我有一个使用一些自定义验证器构建的表单,它们就像一个魅力,但我添加一个新的验证器,与其他验证器略有不同.
基本上我需要根据我通常可以从实体中提取的值来检查表单中的数据.
在这种情况下,我需要获取用户密码salt(使用$ user-> getSalt()).问题似乎是CallbackValidator类不能接受$ form以外的任何其他数据.
我的代码:
$user = $this->get('security.context')->getToken()->getUser();
$form = $this->createFormBuilder($user)
->add('password', 'password')
->add('newPassword', 'password', array('label' => 'New Password', 'property_path' => false))
->add('confirmPassword', 'password', array('label' => 'Confirm Password', 'property_path' => false))
->addValidator(new CallbackValidator(function($form)
{
$encoder = new MessageDigestPasswordEncoder('sha1', false, 1);
$password = $encoder->encodePassword($form['password']->getData(), $user->getSalt());
if($password != $user->getPassword()) {
$form['password']->addError(new FormError('Incorrect password'));
}
if($form['confirmPassword']->getData() != $form['newPassword']->getData()) {
$form['confirmPassword']->addError(new FormError('Passwords must match.'));
}
if($form['newPassword']->getData() == '') {
$form['newPassword']->addError(new FormError('Password cannot be blank.'));
}
}))
->getForm();
现在,这是我得到的错误:
Fatal error: Call to a member function getSalt() on a non-object in /Sites/src/UserBundle/Controller/DashboardController.php on line 57
第57行是:
$password = $encoder->encodePassword($form['password']->getData(), $user->getSalt());
我尝试了各种尝试并将盐传递给CallbackValidator,到目前为止唯一的方法是将其作为隐藏字段添加到表单中但是这是不可接受的,因为它存在安全风险,我还需要添加哈希密码作为隐藏字段以匹配输入.
必须有一个更简单的方法来做到这一点?
来自的$ user变量$this->get('security.context')->getToken()->getUser();未在匿名函数的范围内定义.
与从父作用域(自动闭包)继承的javascript等语言相反,您需要明确地请求php来执行此操作.该use关键字是为在制作:http://php.net/manual/en/functions.anonymous.php
$user = new User;
function($form) use($user) {
};
这是一个更好的解释:) Javascript闭包与PHP闭包,有什么区别?
所以你应该做的就是修改你的代码:
$user = $this->get('security.context')->getToken()->getUser();
$form = $this->createFormBuilder($user)
->add('password', 'password')
->add('newPassword', 'password', array('label' => 'New Password', 'property_path' => false))
->add('confirmPassword', 'password', array('label' => 'Confirm Password', 'property_path' => false))
->addValidator(new CallbackValidator(function($form) use($user)
{
$encoder = new MessageDigestPasswordEncoder('sha1', false, 1);
$password = $encoder->encodePassword($form['password']->getData(), $user->getSalt());
if($password != $user->getPassword()) {
$form['password']->addError(new FormError('Incorrect password'));
}
if($form['confirmPassword']->getData() != $form['newPassword']->getData()) {
$form['confirmPassword']->addError(new FormError('Passwords must match.'));
}
if($form['newPassword']->getData() == '') {
$form['newPassword']->addError(new FormError('Password cannot be blank.'));
}
}))
->getForm();
| 归档时间: |
|
| 查看次数: |
1619 次 |
| 最近记录: |