Php symfony2:运行此方法后,用户密码设置为空
此方法我使用它来添加新作业,但当我添加作业时,当前用户的密码将设置为空,因为我检索的用户对象并没有密码,并且 symfony的行为是这样的,为了确保密码的安全,任何帮助都将不胜感激 `公共函数addJobAction(){ 这是我的工作Php symfony2:运行此方法后,用户密码设置为空,php,symfony,Php,Symfony,此方法我使用它来添加新作业,但当我添加作业时,当前用户的密码将设置为空,因为我检索的用户对象并没有密码,并且 symfony的行为是这样的,为了确保密码的安全,任何帮助都将不胜感激 `公共函数addJobAction(){ 这是我的工作 namespace My\JobBundle\Entity; use Doctrine\ORM\Mapping as ORM; use My\UserBundle\Entity\User ; use Symfony\Component\Validator\Co
namespace My\JobBundle\Entity;
use Doctrine\ORM\Mapping as ORM;
use My\UserBundle\Entity\User ;
use Symfony\Component\Validator\Constraints as Assert;
/**
* My\JobBundle\Entity\Job
*
* @ORM\Table()
* @ORM\Entity(repositoryClass="My\JobBundle\Entity\JobRepository")
*/
class Job
{
/**
* @var integer $id
*
* @ORM\Column(name="id", type="integer")
* @ORM\Id
* @ORM\GeneratedValue(strategy="AUTO")
*/
private $id;
/**
* @var string $title
*
*
* @ORM\Column(name="title", type="string", length=255)
*/
private $title;
/**
* @var string $content
*
*
* @ORM\Column(name="content", type="text")
*/
private $content;
/**
* @var string $city
*
* @ORM\Column(name="city", type="string", length=255)
*
*/
private $city;
/**
* @var datetime $created_at
*
* @ORM\Column(name="created_at", type="datetime")
*/
private $created_at;
/**
* @var string $salary
*
* @ORM\Column(name="salary", type="string", length=255)
*
*
*/
private $salary;
/**
* @ORM\ManyToOne(targetEntity="My\UserBundle\Entity\User")
*/
private $announcer ;
/**
* link a job to a user
*/
public function setAnnouncer(User $a)
{
$this->announcer = $a;
}
/**
* return a user from a job object
*/
public function getAnnouncer()
{
return $this->announcer;
}
/**
* Get id
*
* @return integer
*/
public function getId()
{
return $this->id;
}
/**
* Set title
*
* @param string $title
*/
public function setTitle($title)
{
$this->title = $title;
}
/**
* Get title
*
* @return string
*/
public function getTitle()
{
return $this->title;
}
/**
* Set content
*
* @param string $content
*/
public function setContent($content)
{
$this->content = $content;
}
/**
* Get content
*
* @return string
*/
public function getContent()
{
return $this->content;
}
/**
* Set created_at
*
* @param datetime $createdAt
*/
public function setCreatedAt($createdAt)
{
$this->created_at = $createdAt;
}
/**
* Get created_at
*
* @return datetime
*/
public function getCreatedAt()
{
return $this->created_at;
}
/**
* Set salary
*
* @param string $salary
*/
public function setSalary($salary)
{
$this->salary = $salary;
}
/**
* Get salary
*
* @return string
*/
public function getSalary()
{
return $this->salary;
}
public function setCity($c)
{
$this->city = $c;
}
public function getCity()
{
return $this->city ;
}
public function __construct(){
$this->created_at = new \DateTime() ;
}
}
这是我的工作类型
namespace My\JobBundle\Form;
use Symfony\Component\Form\AbstractType;
use Symfony\Component\Form\FormBuilder;
class JobType extends AbstractType
{
public function buildForm(FormBuilder $builder, array $options)
{
$builder
->add('title')
->add('content','textarea' )
//->add('created_at')
->add('salary')
->add('city')
//->add('announcer')
;
}
public function getName()
{
return 'my_jobbundle_jobtype';
}
}
这是我的日志,我看到密码更新了
