123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103 |
- <?php
- namespace Symfony\Component\Form;
- /*
- * This file is part of the Symfony package.
- *
- * (c) Fabien Potencier <fabien.potencier@symfony-project.com>
- *
- * For the full copyright and license information, please view the LICENSE
- * file that was distributed with this source code.
- */
- use Symfony\Component\Form\CsrfProvider\DefaultCsrfProvider;
- use Symfony\Component\Form\Exception\FormException;
- use Symfony\Component\Validator\ValidatorInterface;
- /**
- * Default implementaton of FormContextInterface
- *
- * This class is immutable by design.
- *
- * @author Fabien Potencier <fabien.potencier@symfony-project.com>
- * @author Bernhard Schussek <bernhard.schussek@symfony-project.com>
- */
- class FormContext implements FormContextInterface
- {
- /**
- * The options used in new forms
- * @var array
- */
- protected $options = null;
- /**
- * Builds a context with default values
- *
- * By default, CSRF protection is enabled. In this case you have to provide
- * a CSRF secret in the second parameter of this method. A recommended
- * value is a generated value with at least 32 characters and mixed
- * letters, digits and special characters.
- *
- * If you don't want to use CSRF protection, you can leave the CSRF secret
- * empty and set the third parameter to false.
- *
- * @param ValidatorInterface $validator The validator for validating
- * forms
- * @param string $csrfSecret The secret to be used for
- * generating CSRF tokens
- * @param boolean $csrfProtection Whether forms should be CSRF
- * protected
- * @throws FormException When CSRF protection is enabled,
- * but no CSRF secret is passed
- */
- public static function buildDefault(ValidatorInterface $validator, $csrfSecret = null, $csrfProtection = true)
- {
- $options = array(
- 'csrf_protection' => $csrfProtection,
- 'validator' => $validator,
- );
- if ($csrfProtection) {
- if (empty($csrfSecret)) {
- throw new FormException('Please provide a CSRF secret when CSRF protection is enabled');
- }
- $options['csrf_provider'] = new DefaultCsrfProvider($csrfSecret);
- }
- return new static($options);
- }
- /**
- * Constructor
- *
- * Initializes the context with the settings stored in the given
- * options.
- *
- * @param array $options
- */
- public function __construct(array $options = array())
- {
- if (isset($options['csrf_protection'])) {
- if (!$options['csrf_protection']) {
- // don't include a CSRF provider if CSRF protection is disabled
- unset($options['csrf_provider']);
- }
- unset($options['csrf_protection']);
- }
- $options['context'] = $this;
- $this->options = $options;
- }
- /**
- * {@inheritDoc}
- */
- public function getOptions()
- {
- return $this->options;
- }
- }
|