CSRF令牌无效.请尝试重新提交表格 [英] The CSRF token is invalid. Please try to resubmit the form
问题描述
每次尝试提交表单时,我都会收到此错误消息:
I'm getting this error message every time I try to submit the form:
CSRF令牌无效.请尝试重新提交表格
The CSRF token is invalid. Please try to resubmit the form
我的表单代码是这样:
<form novalidate action="{{path('signup_index')}}" method="post" {{form_enctype(form)}} role="form" class="form-horizontal">
<div class="form-group">
{{ form_label(form.email, 'Email', {'label_attr': {'class': 'col-md-1 control-label'}}) }}
{{ form_widget(form.email, {'attr': {'class': 'col-md-2'}}) }}
{{ form_errors(form.email) }}
</div>
<div class="form-group">
{{ form_label(form.nickname, 'Nickname', {'label_attr': {'class': 'col-md-1 control-label'}}) }}
{{ form_widget(form.nickname, {'attr':{'class': 'col-md-2'}}) }}
{{ form_errors(form.nickname, {'attr': {'class': 'col-md-3'}}) }}
</div>
<div class="form-group">
{{ form_label(form.password, 'password', {'label_attr': {'class': 'col-md-1 control-label'}}) }}
{{ form_widget(form.password, {'attr': {'class': 'col-md-2'}}) }}
{{ form_errors(form.password, {'attr': {'class': 'col-md-3'}}) }}
</div>
<div class="form-group">
{{ form_label(form.password_repeat, 'Repeat password', {'label_attr': {'class': 'col-md-1 control-label'}}) }}
{{ form_widget(form.password_repeat, {'attr':{'class': 'col-md-2'}}) }}
{{ form_errors(form.password_repeat, {'attr': {'class': 'col-md-3'}}) }}
</div>
<div class="form-group">
<div class="col-md-1 control-label">
<input type="submit" value="submit">
</div>
</div>
</form>
有什么想法吗?
推荐答案
您需要以表单的形式添加_token,即
You need to add the _token in your form i.e
{{ form_row(form._token) }}
截至目前,您的表单缺少CSRF令牌字段.如果您使用细枝形式的表单功能来呈现form(form)之类的表单,这将自动为您呈现CSRF令牌字段,但是您的代码显示您正在使用原始HTML来呈现您的表单,例如<form></form>,因此您必须手动呈现字段.
As of now your form is missing the CSRF token field. If you use the twig form functions to render your form like form(form) this will automatically render the CSRF token field for you, but your code shows you are rendering your form with raw HTML like <form></form>, so you have to manually render the field.
或者,只需在表单的结束标记之前添加{{ form_rest(form) }}.
Or, simply add {{ form_rest(form) }} before the closing tag of the form.
根据文档
这将呈现给定尚未呈现的所有字段 形式.始终将其保留在表单中的某个位置是个好主意 因为它将为您呈现隐藏的字段,并使您忘记的任何字段 呈现得更加明显(因为它将为您呈现该字段).
This renders all fields that have not yet been rendered for the given form. It's a good idea to always have this somewhere inside your form as it'll render hidden fields for you and make any fields you forgot to render more obvious (since it'll render the field for you).
这篇关于CSRF令牌无效.请尝试重新提交表格的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
