1. 首頁
  2. 問答
  3. Zend框架CSRF會議問題

Zend框架CSRF會議問題

2011-08-14 45 views
0

我的代碼工作正常,突然當我試圖將cssrf元素添加到窗體這樣的:Zend框架CSRF會議問題

$this->addElement('hash', 'csrf', 'Category' . time());

以下錯誤發生

Fatal error: Cannot return string offsets by reference in /usr/share/Zend/library/Zend/Session/Abstract.php on line 160 Stack trace: 1. {main}() /Users/myname/Sites/Zend_Projects/myproject/public/index.php:0 2. Zend_Application->run() /Users/myname/Sites/Zend_Projects/myproject/public/index.php:26 3. Zend_Application_Bootstrap_Bootstrap->run() /usr/share/Zend/library/Zend/Application.php:366 4. Zend_Controller_Front->dispatch() /usr/share/Zend/library/Zend/Application/Bootstrap/Bootstrap.php:97 5. Zend_Controller_Dispatcher_Standard->dispatch() /usr/share/Zend/library/Zend/Controller/Front.php:954 6. Zend_Controller_Action->dispatch() /usr/share/Zend/library/Zend/Controller/Dispatcher/Standard.php:295 7. Effigy_MaestroController->editAction() /usr/share/Zend/library/Zend/Controller/Action.php:513 8. Zend_Form->__construct() /Users/myname/Sites/Zend_Projects/myproject/application/modules/effigy/controllers/MaestroController.php:109 9. Application_Form_Extendible_Category->init() /usr/share/Zend/library/Zend/Form.php:240 10. Zend_Form->addElement() /Users/myname/Sites/Zend_Projects/myproject/application/forms/Extendible/Category.php:100 11. Zend_Form->createElement() /usr/share/Zend/library/Zend/Form.php:1040 12. Zend_Form_Element_Hash->__construct() /usr/share/Zend/library/Zend/Form.php:1112 13. Zend_Form_Element_Hash->initCsrfValidator() /usr/share/Zend/library/Zend/Form/Element/Hash.php:83 14. Zend_Session_Namespace->__get() /usr/share/Zend/library/Zend/Session/Namespace.php:0 15. Zend_Session_Abstract::_namespaceGet() /usr/share/Zend/library/Zend/Session/Namespace.php:287

爲什麼會發生這種情況,可以做些什麼呢?

來源

2011-08-14 Yasser1984

+0

關於ZF和CSRF的好文章http://plutov.by/post/zf_csrf – pltvs

回答

0

quick start的評論我覺得你也使用一個模塊,並進入相同的問題。引用它以供快速參考。

But if you put the same same code in a module, it tries to create the session file iin the directory APPLICATION_PATH "/../data/session" which doesn't exist by default so an exception is raised.

$this->addElement('hash', 'csrf', array(
    'ignore' => true, 
));

而且我覺得你可以使用這個插件http://codeutopia.net/blog/2008/10/16/how-to-csrf-protect-all-your-forms/

它能做什麼?

ZF控制器插件,它會自動保護您的所有表單 - 整潔,呵呵?

來源

2011-08-14 14:50:10

相關問題

 相關問題