Symfony 2。 编辑个人资料时,会话无法正常工作
[英]Symfony2. Session does not work correctly when editing the profile
问题描述
When i logined in my site as role_user, and when i try to edit my profile i try to change my login as a something login in my DB, i see error - 'This login is already used', ok, but when i refresh my page i see that i authorization as new login, its not good 
当我以role_user身份登录我的网站时,当我尝试编辑我的个人资料时,我尝试将我的登录名更改为DB中的某种登录名,我看到错误-'此登录名已被使用',确定,但是当我刷新页面,我看到我授权为新登录名,效果不佳
I have this form builder: 我有这个表单生成器:
namespace User\WalletBundle\Form;
use Doctrine\ORM\EntityRepository;
use Symfony\Component\Form\AbstractType;
use Symfony\Component\Form\FormBuilderInterface;
class EditForm extends AbstractType {
public function buildForm(FormBuilderInterface $builder, array $options) {
$builder->add('username', null, array('attr' => array('placeholder' => 'Login')));
$builder->add('email', 'email', array('attr' => array('placeholder' => 'E-mail')));
$builder->add('mobile', 'number', array('attr' => array('placeholder' => 'Mobile','maxlength' => 10)));
$builder->add('password', 'repeated', array(
'type' => 'password',
'invalid_message' => 'Пароли не совпадают',
'options' => array('label'=>'','required' => false, 'always_empty' => false)));
$builder->add('old_pass','password',array('attr' => array('placeholder' => 'Old pass')));
}
public function getName() {
return 'edit_form';
}
public function getDefaultOptions(array $options) {
return array(
'data_class' => 'User\WalletBundle\Entity\User',
);
}
}
I think i don't know good how this system working (security), maybe i can read about my problem, please take a link. 我想我不太清楚这个系统的工作方式(安全性),也许我可以阅读我的问题,请链接。 Very thanks 很感谢
Very-very sorry about my english 非常抱歉我的英语
In my controller, for test, i write this code 在控制器中,为了测试,我编写了这段代码
/**
* @Secure(roles="ROLE_USER")
* @Template("UserWalletBundle:Wallet:settings.html.twig")
*/
public function settingsAction(Request $request) {
$user_edit = $this->getDoctrine()->getRepository('UserWalletBundle:User')->findOneById($this->get('security.context')->getToken()->getUser()->getId());
$form = $this->createForm(new EditForm(), $user_edit);
if ($request->getMethod() == 'POST') {
$form->bindRequest($request);
// Now i have login Alice, and i want change my profile, set login Test, but Test is created some user in DB, ofcours i see error This login is already used
if ($form->isValid()) {
//Do anything
} else {
// There i see error This login is already used
return array('form' => $form->createView());
}
} else
return array('form' => $form->createView());
}
And now i refresh my page and i see that i authorization as username (login) "Test", why and how i can solve this problem? 现在我刷新页面,看到我以用户名(登录)“ Test”作为授权,为什么以及如何解决此问题?
1 个解决方案
解决方案1
0 2013-05-28 18:29:01
When you are retrive User entity at line 在网上检索用户实体时
$user_edit = $this->getDoctrine()->getRepository('UserWalletBundle:User')->findOneById($this->get('security.context')->getToken()->getUser()->getId());
you will get your current authorized User entity. 您将获得当前的授权用户实体。
So to edit you profile, you should use another User class. 因此,要编辑个人资料,应使用另一个User类。 It should contains fields which you are edit. 它应包含您正在编辑的字段。 It should be used to work form with. 它应与表格一起使用。 And after success form validation and entityManager flush, you should change fields of current authorized user. 在成功进行表单验证并刷新了entityManager之后,您应该更改当前授权用户的字段。
I'll try to explain, why is your problem happen. 我将尽力解释为什么您的问题会发生。 But my English is also not good. 但是我的英语也不好。
I hope you know, that in php passes and returns objects by reference. 我希望您知道,在php中通过引用传递和返回对象。
Doctrine implements IdentityMap pattern. 原则实现IdentityMap模式。 Shortly, when you try get some data from DB, Doctrine put retrieved data in special array. 很快,当您尝试从数据库中获取一些数据时,Doctrine会将检索到的数据放在特殊的数组中。 Ie if you retrieve User from DB it will be added to this special array. 即,如果您从数据库中检索用户,它将被添加到此特殊数组中。 So, when you will try to get it again, there will be no request to the DB, but data from array will be returned. 因此,当您尝试再次获取它时,不会向数据库发出请求,但是会返回来自数组的数据。
So, when you logged in, doctrine retrieved User from DB(for authorization) ant put it in array. 因此,当您登录时,从DB(用于授权)蚂蚁检索到的用户理论将其放入数组中。 Also Symfony's @security.context service use this instance of User. Symfony的@ security.context服务也使用该User实例。 Now, at settingsAction, you try to get User again and doctrine returns it from array. 现在,在settingsAction处,您尝试再次获取User,然后主义从数组中将其返回。 After bind request, User model changed(in your case login field changed), and Symfony's @security.context also "knows" about these changes. 绑定请求后,用户模型更改(在您的情况下,登录字段更改),Symfony的@ security.context也“知道”这些更改。 Even form is invalid, post data was mapped to your User. 即使表单无效,帖子数据也已映射到您的用户。 That's why you see new login after page was refreshed. 这就是刷新页面后看到新登录名的原因。 If you logout and login again, you will see your "old" login, because there was no flush to DB after bind. 如果注销并再次登录,将看到“旧”登录名,因为绑定后没有刷新到DB。
I hope this will helps you. 希望对您有帮助。
ps I can explain it better in Russian :) PS我可以用俄语更好地解释它:)
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.