symfony2 CSRF invalid

Question

Okay, so today I updated my database with new information from our 'live' database... And since then I've been having issues on one of my forms. If you need any code let me know and i'll edit this and post the code needed...

I have a report form which has a date range field and a drop down for an agent department. When I first visit the page I see this at the beginning of the form:

The CSRF token is invalid. Please try to resubmit the form

So I go over to one of my other forms that has the same type of information, and check the _token out and this is what comes out:

<input type="hidden" id="ecs_crmbundle_TimeClockReportType__token" name="ecs_crmbundle_TimeClockReportType[_token]" value="87e358fbc4d6d3e83601216b907a02170f7bcd92" />
<input type="hidden" id="ecs_crmbundle_SimpleSalesReportType__token" name="ecs_crmbundle_SimpleSalesReportType[_token]" value="87e358fbc4d6d3e83601216b907a02170f7bcd92" />

The first one is the one that shows the error, and the SimpleSalesReport does not... Any idea why this is doing this or how I can fix it?

Thanks..

Answer 1

There is no problem using {{ form_widget(form) }} to build your custom form. All you have to do is add the _token like this: {{ form_widget(form._token) }}

Answer 2

This error had me crazy for days! Thanks krishna! If in your form template you choose to not use the default form behavior {{ form_widget(form) }} you SHOULD put {{ form_rest(form) }} Hope this could help anyone else!

Answer 3

Are you by chance using $form->bindRequest() in the action which produces the CSRF error? I had this issue. You should not be binding the request for a new form. If you are posting the form to the same action, wrap the bindRequest in a conditional which checks if method is POST:

if ($this->getRequest()->getMethod() == 'POST') {
  $form->bindRequest($this->getRequest());
  if ($form->isValid()) {
    ...
  }
}