INSERT INTO Job (title, content, city, created_at, salary, announcer_id) VALUES (?, ?, ?, ?, ?, ?) ({"1":"lfdgdfl;","2":";lkl;fdlgkdfl;","3":"lklkl;;l","4":{"date":"2012-02-05 23:39:16","timezone_type":3,"timezone":"Europe\/Paris"},"5":"333","6":1})
UPDATE User SET password = ? WHERE id = ? ([null,1])
这看起来确实很奇怪,但您始终可以在将用户对象绑定到新创建的作业之前检索它:
$token = $this->get('security.context')->getToken();
$user_repo = $this->getDoctrine()->getRepository('**NAMESPACE**:User');
$user = $user_repo->find($token->getUser()->getId());
$job->setAnnouncer($user);
$em = $this->getDoctrine()->getEntityManager();
$em->persist($job) ;
$em->flush();
另外,我不太确定,但我在某个地方读到,由于令牌的安全性,它不应该携带密码。。。。也许这就是您的问题…这看起来确实很奇怪,但您可以在将用户对象绑定到新创建的作业之前检索它:
$token = $this->get('security.context')->getToken();
$user_repo = $this->getDoctrine()->getRepository('**NAMESPACE**:User');
$user = $user_repo->find($token->getUser()->getId());
$job->setAnnouncer($user);
$em = $this->getDoctrine()->getEntityManager();
$em->persist($job) ;
$em->flush();
另外,我不太确定,但我在某个地方读到,由于令牌的安全性,它不应该携带密码。。。。也许这就是你的问题…我发现问题是由我的用户实体中的UserInterface的credential方法引起的
namespace My\JobBundle\Entity;
use Doctrine\ORM\Mapping as ORM;
use My\UserBundle\Entity\User ;
use Symfony\Component\Validator\Constraints as Assert;
/**
* My\JobBundle\Entity\Job
*
* @ORM\Table()
* @ORM\Entity(repositoryClass="My\JobBundle\Entity\JobRepository")
*/
class Job
{
/**
* @var integer $id
*
* @ORM\Column(name="id", type="integer")
* @ORM\Id
* @ORM\GeneratedValue(strategy="AUTO")
*/
private $id;
/**
* @var string $title
*
*
* @ORM\Column(name="title", type="string", length=255)
*/
private $title;
/**
* @var string $content
*
*
* @ORM\Column(name="content", type="text")
*/
private $content;
/**
* @var string $city
*
* @ORM\Column(name="city", type="string", length=255)
*
*/
private $city;
/**
* @var datetime $created_at
*
* @ORM\Column(name="created_at", type="datetime")
*/
private $created_at;
/**
* @var string $salary
*
* @ORM\Column(name="salary", type="string", length=255)
*
*
*/
private $salary;
/**
* @ORM\ManyToOne(targetEntity="My\UserBundle\Entity\User")
*/
private $announcer ;
/**
* link a job to a user
*/
public function setAnnouncer(User $a)
{
$this->announcer = $a;
}
/**
* return a user from a job object
*/
public function getAnnouncer()
{
return $this->announcer;
}
/**
* Get id
*
* @return integer
*/
public function getId()
{
return $this->id;
}
/**
* Set title
*
* @param string $title
*/
public function setTitle($title)
{
$this->title = $title;
}
/**
* Get title
*
* @return string
*/
public function getTitle()
{
return $this->title;
}
/**
* Set content
*
* @param string $content
*/
public function setContent($content)
{
$this->content = $content;
}
/**
* Get content
*
* @return string
*/
public function getContent()
{
return $this->content;
}
/**
* Set created_at
*
* @param datetime $createdAt
*/
public function setCreatedAt($createdAt)
{
$this->created_at = $createdAt;
}
/**
* Get created_at
*
* @return datetime
*/
public function getCreatedAt()
{
return $this->created_at;
}
/**
* Set salary
*
* @param string $salary
*/
public function setSalary($salary)
{
$this->salary = $salary;
}
/**
* Get salary
*
* @return string
*/
public function getSalary()
{
return $this->salary;
}
public function setCity($c)
{
$this->city = $c;
}
public function getCity()
{
