It seems to get worse and worse. I altered the BaseFormPropel class as you said and now I keep getting require errors like this: Warning: require_once(propel/Propel.php) [function.require-once]: failed to open stream: No such file or directory in /$path_to_symfony$/ lib/plugins/sfPropelPlugin/lib/propel/sfPropelAutoload.php on line 17
Fatal error: require_once() [function.require]: Failed opening required 'propel/Propel.php' (include_path='.:') in /$path_to_symfony$/ sf_core/lib/plugins/sfPropelPlugin/lib/propel/sfPropelAutoload.php on line 17 Even when I revert the code to what it was originally. Clearing the cache doesn't solve anything... Ehm...:S Sorry for all these questions.. Marijn On Apr 10, 6:53 pm, "Thomas Rabaix" <[EMAIL PROTECTED]> wrote: > Marjin, > > I used the sfFrom class before the introduction of the secret in the > settings.yml, And to make thing works fine I have to use this bit of > code : > > Note : I have only used propel form generated by the command line > > abstract class BaseFormPropel extends sfFormPropel > { > public function setup() > { > sfForm::enableCSRFProtection(); > $this->addCSRFProtection('my secret'); > } > > } > > I get a valid csrf token value, and a correct token validation > > Thomas > > On Thu, Apr 10, 2008 at 4:32 PM, Marijn <[EMAIL PROTECTED]> wrote: > > > Hi Fabien, > > > The output of the version that I have installed on my server from the > > symfony CLI: > > symfony version 1.1.0-BETA2 (/var/www/vhosts/example.org/sf_core/ > > lib) > > > I installed the framework via SVN from this location: > > http://svn.symfony-project.com/tags/RELEASE_1_1_0_BETA2 > > > I made some modifications to the view but haven't touched any Form > > classes. In the view I only altered the wrapping HTML and not the > > rendering of the forms. To be completele sure I tested by creating > > another module with a new model definition. I generated the model, > > generated the module, generated the crud actions all from the symfony > > CLI. When I try to add content via the web interface generated I still > > have the problems with the csfr token is required. It occurs on both > > the development and production environment. > > > Would you like me to email the generated code? > > > Thanks for your help and a great framework, > > > Marijn > > > On Apr 10, 3:28 pm, Fabien POTENCIER <[EMAIL PROTECTED] > > > project.com> wrote: > > > Do you use the 1.1 beta 2 or /branches/1.1? > > > > Do you use the code generated by the generate-crud CLI or have you > > > modified something? > > > > It will easier to help you out if you can post the generated code as > > > I've just tested the generate-crud on a brand new project and it works > > > for me. > > > > Thanks, > > > Fabien > > > > Marijn wrote: > > > > Hi everybody, > > > > > pretty indecent of me to bump my thread but I'm really in need of a > > > > solution :-( > > > > > For the sake of clarity: > > > > - have installed the latest symfony 1.1 beta > > > > - created my model > > > > - generated crud actions with the symfony CLI > > > > - set the csfr_secret value in settings.yml > all > .settings > > > > - cleared the cache a 1000 times > > > > - assured that my view renders a hidden csfr_token input field (which > > > > only has a name and an ID, not a value) > > > > - still get an error message the a csfr token is required > > > > > Any thoughts? Help is very much appreciated :-) > > > > > Marijn > > > > > On Apr 9, 2:07 am, Marijn <[EMAIL PROTECTED]> wrote: > > > >> Thanks Dustin, > > > > >> I didn't make myself clear enough. I don't want to use a hash sign in > > > >> the value. The problem is that even with the csfr_secret value defined > > > >> in my settings.yml my forms still don't work. If I try to add > > > >> something to my database with the crud actions that were generated by > > > >> symfony I still get the csfr required error. > > > > >> Do you have any thoughts on that? > > > > >> Thanks, > > > > >> Marijn > > > > >> On Apr 9, 1:12 am, Dustin Whittle <[EMAIL PROTECTED]> > > > >> wrote: > > > > >>> Marijn, > > > >>> In symfony yaml files #app_my_setting# will be replace with the > > equivalent > > > >>> of sfConfig::get('app_my_setting'). If you want to use # as a value, > > wrap it > > > >>> in single quotes. csrf_secret: 'my_crazy_#_value'. > > > >>> - Dustin > > > >>> On 4/8/08 3:55 PM, "Marijn" <[EMAIL PROTECTED]> wrote: > > > >>>> On Apr 8, 5:55 pm, "Thomas Rabaix" <[EMAIL PROTECTED]> wrote: > > > >>>>> in yml # symbol is used to comment text .... :) > > > >>>> Yeah, I love that symbol :-D > > > >>>> I just wasn't sure if it's meaning were the same if it came in two > > > >>>> pairs wrapped around a ##value## > > > >>>> Unfortunately that means the problem isn't solved yet... The code > > > >>>> generated by your example is the following: > > > >>>> <input type="hidden" name="$module_name$[_csrf_token]" > > id="$module_name > > > >>>> $__csrf_token" /> > > > >>>> Any thoughts..? Thanks, > > > >>>> Marijn > > > >>>>> csrf_secret: my super token > > > >>>>> Thomas > > > >>>>> On Tue, Apr 8, 2008 at 5:44 PM, Marijn <[EMAIL PROTECTED]> wrote: > > > >>>>>> Hi Thomas, > > > >>>>>> Thanks for your quick reply. > > > >>>>>> in my view there was the following line of code for my > > csrf_token: > > > >>>>>> <?php echo $form['_csrf_token'] ?> > > > >>>>>> If I use that or the code you gave me the hidden input tag is > > created > > > >>>>>> but it has no value assigned to it. > > > >>>>>> Should the scfr_secret value in my config be wrapped in hash > > signs or > > > >>>>>> can I just use some arbitrary string..? > > > >>>>>> Thanks, > > > >>>>>> Marijn > > > >>>>>> On Apr 8, 5:18 pm, "Thomas Rabaix" <[EMAIL PROTECTED]> wrote: > > > >>>>>> > I am not 100% sure about that but you sould add a csrf secret > > in your > > > >>>>>> > settings.yml > > > >>>>>> > all: > > > >>>>>> > .settings: > > > >>>>>> > # Form security secret (CSRF protection) > > > >>>>>> > csrf_secret: ##CSRF_SECRET## # Unique secret to > > enable > > > >>>>>> > CSRF protection or false to disable > > > >>>>>> > In the view, check that field csrf is present, if not add > > > >>>>>> > <?= $form[$form->getCSRFFieldName()]->render() ?> > > > >>>>>> > Thomas > > > >>>>>>> On Tue, Apr 8, 2008 at 5:10 PM, Marijn <[EMAIL PROTECTED]> > > > >>>>>>> wrote: > > > >>>>>> > > Hi everybody, > > > >>>>>> > > I am having trouble finding documentation about csrf > > support in > > > >>>>>> > > symfony 1.1. When I generate crud actions for a Model and > > try to > > > >>>>>> > > populate it with data by using the create web interface it > > says that > > > >>>>>> > > csrf_token is required. > > > >>>>>> > > Anybody here who knows this problem or who can tell me what > > I am doing > > > >>>>>> > > wrong? I haven't changed a thing after generating the crud > > actions. > > > >>>>>> > > Thanks, > > > >>>>>> > > Marijn --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "symfony users" group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en -~----------~----~----~----~------~----~------~--~---