ZendFramework 2-删除InputFilter会导致自定义筛选器中的错误行为
我有一个注册表单User\UserForm,其中包含一个字段集User\UserFieldset。在UserFieldset中,我放置了一个名为"passwordVerify“的字段,它应该与字段集中另一个名为"password”的字段相同。这可以很好地工作。
但是,如果管理员想要修改管理\用户表单中的用户帐户,则应删除字段集User\UserFieldset中的字段"passwordVerify“。因此,我在Admin\UserForm中调用以下代码:
$this->get('user')->remove('passwordVerify');
$this->getInputFilter()->get('user')->remove('passwordVerify')不出所料,表单现在缺少"passwordVerify“字段。
如果我在编辑一些内容后保存表单,我的自定义过滤器"PasswordFilter“不能再检索字段集的绑定对象($this->getOption('object');返回一个用户对象)-但绑定对象的所有属性都为空。如果我在不删除"passwordVerify"-field和"passwordVerify"-inputfilter的情况下使用Admin,则一切正常,绑定的对象将传递给"PasswordFilter“并填充属性(就值而言,由用户插入到Admin中)。破坏一切的代码行是$this->getInputFilter()->get('user')->remove('passwordVerify')。因此,这导致了我的假设,通过删除inputfilter,水合对象以某种方式被清空。下面是我的一些代码摘录,如果需要,我可以提供更多关于工厂等的信息。
管理员/用户表单:
class UserForm extends Form
{
/**
* @var EntityManager
*/
protected $entityManager = null;
/**
* @var Translator
*/
protected $translator = null;
public function __construct(EntityManager $entityManager, Translator $translator)
{
$this->entityManager = $entityManager;
$this->translator = $translator;
parent::__construct("userForm");
$this->setHydrator(new DoctrineHydrator($entityManager));
}
public function init()
{
// Adding UserFieldset
$this->add(array(
'name' => 'user',
'type' => \User\Form\UserFieldset::class,
'options' => array(
'use_as_base_fieldset' => true,
),
));
$this->get('user')->remove('passwordVerify');
$this->getInputFilter()->get('user')->remove('passwordVerify');
$this->add(array(
'type' => 'Zend\Form\Element\Csrf',
'name' => 'csrf',
));
$this->add(array(
'type' => 'submit',
'name' => 'submit',
'options' => array(
'label' => $this->translator->translate('Btn.submit.user', 'Form')
),
));
}
}用户\UserFieldset:
class UserFieldset extends Fieldset implements InputFilterProviderInterface
{
/**
* @var EntityManager
*/
protected $entityManager = null;
/**
* @var Translator
*/
protected $translator = null;
public function __construct(EntityManager $entityManager, Translator $translator)
{
$this->entityManager = $entityManager;
$this->translator = $translator;
parent::__construct("userFieldset");
$this->setHydrator(new DoctrineHydrator($entityManager))->setObject(new User());
}
public function init()
{
$this->add(array(
'type' => 'text',
'name' => 'firstName',
'options' => array(
'label' => $this->translator->translate('label.firstName', 'Form'),
'label_attributes' => array(
'class' => 'col-sm-3',
),
'column-size' => 'sm-5',
),
'attributes' => array(
'id' => 'firstName',
),
));
/* ... */
$this->add(array(
'type' => 'text',
'name' => 'password',
'options' => array(
'label' => $this->translator->translate('label.password', 'Form'),
'label_attributes' => array(
'class' => 'col-sm-3',
),
'column-size' => 'sm-5',
),
'attributes' => array(
'id' => 'password',
),
));
$this->add(array(
'type' => 'password',
'name' => 'passwordVerify',
'options' => array(
'label_attributes' => array(
'class' => 'col-sm-3 control-label'
),
'label' => $this->translator->translate('label.verifyPassword', 'Form'),
'column-size' => 'sm-8',
),
'attributes' => array(
'class' => 'form-control',
'id' => 'password'),
));
/* ... */
// Adding AddressFieldset
$this->add(array(
'name' => 'address',
'type' => \User\Form\AddressFieldset::class,
