Integrating Zend_Form_Elements_Hash should be easy enough - I've done it
on a test site running on my localhost and it works great. However,
when implementing it on a production server that uses a subdomain I
constantly get given the message "No token was provided to match against".
I'm implementing the Hash element in my form like this:
new Zend_Form_Element_Hash('xcsrf', array(
'salt' => __CLASS__ . '_XCSRF'
))
I thought it might be to do with the cookie domain path, as I'm on a
sub-domain which we'll call 'splash.example.co.uk', so in my boostrap I
call this method:
public function initSession()
{
$session = $this->config->session->toArray();
Zend_Session::setOptions($session);
Zend_Session::start();
return $this;
}
with my config session node looking like:
<session>
<name>SPLASH</name>
<cookie_domain>.example.co.uk</cookie_domain>
</session>
But no such luck!
What (probably really obvious) thing am I missing here? Any advice
would be really appreciated!
Thanks,
Andy
没有评论:
发表评论