diff --git a/core/lib/Thelia/Action/Cart.php b/core/lib/Thelia/Action/Cart.php index 61629bde8..8634feabb 100755 --- a/core/lib/Thelia/Action/Cart.php +++ b/core/lib/Thelia/Action/Cart.php @@ -23,10 +23,12 @@ namespace Thelia\Action; +use Symfony\Component\Config\Definition\Exception\Exception; use Symfony\Component\HttpFoundation\Request; use Symfony\Component\EventDispatcher\EventSubscriberInterface; use Thelia\Core\Event\ActionEvent; use Thelia\Core\HttpFoundation\Session\Session; +use Thelia\Form\CartAdd; use Thelia\Model\CartQuery; use Thelia\Model\Cart as CartModel; use Thelia\Model\Customer; @@ -42,9 +44,33 @@ class Cart implements EventSubscriberInterface */ public function addArticle(ActionEvent $event) { + $request = $event->getRequest(); + if ($request->isMethod("post")) { + $cartAdd = new CartAdd($request); + } else { + $cartAdd = new CartAdd( + $request, + "form", + array(), + array( + 'csrf_protection' => false, + ) + ); + } + + $form = $cartAdd->getForm(); + + $form->bind($request); + + if($form->isValid()) { + + } else { + var_dump($form->createView()); + } } + /** * * Delete specify article present into cart diff --git a/core/lib/Thelia/Config/Resources/action.xml b/core/lib/Thelia/Config/Resources/action.xml index 0b2304704..0816f9958 100755 --- a/core/lib/Thelia/Config/Resources/action.xml +++ b/core/lib/Thelia/Config/Resources/action.xml @@ -6,9 +6,7 @@ - Thelia\Core\Event\CartEvent - Thelia\Core\Event\CartEvent - Thelia\Core\Event\CartEvent + diff --git a/core/lib/Thelia/Form/BaseForm.php b/core/lib/Thelia/Form/BaseForm.php index 81864121e..96807c449 100755 --- a/core/lib/Thelia/Form/BaseForm.php +++ b/core/lib/Thelia/Form/BaseForm.php @@ -66,19 +66,22 @@ abstract class BaseForm { $options["attr"]["thelia_name"] = $this->getName(); } - $this->formBuilder = Forms::createFormFactoryBuilder() - ->addExtension(new HttpFoundationExtension()) - ->addExtension( + $builder = Forms::createFormFactoryBuilder() + ->addExtension(new HttpFoundationExtension()); + if(!isset($options["csrf_protection"]) || $options["csrf_protection"] !== false) { + $builder->addExtension( new CsrfExtension( new SessionCsrfProvider( $request->getSession(), isset($options["secret"]) ? $options["secret"] : ConfigQuery::read("form.secret", md5(__DIR__)) ) ) - ) + ); + } + $this->formBuilder = $builder ->addExtension(new ValidatorExtension($validator)) ->getFormFactory() - ->createNamedBuilder($this->getName(), $type, $data, $options); + ->createNamedBuilder($this->getName(), $type, $data, $this->cleanOptions($options)); ; $this->buildForm(); @@ -91,6 +94,13 @@ abstract class BaseForm { $this->form = $this->formBuilder->getForm(); } + protected function cleanOptions($options) + { + unset($options["csrf_protection"]); + + return $options; + } + /** * Returns the absolute URL to redirect the user to if the form is successfully processed. * diff --git a/core/lib/Thelia/Form/CartAdd.php b/core/lib/Thelia/Form/CartAdd.php index 299104007..33375ac51 100644 --- a/core/lib/Thelia/Form/CartAdd.php +++ b/core/lib/Thelia/Form/CartAdd.php @@ -79,7 +79,9 @@ class CartAdd extends BaseForm new Constraints\Callback(array( "methods" => array($this, "checkStock") )), - new Constraints\GreaterThanOrEqual(0) + new Constraints\GreaterThanOrEqual(array( + "value" => 0 + )) ) )) ->add("append", "hidden") diff --git a/core/lib/Thelia/Tests/Form/CartAddTest.php b/core/lib/Thelia/Tests/Form/CartAddTest.php new file mode 100644 index 000000000..d584c45d3 --- /dev/null +++ b/core/lib/Thelia/Tests/Form/CartAddTest.php @@ -0,0 +1,33 @@ +. */ +/* */ +/*************************************************************************************/ +namespace Thelia\Tests\Form; + + +class CartAddTest extends \PHPUnit_Framework_TestCase +{ + + public function testSimpleAddingToCart() + { + + } +} \ No newline at end of file