Can't use CSRF on standalone forms in ProcessWire
BernhardBaumrock opened this issue · comments
Hi everybody!
Version: 3.0.0
Bug Description
I want to use Nette Forms with ProcessWire and get the following error as soon as I add $form->addProtection('Security token has expired, please submit the form again');
to the form:
User Error
Exception: Unable to set 'session.use_strict_mode' to value '1' when session has been started by session.auto_start or session_start(). (in C:\www\maletschek\site\modules\RockCommerce\vendor\nette\http\src\Http\Session.php line 386)
#0 C:\www\maletschek\site\modules\RockCommerce\vendor\nette\http\src\Http\Session.php(80): Nette\Http\Session->configure(Array)
#1 C:\www\maletschek\site\modules\RockCommerce\vendor\nette\http\src\Http\SessionSection.php(51): Nette\Http\Session->start()
#2 C:\www\maletschek\site\modules\RockCommerce\vendor\nette\http\src\Http\SessionSection.php(103): Nette\Http\SessionSection->start()
#3 C:\www\maletschek\site\modules\RockCommerce\vendor\nette\forms\src\Forms\Controls\CsrfProtection.php(67): Nette\Http\SessionSection->__isset('token')
#4 C:\www\maletschek\site\modules\RockCommerce\vendor\nette\forms\src\Forms\Controls\CsrfProtection.php(79): Nette\Forms\Controls\CsrfProtection->getToken()
#5 C:\www\maletschek\site\modules\RockCommerce\vendor\nette\forms\src\Forms\Controls\CsrfProtection.php(88): Nette\Forms\Controls\CsrfProtection->generateToken()
#6 C:\www\maletschek\site\modules\RockCommerce\vendor\nette\forms\src\Forms\Rendering\DefaultFormRenderer.php(197): Nette\Forms\Controls\CsrfProtection->getControl()
#7 C:\www\maletschek\site\modules\RockCommerce\vendor\nette\forms\src\Forms\Rendering\DefaultFormRenderer.php(151): Nette\Forms\Rendering\DefaultFormRenderer->renderEnd()
#8 C:\www\maletschek\site\modules\RockCommerce\vendor\nette\forms\src\Forms\Form.php(607): Nette\Forms\Rendering\DefaultFormRenderer->render(Object(Nette\Forms\Form))
#9 C:\www\maletschek\site\modules\RockCommerce\tpl\uikit2\contact.php(19): Nette\Forms\Form->render()
#10 C:\www\maletschek\wire\core\TemplateFile.php(287): require('C:\\www\\maletsch...')
#11 C:\www\maletschek\wire\core\Wire.php(380): ProcessWire\TemplateFile->___render()
#12 C:\www\maletschek\wire\core\WireHooks.php(723): ProcessWire\Wire->_callMethod('___render', Array)
#13 C:\www\maletschek\wire\core\Wire.php(442): ProcessWire\WireHooks->runHooks(Object(ProcessWire\TemplateFile), 'render', Array)
#14 C:\www\maletschek\wire\core\WireFileTools.php(926): ProcessWire\Wire->__call('render', Array)
Steps To Reproduce
Maybe the error message is already enough to fix this? Otherwise I'll provide a PW installation to show the error.
Thx in advance!
Can you enable session.use_strict_mode = 1
in PHP config? Or set it via ini_set('session.use_strict_mode', '1')
at the beginning of the whole script?
Yes, thank you, but then I get
Exception: Unable to set 'session.gc_maxlifetime' to value '10800' when session has been started by session.auto_start or session_start(). (in C:\www\maletschek\site\modules\RockCommerce\vendor\nette\http\src\Http\Session.php line 386)
Thank you very much, this was very fast! And it works 👍