0

I have several times experienced an awkward, inconsistent and annoying behaviour in Symfony 2 forms validation. Without any reason, all forms sometimes all fail to validate (on call of $form->isValid() after $form->handleRequest($this->getRequest());). So far I have seen it only in prod environment.

What makes me say it is awkward and inconsistent is that it often work just fine, but sometimes don't. The only way I have found to make it work again is to clear the cache or to simply wait.

I have tried to debug the forms when it fails, but I haven't been able to get any error from the form (empty $form->getErrors(), empty $form->getErrors(true), no errors in $form->getErrorsAsString()).

Do you have any idea of what could be the reason of this problem? Could it be because of the CSRF token? The thing is that I haven't activated the use of the token and didn't manually put it in the forms. But even when I tried to add form_rest in the view when having the issue I still had the issue.

I really worry because it is unpredictable and it has a massive impact. I can't reproduce it at will and I don't know for how long the "fix" will work. Clearing the cache sometimes work only for a single form submit. Today, it started working again while I was printing various var_dump, meaning without having changed anything. The code itself works, it can't be an issue with the model/entity because a same form can either fail or work.

Sylver
  • 11
  • 1
  • I guess the problem comes indeed from the token. I had a similar problem once, and adding {{ my_form(form._token) }} before the closing form tag fixed it. Have you tried it ? – Simon Duflos Aug 18 '15 at 08:41
  • Well, I tried to put `form_rest` (as mentioned in the post) which should add the token if it is in the form, I haven't tried to put the token manually like this. Is the token present in all forms by default without any cfg? Why would it be so inconsistent then, why would it often pass the test and sometimes not? – Sylver Aug 18 '15 at 09:25
  • I don't know if the token is present by default. Did you set 'csrf_protection' to false in your AbstractType ? Like this http://stackoverflow.com/a/9889044/4098335 This way, you won't have to worry about adding manually the token. – Simon Duflos Aug 18 '15 at 09:29
  • Next time the problem happens I'll try to manually disable it. But I just read again the Forms documentation and it says that using `form_end()` (which I do) automatically adds the token in the form ([doc](http://symfony.com/doc/current/book/forms.html#csrf-protection)). So if it is implemented correctly, tokens shouldn't be the problem. – Sylver Aug 18 '15 at 10:25
  • This is some kind of "worst case scenario", but couldn't you delete the isValid() part, and do some "manual" validation in your controller ? This is clearly a pain, but it would assure you to always have the expected behavior. – Simon Duflos Aug 18 '15 at 10:28
  • It's not possible because the problem is on almost ALL forms of the website. Re-implementing all validations would be a lot of work for something less efficient. – Sylver Aug 18 '15 at 12:01

0 Answers0