return $this->city ;
}
public function __construct(){
$this->created_at = new \DateTime() ;
}
<?php
public function eraseCredential(){
$this->password = null ;
}
我发现这个问题是由我的用户实体中的UserInterface的credential方法引起的
namespace My\JobBundle\Entity;
use Doctrine\ORM\Mapping as ORM;
use My\UserBundle\Entity\User ;
use Symfony\Component\Validator\Constraints as Assert;
/**
* My\JobBundle\Entity\Job
*
* @ORM\Table()
* @ORM\Entity(repositoryClass="My\JobBundle\Entity\JobRepository")
*/
class Job
{
/**
* @var integer $id
*
* @ORM\Column(name="id", type="integer")
* @ORM\Id
* @ORM\GeneratedValue(strategy="AUTO")
*/
private $id;
/**
* @var string $title
*
*
* @ORM\Column(name="title", type="string", length=255)
*/
private $title;
/**
* @var string $content
*
*
* @ORM\Column(name="content", type="text")
*/
private $content;
/**
* @var string $city
*
* @ORM\Column(name="city", type="string", length=255)
*
*/
private $city;
/**
* @var datetime $created_at
*
* @ORM\Column(name="created_at", type="datetime")
*/
private $created_at;
/**
* @var string $salary
*
* @ORM\Column(name="salary", type="string", length=255)
*
*
*/
private $salary;
/**
* @ORM\ManyToOne(targetEntity="My\UserBundle\Entity\User")
*/
private $announcer ;
/**
* link a job to a user
*/
public function setAnnouncer(User $a)
{
$this->announcer = $a;
}
/**
* return a user from a job object
*/
public function getAnnouncer()
{
return $this->announcer;
}
/**
* Get id
*
* @return integer
*/
public function getId()
{
return $this->id;
}
/**
* Set title
*
* @param string $title
*/
public function setTitle($title)
{
$this->title = $title;
}
/**
* Get title
*
* @return string
*/
public function getTitle()
{
return $this->title;
}
/**
* Set content
*
* @param string $content
*/
public function setContent($content)
{
$this->content = $content;
}
/**
* Get content
*
* @return string
*/
public function getContent()
{
return $this->content;
}
/**
* Set created_at
*
* @param datetime $createdAt
*/
public function setCreatedAt($createdAt)
{
$this->created_at = $createdAt;
}
/**
* Get created_at
*
* @return datetime
*/
public function getCreatedAt()
{
return $this->created_at;
}
/**
* Set salary
*
* @param string $salary
*/
public function setSalary($salary)
{
$this->salary = $salary;
}
/**
* Get salary
*
* @return string
*/
public function getSalary()
{
return $this->salary;
}
public function setCity($c)
{
$this->city = $c;
}
public function getCity()
{
return $this->city ;
}
public function __construct(){
$this->created_at = new \DateTime() ;
}
<?php
public function eraseCredential(){
$this->password = null ;
}
2 kosaidpo
您的解决方案之所以有效,是因为在序列化用户对象或将其保存到数据库(这是手册所说的)时,橡皮擦凭据()方法用于清除用户敏感数据(意思不是机密,而是可以恢复的数据,其意义类似)。因此,当您将用户附加到作业对象并调用#flush()时,doctrine将检查与作业连接的所有对象中的更改,并发现用户对象已更改,因为橡皮擦凭据()已擦除密码。这就是您的用户得到更新的原因
还有一个解决方案可以帮助您:
解决方案:
来自条令文件
简而言之,您可以将@ChangeTrackingPolicy(“DEFERRED_EXPLICIT”)注释(正如我所做的,因为我使用的是annotations.Captain EXPLICIT=))添加到用户接口实现(在我的例子中,我使用的是用户类),这将告诉Doctrine不要检查所有与作业对象“连接”的对象
在这种情况下,原则将不会检查用户对象并使用已擦除的密码保存它,除非您将通过手动调用#persist(用户对象)强制它这样做
但是无论如何,您不应该在橡皮擦credentials()方法中执行$this->password=null。2 kosaidpo
您的解决方案之所以有效,是因为在序列化用户对象或将其保存到数据库(这是手册所说的)时,橡皮擦凭据()方法用于清除用户敏感数据(意思不是机密,而是可以恢复的数据,其意义类似)。因此,当您将用户附加到作业对象并调用#flush()时,doctrine将检查与作业连接的所有对象中的更改,并发现用户对象已更改,因为橡皮擦凭据()已擦除密码。这就是您的用户得到更新的原因
