Skip to content

Commit ecab04c

Browse files
fabpotfabpot
committed
merged branch Tobion/formexception (PR #5337)
Commits ------- eb2eba1 [Form] don't allow users to force exceptions by submitting unexpected data Discussion ---------- [Form] don't allow users to force exceptions by submitting unexpected data fix #5334 This makes it more fault-tolerant by simply ignoring wrong stuff from hackers. @bschussek: I didn't find any other UnexpectedTypeExceptions that could be invoked by simply submitting unexpected data. But I'm not 100% sure that there aren't any indirectly invokeable, e.g. in some listeners. --------------------------------------------------------------------------- by stof at 2012-08-24T22:34:52Z a test is missing for this. --------------------------------------------------------------------------- by Tobion at 2012-08-24T23:02:26Z @stof true, I will add one --------------------------------------------------------------------------- by Tobion at 2012-08-25T13:51:23Z Added test. --------------------------------------------------------------------------- by bschussek at 2012-08-29T11:07:37Z :+1: Could you please squash the commits? --------------------------------------------------------------------------- by Tobion at 2012-08-29T13:43:52Z Done.
2 parents e49fd8f + eb2eba1 commit ecab04c

File tree

2 files changed

+19
-5
lines changed

2 files changed

+19
-5
lines changed

src/Symfony/Component/Form/Form.php

Lines changed: 0 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -13,7 +13,6 @@
1313

1414
use Symfony\Component\Form\Exception\FormException;
1515
use Symfony\Component\Form\Exception\AlreadyBoundException;
16-
use Symfony\Component\Form\Exception\UnexpectedTypeException;
1716
use Symfony\Component\Form\Exception\TransformationFailedException;
1817
use Symfony\Component\Form\Util\FormUtil;
1918
use Symfony\Component\Form\Util\PropertyPath;
@@ -533,10 +532,6 @@ public function bind($submittedData)
533532
// (think of empty collection forms)
534533
if ($this->config->getCompound()) {
535534
if (!is_array($submittedData)) {
536-
if (!FormUtil::isEmpty($submittedData)) {
537-
throw new UnexpectedTypeException($submittedData, 'array');
538-
}
539-
540535
$submittedData = array();
541536
}
542537

src/Symfony/Component/Form/Tests/SimpleFormTest.php

Lines changed: 19 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -779,6 +779,25 @@ public function testSetDataCannotInvokeItself()
779779
$form->setData('foo');
780780
}
781781

782+
public function testBindingWrongDataIsIgnored()
783+
{
784+
$test = $this;
785+
786+
$child = $this->getBuilder('child', $this->dispatcher);
787+
$child->addEventListener(FormEvents::PRE_BIND, function (FormEvent $event) use ($test) {
788+
// child form doesn't receive the wrong data that is bound on parent
789+
$test->assertNull($event->getData());
790+
});
791+
792+
$parent = $this->getBuilder('parent', new EventDispatcher())
793+
->setCompound(true)
794+
->setDataMapper($this->getDataMapper())
795+
->add($child)
796+
->getForm();
797+
798+
$parent->bind('not-an-array');
799+
}
800+
782801
protected function createForm()
783802
{
784803
return $this->getBuilder()->getForm();

0 commit comments

Comments
 (0)