I originally opened this item in the crud repository but have tracked it down to crud-view. The edit method always results in "Invalid CSRF token" when editing a record.
I did a fresh install of cake 3, added crud, crud-view, bootstrap-ui, and search. Added only the required config.
CREATE TABLE `blog_entries` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`featured` tinyint(1) NOT NULL,
`title` varchar(255) NOT NULL,
`content` text NOT NULL,
`created` datetime NOT NULL,
`updated` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
PRIMARY KEY (`id`)
) ENGINE=InnoDB AUTO_INCREMENT=5 DEFAULT CHARSET=utf8
<?php
namespace App\Controller;
use Cake\Controller\Controller;
class AppController extends Controller
{
use \Crud\Controller\ControllerTrait;
public $viewClass = 'CrudView\View\CrudView';
public $components = [
'Csrf',
'Search.Prg',
'Crud.Crud' => [
'actions' => [
'Crud.Index',
'Crud.Add',
'Crud.Edit',
'Crud.View',
'Crud.Delete'
],
'listeners' => [
'Crud.RelatedModels',
'Crud.Redirect',
'CrudView.View',
'CrudView.Search',
]
]
];
public function initialize()
{
parent::initialize();
$this->loadComponent('Flash');
}
}
<?php
namespace App\Controller;
use App\Model\Entity\Users;
use Cake\Event\Event;
class BlogEntriesController extends AppController {
public $paginate = ['limit' => 20];
public function beforeFilter(Event $event) {
return parent::beforeFilter($event);
}
public function index() {
return $this->Crud->execute();
}
public function add() {
return $this->Crud->execute();
}
public function edit($id) {
return $this->Crud->execute();
}
}
<?php
namespace App\Model\Table;
use Cake\ORM\Table;
use Cake\Validation\Validator;
use App\Model\Table\Entity;
class BlogEntriesTable extends Table
{
public function initialize(array $config)
{
$this->addBehavior('Search.Search');
$this->addBehavior('Timestamp', [
'events' => [
'Model.beforeSave' => [
'created' => 'new',
]
]
]);
parent::initialize($config);
}
public function validationDefault(Validator $validator)
{
$validator->provider('validation', 'Cake\Validation\Validation');
return $validator
->add('title', [
'minLength' => [
'rule' => ['minLength', 10],
'last' => true,
'message' => '10 character minimum'
],
'maxLength' => [
'rule' => ['maxLength', 255],
'message' => 'Title is too long, 255 character max'
]
])
->add('content', [
'minLength' => [
'rule' => ['minLength', 10],
'last' => true,
'message' => '10 character minimum'
],
'maxLength' => [
'rule' => ['maxLength', 5000],
'message' => 'Content is too long, 5000 character max'
]
])
->add('user_id', 'naturalNumber', [
'rule' => 'naturalNumber',
'provider' => 'validation'
])
->add('blog_category_id', 'naturalNumber', [
'rule' => 'naturalNumber',
'provider' => 'validation'
]);
}
}
Plugin::load('Search');
Plugin::load('Crud');
Plugin::load('CrudView');
Plugin::load('BootstrapUI');
I can browse to /blog_entries and add a record, no problem. Now edit the record and you'll see "Invalid CSRF token". I've also noticed that the generated token in the form is identical on every request. If anyone sees anything obviously wrong with what I've done above I'd appreciate the help. I'll try and continue to debug this in the meantime.