我正在开发一个Symfony应用程序,其中我有一个控制器方法来更新用户的密码。然而,我似乎在代码中犯了一个错误,我很难弄清楚这个问题。
在我的userPasswordEdit方法中,我使用一个Symfony表单来处理密码更新。该方法检查表单是否已提交且有效,然后继续更新用户的密码。然而,我意识到我忘记了包括密码验证的条件,这意味着无论重复的密码是否与原始密码匹配,都会发生更新。
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Instructeur + leerling controller
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
#[Route('/profile/password', name: 'edit_password')]
public function userPasswordEdit(EntityManagerInterface $entityManager, Request $request, UserPasswordHasherInterface $passwordHasher): Response
{
// Code to retrieve the user and handle the form submission
if ($form->isSubmitted() && $form->isValid()) {
// Code to hash and update the password
// Intentional error: Missing condition for password validation
$entityManager->persist($user);
$entityManager->flush();
// Code to add a flash message and redirect
}
}
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
#[Route('/profile/edit', name: 'edit_profile')]
public function userProfileEdit(EntityManagerInterface $entityManager, Request $request, UserPasswordHasherInterface $passwordHasher): Response
{
$user = $this->getUser();
$form = $this->createForm(EditProfileType::class, $user);
$form->handleRequest($request);
if ($form->isSubmitted() && $form->isValid()){
$user->setName($form->get('name')->getData());
$user->setEmail($form->get('email')->getData());
$user->setTel($form->get('tel')->getData());
$entityManager->persist($user);
$entityManager->flush();
$this->addFlash('success', 'Profiel is succesvol aangepast!');
return $this->redirectToRoute('user_profile');
}
return $this->render('user/edit_profile.html.twig', [
'user' => $user, 'profile_form' => $form->createView()
]);
}
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
#[Route('/menu/delete/{id}', name: 'delete_item')]
public function delete_item($id, MenuRepository $menuRepository, EntityManagerInterface $entityManager): Response
{
$menu_item = $menuRepository->find($id);
$entityManager->remove($menu_item);
$entityManager->flush();
$this->addFlash('success', $menu_item->getName() .' is succesvol verwijderd van het menu!');
return $this->redirectToRoute('admin_menu');
--------------------------------------------------------------------------------------------------------------------------
TWIG:
<td><a href="{{ path('admin_order', {id: order.id}) }}"> Order number: {{ order.id }}</a></td>
1条答案
按热度按时间23c0lvtd1#
缺少密码验证条件。要在
userPasswordEdit方法中添加密码验证缺失的条件,需要在更新之前将重复的密码与原始密码进行比较。下面是您可以修改代码以包含验证检查的方法:
讲师+管理员
TWIG: