/**
* Constructor.
*
* @param string $name
* @param array|object $data
* @param ValidatorInterface $validator
* @param array $options
*/
public function __construct($name, $data = null, ValidatorInterface $validator = null, array $options = array())
{
$this->validator = $validator;
// Prefill the form with the given data
if (null !== $data) {
$this->setData($data);
}
$this->addOption('csrf_protection');
$this->addOption('csrf_field_name', '_token');
$this->addOption('csrf_secrets', array(__FILE__ . php_uname()));
$this->addOption('field_factory');
$this->addOption('validation_groups');
if (isset($options['validation_groups'])) {
$options['validation_groups'] = (array) $options['validation_groups'];
}
parent::__construct($name, $options);
// If data is passed to this constructor, objects from parent forms
// should be ignored
if (null !== $data) {
$this->setPropertyPath(null);
}
// Enable CSRF protection, if necessary
if ($this->getOption('csrf_protection')) {
$field = new HiddenField($this->getOption('csrf_field_name'), array('property_path' => null));
$field->setData($this->generateCsrfToken($this->getOption('csrf_secrets')));
$this->add($field);
}
}
/**
* Enables CSRF protection for this form.
*/
public function enableCsrfProtection($csrfFieldName = null, $csrfSecret = null)
{
if (!$this->isCsrfProtected()) {
if (null === $csrfFieldName) {
$csrfFieldName = FormConfiguration::getDefaultCsrfFieldName();
}
if (null === $csrfSecret) {
$csrfSecret = md5(__FILE__ . php_uname());
}
$field = new HiddenField($csrfFieldName, array('property_path' => null));
$field->setData($this->generateCsrfToken($csrfSecret));
$this->add($field);
$this->csrfFieldName = $csrfFieldName;
$this->csrfSecret = $csrfSecret;
}
}
/**
* Enables CSRF protection for this form.
*/
public function enableCsrfProtection()
{
if (!$this->isCsrfProtected()) {
$field = new HiddenField($this->getCsrfFieldName(), array('property_path' => null));
$field->setData($this->getCsrfToken());
$this->add($field);
}
}
/**
* Enables CSRF protection for this form.
*/
public function enableCsrfProtection($csrfFieldName = null, $csrfSecret = null)
{
if (!$this->isCsrfProtected()) {
if ($csrfFieldName === null) {
$csrfFieldName = self::$defaultCsrfFieldName;
}
if ($csrfSecret === null) {
if (self::$defaultCsrfSecret !== null) {
$csrfSecret = self::$defaultCsrfSecret;
} else {
$csrfSecret = md5(__FILE__ . php_uname());
}
}
$field = new HiddenField($csrfFieldName, array('property_path' => null));
$field->setData($this->generateCsrfToken($csrfSecret));
$this->add($field);
$this->csrfFieldName = $csrfFieldName;
$this->csrfSecret = $csrfSecret;
}
}
