CSRF error when using container

Notice: This thread is very old.

6 years ago

pseek
Member | 4
+
0
-

Hello,
I have a form where I add inputs dynamically according to the data in a database, something like this:

class WhateverForm extends \FormAbstract
{
    public function __construct(...)
    {
        parent::__construct($parent, $name);

        $new = $this->addContainer('new_value');

        foreach(getDataWherever() as $row){
            if($row->type === "text"){
                $new->addTextArea($row->id, $row->title);
            }
            else {
                $new->addText($row->id, $row->title);
            }
            $new[$row->id]->setTranslator(null)
                    ->setDefaultValue(isset($row->value_to) ? $row->value_to : '')
                    ->setOption('source', isset($row->value_from) ? $row->value_from : '');

        }

        $this->addSubmit('update');
        $this->onSuccess[] = callback($this, 'formSubmitted');
    }

    public function formSubmitted($form)
    {
        var_dump($this->getValues());
    }

}

FormAbstract class calls addProtection and some other basic stuff, like setting up the renderer.

I also have a manual rendering like this:

{form whateverForm}
    {control $form 'errors'}
    <table>
        {foreach $form['new_value']->getComponents() as $c}
            <tr>
                <td>{$c->getLabel()}</td>
                <td>{$c->getOption('source')}</td>
                <td>{$c->getControl()}</td>
            </tr>
        {/foreach}
    </table>
        <div class="submit">{input update}</div>
{/form}

The problem is that when I use it like this CSRF error kicks in every time (with _token_ input value being empty string, although the control is rendered and sent correctly) and I don't make it to the formSubmitted method, however when I dont add those dynamic inputs into the container and adjust my rendering accordingly the form works just fine. Am I doing something wrong here?

I am using Nette 2.0.6. I also tried to reproduce this issue in clean sandbox with the same nette version, but I was unable to do so which suggest that the error is somewhere on my side or is very specific.

Thanks for any advice.

6 years ago

pseek
Member | 4
+
0
-

Alright, I solved the problem and it's not nette related at all. I added too much inputs, more than max_input_vars.