filtered admin page
Can anyone tell me how to redirect from an admin list item to another admin list, filtering the second one by secondList.firstListItem_id = firstListItem.id ? I can't, for the life of me, get over the CSRF attack detected message! Please help me, Thanks. -- You received this message because you are subscribed to the Google Groups symfony users group. To post to this group, send email to symfony-us...@googlegroups.com. To unsubscribe from this group, send email to symfony-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en.
[symfony-users] Re: jobeet tutorial backend app problem
Thank you for your answer.
It helped a lot. I run build-forms which did not do solve my problem,
then I run build-filters and after cache-clear all works, thank you.
--Dan
On Sep 4, 11:28 pm, Stefan Koopmanschap stefan.koopmansc...@symfony-
project.com wrote:
Hi,
Some basic checks to make sure this is not the problem:
Did you build-all or build-form?
Have you cleared the cache?
These would be the two main reasons which might cause/solve this
Stefan
On Fri, Sep 4, 2009 at 11:21 PM, dcdchir...@gmail.com wrote:
Hello,
I'm approximately following the jobeet (propel) tutorial using my own
database. I went through the frontend application development and it
all works as expected. Now I wanted to try the backend part of the
tutorial so I created the app by running:
./symfony generate:app --escaping-strategy=on --csrf-secret=my own
secrete backend
Then I created a backend module for one of the tables (the table is
named contact and the associate ORM class is Contact) by running:
./symfony propel:generate-admin backend Contact --module=contacts
Now if I want to check the module in the Web browser I get the
following error:
Fatal error: Class 'ContactFormFilter' not found in /Path/To/My/webapp/
cache/backend/dev/modules/autoContacts/lib/
BaseContactsGeneratorConfiguration.class.php on line 331
The peace of code that the line 331 refers to is (with line numbers in
the left column):
327 public function getFilterForm($filters)
328 {
329 $class = $this-getFilterFormClass();
330
331 return new $class($filters, $this-getFilterFormOptions());
332 }
Does anyone have any ideas what is happening?
Thank you very much,
--Dan
--
Stefan Koopmanschap
Symfony Community Manager
stefan.koopmansc...@symfony-project.com
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
symfony users group.
To post to this group, send email to symfony-users@googlegroups.com
To unsubscribe from this group, send email to
symfony-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/symfony-users?hl=en
-~--~~~~--~~--~--~---
[symfony-users] jobeet tutorial backend app problem
Hello,
I'm approximately following the jobeet (propel) tutorial using my own
database. I went through the frontend application development and it
all works as expected. Now I wanted to try the backend part of the
tutorial so I created the app by running:
./symfony generate:app --escaping-strategy=on --csrf-secret=my own
secrete backend
Then I created a backend module for one of the tables (the table is
named contact and the associate ORM class is Contact) by running:
./symfony propel:generate-admin backend Contact --module=contacts
Now if I want to check the module in the Web browser I get the
following error:
Fatal error: Class 'ContactFormFilter' not found in /Path/To/My/webapp/
cache/backend/dev/modules/autoContacts/lib/
BaseContactsGeneratorConfiguration.class.php on line 331
The peace of code that the line 331 refers to is (with line numbers in
the left column):
327 public function getFilterForm($filters)
328 {
329 $class = $this-getFilterFormClass();
330
331 return new $class($filters, $this-getFilterFormOptions());
332 }
Does anyone have any ideas what is happening?
Thank you very much,
--Dan
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
symfony users group.
