本文整理汇总了PHP中Drupal\Core\Form\FormStateInterface::hasInvalidToken方法的典型用法代码示例。如果您正苦于以下问题:PHP FormStateInterface::hasInvalidToken方法的具体用法?PHP FormStateInterface::hasInvalidToken怎么用?PHP FormStateInterface::hasInvalidToken使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类Drupal\Core\Form\FormStateInterface的用法示例。
在下文中一共展示了FormStateInterface::hasInvalidToken方法的5个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: handleInputElement
/**
* Adds the #name and #value properties of an input element before rendering.
*/
protected function handleInputElement($form_id, &$element, FormStateInterface &$form_state)
{
if (!isset($element['#name'])) {
$name = array_shift($element['#parents']);
$element['#name'] = $name;
if ($element['#type'] == 'file') {
// To make it easier to handle files in file.inc, we place all
// file fields in the 'files' array. Also, we do not support
// nested file names.
// @todo Remove this files prefix now?
$element['#name'] = 'files[' . $element['#name'] . ']';
} elseif (count($element['#parents'])) {
$element['#name'] .= '[' . implode('][', $element['#parents']) . ']';
}
array_unshift($element['#parents'], $name);
}
// Setting #disabled to TRUE results in user input being ignored regardless
// of how the element is themed or whether JavaScript is used to change the
// control's attributes. However, it's good UI to let the user know that
// input is not wanted for the control. HTML supports two attributes for:
// this: http://www.w3.org/TR/html401/interact/forms.html#h-17.12. If a form
// wants to start a control off with one of these attributes for UI
// purposes, only, but still allow input to be processed if it's submitted,
// it can set the desired attribute in #attributes directly rather than
// using #disabled. However, developers should think carefully about the
// accessibility implications of doing so: if the form expects input to be
// enterable under some condition triggered by JavaScript, how would someone
// who has JavaScript disabled trigger that condition? Instead, developers
// should consider whether a multi-step form would be more appropriate
// (#disabled can be changed from step to step). If one still decides to use
// JavaScript to affect when a control is enabled, then it is best for
// accessibility for the control to be enabled in the HTML, and disabled by
// JavaScript on document ready.
if (!empty($element['#disabled'])) {
if (!empty($element['#allow_focus'])) {
$element['#attributes']['readonly'] = 'readonly';
} else {
$element['#attributes']['disabled'] = 'disabled';
}
}
// With JavaScript or other easy hacking, input can be submitted even for
// elements with #access=FALSE or #disabled=TRUE. For security, these must
// not be processed. Forms that set #disabled=TRUE on an element do not
// expect input for the element, and even forms submitted with
// self::submitForm() must not be able to get around this. Forms that set
// #access=FALSE on an element usually allow access for some users, so forms
// submitted with self::submitForm() may bypass access restriction and be
// treated as high-privilege users instead.
$process_input = empty($element['#disabled']) && ($form_state->isProgrammed() && $form_state->isBypassingProgrammedAccessChecks() || $form_state->isProcessingInput() && (!isset($element['#access']) || $element['#access']));
// Set the element's #value property.
if (!isset($element['#value']) && !array_key_exists('#value', $element)) {
// @todo Once all elements are converted to plugins in
// https://www.drupal.org/node/2311393, rely on
// $element['#value_callback'] directly.
$value_callable = !empty($element['#value_callback']) ? $element['#value_callback'] : 'form_type_' . $element['#type'] . '_value';
if (!is_callable($value_callable)) {
$value_callable = '\\Drupal\\Core\\Render\\Element\\FormElement::valueCallback';
}
if ($process_input) {
// Get the input for the current element. NULL values in the input need
// to be explicitly distinguished from missing input. (see below)
$input_exists = NULL;
$input = NestedArray::getValue($form_state->getUserInput(), $element['#parents'], $input_exists);
// For browser-submitted forms, the submitted values do not contain
// values for certain elements (empty multiple select, unchecked
// checkbox). During initial form processing, we add explicit NULL
// values for such elements in FormState::$input. When rebuilding the
// form, we can distinguish elements having NULL input from elements
// that were not part of the initially submitted form and can therefore
// use default values for the latter, if required. Programmatically
// submitted forms can submit explicit NULL values when calling
// self::submitForm() so we do not modify FormState::$input for them.
if (!$input_exists && !$form_state->isRebuilding() && !$form_state->isProgrammed()) {
// Add the necessary parent keys to FormState::$input and sets the
// element's input value to NULL.
NestedArray::setValue($form_state->getUserInput(), $element['#parents'], NULL);
$input_exists = TRUE;
}
// If we have input for the current element, assign it to the #value
// property, optionally filtered through $value_callback.
if ($input_exists) {
// Skip all value callbacks except safe ones like text if the CSRF
// token was invalid.
if (!$form_state->hasInvalidToken() || $this->valueCallableIsSafe($value_callable)) {
$element['#value'] = call_user_func_array($value_callable, array(&$element, $input, &$form_state));
} else {
$input = NULL;
}
if (!isset($element['#value']) && isset($input)) {
$element['#value'] = $input;
}
}
// Mark all posted values for validation.
if (isset($element['#value']) || !empty($element['#required'])) {
$element['#needs_validation'] = TRUE;
}
}
//.........这里部分代码省略.........
示例2: hasInvalidToken
/**
* {@inheritdoc}
*/
public function hasInvalidToken()
{
return $this->mainFormState->hasInvalidToken();
}示例3: hasInvalidToken
/**
* {@inheritdoc}
*/
public function hasInvalidToken()
{
return $this->decoratedFormState->hasInvalidToken();
}示例4: validateForm
/**
* {@inheritdoc}
*/
public function validateForm($form_id, &$form, FormStateInterface &$form_state)
{
// If this form is flagged to always validate, ensure that previous runs of
// validation are ignored.
if ($form_state->isValidationEnforced()) {
$form_state->setValidationComplete(FALSE);
}
// If this form has completed validation, do not validate again.
if ($form_state->isValidationComplete()) {
return;
}
// If the session token was set by self::prepareForm(), ensure that it
// matches the current user's session. This is duplicate to code in
// FormBuilder::doBuildForm() but left to protect any custom form handling
// code.
if (isset($form['#token'])) {
if (!$this->csrfToken->validate($form_state->getValue('form_token'), $form['#token']) || $form_state->hasInvalidToken()) {
$this->setInvalidTokenError($form_state);
// Stop here and don't run any further validation handlers, because they
// could invoke non-safe operations which opens the door for CSRF
// vulnerabilities.
$this->finalizeValidation($form, $form_state, $form_id);
return;
}
}
// Recursively validate each form element.
$this->doValidateForm($form, $form_state, $form_id);
$this->finalizeValidation($form, $form_state, $form_id);
$this->handleErrorsWithLimitedValidation($form, $form_state, $form_id);
}示例5: testHasInvalidToken
/**
* @covers ::hasInvalidToken
*
* @dataProvider providerSingleBooleanArgument
*
* @param bool $expected
*/
public function testHasInvalidToken($expected)
{
$this->decoratedFormState->hasInvalidToken()->willReturn($expected)->shouldBeCalled();
$this->assertSame($expected, $this->formStateDecoratorBase->hasInvalidToken());
}