FOS user-bundle forms (login, register, ...) are working just fine, but not my own forms, giving me:
The CSRF token is invalid. Please try to resubmit the form
While I am trying to create a resource under:
http://www.project.local/app_dev.php/developer/new
or even:
http://www.project.local/developer/new
/Library/WebServer/Documents/project/web7.1.23.2.*~2.0@dev^2.0app/config/config.yml
framework:
secret: "%secret%"
router:
resource: "%kernel.root_dir%/config/routing.yml"
strict_requirements: ~
form: ~
csrf_protection: ~
validation: { enable_annotations: true }
#serializer: { enable_annotations: true }
templating:
engines: ['twig']
trusted_hosts: ~
trusted_proxies: ~
session:
handler_id: session.handler.native_file
save_path: "%kernel.root_dir%/../var/sessions/%kernel.environment%"
fragments: ~
http_method_override: true
# Twig Configuration
twig:
debug: "%kernel.debug%"
strict_variables: "%kernel.debug%"
form_themes:
- 'form/form_div_layout.html.twig'
app/config/security.yml
security:
providers:
fos_userbundle:
id: fos_user.user_provider.username
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
main:
pattern: ^/
form_login:
provider: fos_userbundle
csrf_token_generator: security.csrf.token_manager
DeveloperController
public function newAction(Request $request)
{
$developer = new Developer();
$form = $this->createForm(DeveloperType::class, $developer);
$form->handleRequest($request);
if ($form->isSubmitted() && $form->isValid()) {
$em = $this->getDoctrine()->getManager();
$em->persist($developer);
$em->flush($developer);
return $this->redirectToRoute('developer_show', array('id' => $developer->getId()));
}
return $this->render('BackendBundle:Developer:new.html.twig', array(
'developer' => $developer,
'form' => $form->createView(),
));
}
DeveloperType
class DeveloperType extends AbstractType
{
public function buildForm(FormBuilderInterface $builder, array $options) {
$builder->add('user');
}
public function configureOptions(OptionsResolver $resolver) {
$resolver->setDefaults(array(
'data_class' => Developer::class
));
}
public function getBlockPrefix() {
return 'backendbundle_developer';
}
}
Form - Template
{{ form_start(form) }}
{{ form_widget(form) }}
<button type="submit" name="{{ form.vars.name }}">Create</button>
{{ form_end(form) }}
Form - Generated
The form has always the hidden _token input field present.
<form name="form_name" method="post" class="ui form">
<input type="hidden" name="form_name[_token]" value="YefVvhSvvNTItjw7ayDFwFi4sdf_6oOvsQjnUu9X7cw">
<button type="submit" name="form_name">Create</button>
</form>
(form_name equals backendbundle_developer)
Googled for hours and read all similar questions on Stack Overflow including the above
Rechecked the file system permissions
The httpd process is running under _www user, so:
sudo chown -R _www var/
sudo chmod -R 775 var/
Session files are created and updated under var/sessions/ successfully
Changed app/config/config.yml entry
session:
handler_id: session.handler.native_file
save_path: "%kernel.root_dir%/../var/sessions/%kernel.environment%"
to
session:
handler_id: session.handler.native_file
save_path: ~
with no success at all.
This is not a duplicate of these similar questions:
You should change this
<button type="submit" name="form_name">Create</button>
With this
<button type="submit" name="form_name[submit]">Create</button>