To post to this group, send email to symfony-users@googlegroups.com
To unsubscribe from this group, send email to
symfony-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/symfony-users?hl=en
-~--~~~~--~~--~--~---
[symfony-users] Re: Cookie user session
Thank you very much, this is exactly was I was looking for. On Apr 29, 8:18 pm, Joby Walker [EMAIL PROTECTED] wrote: I assume by setting the timeout you are setting the value in settings.yml? This only impacts how symfony deals with the cookie presented by the browser -- not the lifetime of the cookie. To have the cookie preserved in the browser you need to modify the session storage parameters in factories.yml: http://www.symfony-project.org/book/1_0/06-Inside-the-Controller-Layer all: storage: class: sfSessionStorage param: session_name: my_cookie_name session_cookie_lifetime: 1209600 jbw On Tue, Apr 29, 2008 at 8:03 AM, DC [EMAIL PROTECTED] wrote: I'm trying to keep users logged in for 2 weeks. I've changed the timeout setting to 2 weeks (sf_timeout: 1209600), but the symfony cookie expires at the end of the session. Any way I can fix that? -- Joby Walker --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups symfony users group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en -~--~~~~--~~--~--~---
[symfony-users] Cookie user session
I'm trying to keep users logged in for 2 weeks. I've changed the timeout setting to 2 weeks (sf_timeout: 1209600), but the symfony cookie expires at the end of the session. Any way I can fix that? --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups symfony users group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en -~--~~~~--~~--~--~---
[symfony-users] Re: Cookie user session
Exactly. I was thinking maybe I can change that, so that user session will only expire on timeout, and not when users close their browser. The symfony cookie's default expire is set to zero. What I wanna know is, would changing that to 2 weeks work? And how would I go ahead and do that? On Apr 29, 6:05 pm, Tom Haskins-Vaughan [EMAIL PROTECTED] wrote: My understanding is that the user session will timeout either when a user closes his/her browser or when the time limit has expired. I think you want to create a separate cookie, i.e. not the session cookie. DC wrote: I'm trying to keep users logged in for 2 weeks. I've changed the timeout setting to 2 weeks (sf_timeout: 1209600), but the symfony cookie expires at the end of the session. Any way I can fix that? --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups symfony users group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en -~--~~~~--~~--~--~---
[symfony-users] Re: Cookie user session
I`ll do that, manage my own cookie, but I'd suggest not just saving the userID, because such cookies are easy to toy with. In any case, thanks a lot for your time and insight! On Apr 29, 6:22 pm, Tom Haskins-Vaughan [EMAIL PROTECTED] wrote: I'm getting out of my depth here, but I think because symfony relies on the native php session that you can't maintain a session after someone has closed the browser. Anyone else? I think your best bet is to create a separate cookie when the user logs in and assign his user id to that cookie. Then each time a user visits the site, log them in automatically using the user id stored in the cookie. DC wrote: Exactly. I was thinking maybe I can change that, so that user session will only expire on timeout, and not when users close their browser. The symfony cookie's default expire is set to zero. What I wanna know is, would changing that to 2 weeks work? And how would I go ahead and do that? On Apr 29, 6:05 pm, Tom Haskins-Vaughan [EMAIL PROTECTED] wrote: My understanding is that the user session will timeout either when a user closes his/her browser or when the time limit has expired. I think you want to create a separate cookie, i.e. not the session cookie. DC wrote: I'm trying to keep users logged in for 2 weeks. I've changed the timeout setting to 2 weeks (sf_timeout: 1209600), but the symfony cookie expires at the end of the session. Any way I can fix that? --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups symfony users group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en -~--~~~~--~~--~--~---
[symfony-users] Re: action cache with routing params
Thank you for your input.
I`ve tried several methods, but still no go, with filters and such.
I`m going to give it a try with /:stripped_city_title but I`m
concerned about the routing system discerning between a city name and
other urls (ex: /about_us where About Us may be a sci-fi city name).
In any case, i`ll give it a go.
On Oct 31, 5:08 pm, maddoctor [EMAIL PROTECTED] wrote:
why not use the name of the city as a parameter?
city:
url: /:stripped_city_title
param: { module: city, action: show}
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
symfony users group.
To post to this group, send email to symfony-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/symfony-users?hl=en
-~--~~~~--~~--~--~---
[symfony-users] action cache with routing params
Hi,
I had to implement the current routing system
city_columbus:
url: /columbus
param: { module: city, action: show, id: 3807 }
city_dallas:
url: /dallas
param: { module: city, action: show, id: 3800 }
The problem is, if I first request:
http://site/columbus
and then
http://site/dallas
I get the same columbus page both times.
Instead, if I request first:
http://site/city/show/id/3807
and then
http://site/city/show/id/3800
They both show the correct pages.
How can I make the first 2 urls work right?
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
symfony users group.
To post to this group, send email to symfony-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/symfony-users?hl=en
-~--~~~~--~~--~--~---
[symfony-users] action cache with routing params
Hi,
I had to implement the current routing system
city_columbus:
url: /columbus
param: { module: city, action: show, id: 3807 }
city_dallas:
url: /dallas
param: { module: city, action: show, id: 3800 }
The problem is, if I first request:
http://site/columbus
and then
http://site/dallas
I get the same columbus page both times.
Instead, if I request first:
http://site/city/show/id/3807
and then
http://site/city/show/id/3800
They both show the correct pages.
How can I make the first 2 urls work right?
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
symfony users group.
To post to this group, send email to symfony-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/symfony-users?hl=en
-~--~~~~--~~--~--~---