));
/* ... */
$this->add(array(
'type' => 'datetime',
'name' => 'created',
'options' => array(
'label' => $this->translator->translate('label.created', 'Form'),
'format' => 'd.m.Y H:i',
'label_attributes' => array(
'class' => 'col-sm-3',
),
'column-size' => 'sm-5',
),
'attributes' => array(
'id' => 'created',
),
));
}
public function getInputFilterSpecification()
{
return array(
'firstName' => array(
'required' => true,
'filters' => array(
array('name' => 'StringTrim'),
array('name' => 'StripTags'),
),
'validators' => array(),
),
/* ... */
'password' => array(
'required' => true,
'filters' => array(
array('name' => 'StringTrim'),
array('name' => 'StripTags'),
[
'name' => PasswordFilter::class,
'options' => [
'object' => $this->getObject(),
'field' => 'password'
]
]
),
'validators' => array(),
),
'passwordVerify' => array(
'required' => true,
'filters' => [
[
'name' => PasswordFilter::class,
'options' => [
'object' => $this->getObject(),
'field' => 'password'
]
]
],
'validators' => array(
array(
'name' => 'StringLength',
'options' => array(
'min' => 6
)
),
array(
'name' => 'Identical',
'options' => array(
'token' => 'password'
)
)
)
),
/* ... */
'created' => array(
'required' => false,
'filters' => array(
array('name' => 'StringTrim'),
),
'validators' => array(
array(
'name' => 'Date',
'options' => array('format' => 'd.m.Y H:i')
),
),
)
);
}
}PasswordFilter:
class PasswordFilter extends AbstractFilter
{
/** @var EntityManager */
protected $entityManager;
/** @var PasswordInterface */
protected $passwordManager;
/**
* PasswordFilter constructor.
* @param EntityManager $entityManager
* @param PasswordInterface $passwordManager
* @param array $options
*/
public function __construct(EntityManager $entityManager, PasswordInterface $passwordManager, $options = [])
{
$this->entityManager = $entityManager;
$this->passwordManager = $passwordManager;
$this->options = $options;
}
public function filter($value)
{
$object = $this->getOption('object');
$field = $this->getOption('field');
$getter = 'get'.ucfirst($field);
if (!$object || !$field) {
throw new \Exception('Options "object" and "field" are required.');
}
if ($object->getId()) {
$dbObject = $this->entityManager->getRepository(get_class($object))->find($object->getId());
if ($value === $dbObject->{$getter}()) {
return $value;
}
}
// hash password here...
return $this->passwordManager->create($value);
}
private function getOption($option)
{
if (array_key_exists($option, $this->options)) {
return $this->options[$option];
}
return false;
}
}有什么线索吗?是否在实例化的早期调用"passwordVerify“的remove inputfilter?我还测试了在控制器中删除“$ inputFilter ->form->bind($user)”之后的表单和字段,这也是有效的。为什么在管理\用户表单中删除它不起作用,在我看来,这是管理"passwordVerify"-stuff的更干净的方法?
回答 1
Stack Overflow用户
发布于 2017-07-14 02:08:04
如果调用$this->getInputFilter(),则会调用UserForm中的InputProviderInterface::getInputSpecification方法。
如果尚未附着该对象,则无法检索该对象。但我不明白你为什么需要它。如果值与数据库值不匹配,您将对密码进行散列处理,但显然数据库值似乎是纯文本作为输入,或者为什么要比较它?
无论数据库中的当前值是什么,你都应该对密码进行哈希处理。
如果您使用的是doctrine,并且密码不会更改,则无论如何它都不会执行更新查询。
https://stackoverflow.com/questions/45086116
复制相似问题
腾讯云开发者
Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有
深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 
粤公网安备44030502008569号
腾讯云计算(北京)有限责任公司 京ICP证150476号 | 京ICP备11018762号