还有一个解决方案可以帮助您:
解决方案:
来自条令文件
简而言之,您可以将@ChangeTrackingPolicy(“DEFERRED_EXPLICIT”)注释(正如我所做的,因为我使用的是annotations.Captain EXPLICIT=))添加到用户接口实现(在我的例子中,我使用的是用户类),这将告诉Doctrine不要检查所有与作业对象“连接”的对象
在这种情况下,原则将不会检查用户对象并使用已擦除的密码保存它,除非您将通过手动调用#persist(用户对象)强制它这样做
但是无论如何,您不应该在橡皮擦凭据()方法中执行$this->password=null。是的,密码不在用户对象中,但我不明白为什么用户对象会被更新,即使它不是所有者方加上它唯一的单向关系;]你的解决方法和我的一样(我试过了),因为最终我得到了一个没有密码的用户对象,这真的应该有效,但既然没有,我就胡乱猜测一下。首先,确保先前尝试覆盖/清空的用户对象现在包含非空密码?请尝试打印检索到的用户对象中密码字段的内容。其次,我建议通过调用logout
route或从浏览器中删除会话id并再次登录来注销应用程序……所有这些都不起作用;[我肯定很多人在很多应用程序中都有和我一样的东西。你可以用Job
实体和JobType
表单代码更新你的问题吗?我肯定我们忽略了一些东西……我刚刚添加了日志文件,上面写着密码已更新;]是的,密码不在用户对象中,但我不明白为什么用户对象会被更新,即使它不是所有者端加上它唯一的单向关系;]你的解决方法和我的一样(我试过了),因为最终我得到了一个没有密码的用户对象,这真的应该有效,但既然没有,我就胡乱猜测一下。首先,确保先前尝试覆盖/清空的用户对象现在包含非空密码?请尝试打印检索到的用户对象中密码字段的内容。其次,我建议通过调用logout
route或从浏览器中删除会话id并再次登录来注销应用程序……所有这些都不起作用;[我肯定很多人在很多应用程序中都有和我一样的东西。你可以用Job
实体和JobType
表单代码更新你的问题吗?我肯定我们忽略了一些东西……我刚刚添加了日志文件,上面写着密码已更新;]很好的发现:)我从没想过
namespace My\JobBundle\Entity;
use Doctrine\ORM\Mapping as ORM;
use My\UserBundle\Entity\User ;
use Symfony\Component\Validator\Constraints as Assert;
/**
* My\JobBundle\Entity\Job
*
* @ORM\Table()
* @ORM\Entity(repositoryClass="My\JobBundle\Entity\JobRepository")
*/
class Job
{
/**
* @var integer $id
*
* @ORM\Column(name="id", type="integer")
* @ORM\Id
* @ORM\GeneratedValue(strategy="AUTO")
*/
private $id;
/**
* @var string $title
*
*
* @ORM\Column(name="title", type="string", length=255)
*/
private $title;
/**
* @var string $content
*
*
* @ORM\Column(name="content", type="text")
*/
private $content;
/**
* @var string $city
*
* @ORM\Column(name="city", type="string", length=255)
*
*/
private $city;
/**
* @var datetime $created_at
*
* @ORM\Column(name="created_at", type="datetime")
*/
private $created_at;
/**
* @var string $salary
*
* @ORM\Column(name="salary", type="string", length=255)
*
*
*/
private $salary;
/**
* @ORM\ManyToOne(targetEntity="My\UserBundle\Entity\User")
*/
private $announcer ;
/**
* link a job to a user
*/
public function setAnnouncer(User $a)
{
$this->announcer = $a;
}
/**
* return a user from a job object
*/
public function getAnnouncer()
{
return $this->announcer;
}
/**
* Get id
*
* @return integer
*/
public function getId()
{
return $this->id;
}
/**
* Set title
*
* @param string $title
*/
public function setTitle($title)
{
$this->title = $title;
}
/**
* Get title
*
* @return string
*/
public function getTitle()
{
return $this->title;
}
/**
* Set content
*
* @param string $content
*/
public function setContent($content)
{
$this->content = $content;
}
/**
* Get content
*
* @return string
*/
public function getContent()
{
return $this->content;
}
/**
* Set created_at
*
* @param datetime $createdAt
*/
public function setCreatedAt($createdAt)
{
$this->created_at = $createdAt;
}
/**
* Get created_at
*
* @return datetime
*/
public function getCreatedAt()
{
return $this->created_at;
}
/**
* Set salary
*
* @param string $salary
*/
public function setSalary($salary)
{
$this->salary = $salary;
}
/**
* Get salary
*
* @return string
*/
public function getSalary()
{
return $this->salary;
}
public function setCity($c)
{
$this->city = $c;
}
public function getCity()
{
return $this->city ;
}
public function __construct(){
$this->created_at = new \DateTime() ;
}