vendor/dachcom-digital/formbuilder/src/FormBuilderBundle/Form/Type/DynamicFormType.php line 18

Open in your IDE?
  1. <?php
  3. namespace FormBuilderBundle\Form\Type;
  5. use FormBuilderBundle\Configuration\Configuration;
  6. use FormBuilderBundle\Form\Data\FormData;
  7. use Symfony\Component\Form\AbstractType;
  8. use Symfony\Component\Form\CallbackTransformer;
  9. use Symfony\Component\Form\Extension\Core\Type\HiddenType;
  10. use Symfony\Component\Form\FormBuilderInterface;
  11. use Symfony\Component\Form\FormError;
  12. use Symfony\Component\Form\FormEvent;
  13. use Symfony\Component\Form\FormEvents;
  14. use Symfony\Component\OptionsResolver\OptionsResolver;
  15. use Symfony\Component\Security\Csrf\CsrfToken;
  16. use Symfony\Component\Security\Csrf\CsrfTokenManagerInterface;
  18. class DynamicFormType extends AbstractType
  19. {
  20.     public const EMPTY_RUNTIME_DATA_KEY 'no-runtime-data';
  21.     protected CsrfTokenManagerInterface $defaultTokenManager;
  22.     protected Configuration $configuration;
  24.     public function __construct(
  25.         CsrfTokenManagerInterface $defaultTokenManager,
  26.         Configuration $configuration
  27.     ) {
  28.         $this->defaultTokenManager $defaultTokenManager;
  29.         $this->configuration $configuration;
  30.     }
  32.     public function buildForm(FormBuilderInterface $builder, array $options): void
  33.     {
  34.         $addHoneypot $this->configuration->getConfigFlag('use_honeypot_field');
  35.         $spamProtectionConfig $this->configuration->getConfig('spam_protection');
  36.         $honeyPotConfig $spamProtectionConfig['honeypot'];
  38.         $builder
  39.             ->add('formId'HiddenType::class, [
  40.                 'mapped' => false,
  41.                 'data'   => $options['current_form_id'],
  42.             ])
  43.             ->add('formCl'HiddenType::class, [
  44.                 'mapped' => false,
  45.                 'data'   => $options['conditional_logic'] ?? null,
  46.             ]);
  48.         if ($addHoneypot === true) {
  49.             $builder->add($honeyPotConfig['field_name'], HoneypotType::class, ['mapped' => false]);
  50.         }
  52.         $this->addRuntimeData($builder$options);
  54.         $builder->get('formCl')->addModelTransformer(new CallbackTransformer(
  55.             function ($conditionalLogic) {
  56.                 return is_array($conditionalLogic) ? json_encode($conditionalLogic) : null;
  57.             },
  58.             function ($conditionalLogic) {
  59.                 return empty($conditionalLogic) ? null json_decode($conditionalLogictrue);
  60.             }
  61.         ));
  63.         $builder->get('formRuntimeData')->addModelTransformer(new CallbackTransformer(
  64.             function ($runtimeData) {
  65.                 return is_array($runtimeData) ? json_encode($runtimeData) : null;
  66.             },
  67.             function ($runtimeData) {
  68.                 return empty($runtimeData) ? null json_decode($runtimeDatatrue);
  69.             }
  70.         ));
  71.     }
  73.     protected function addRuntimeData(FormBuilderInterface $builder, array $options): void
  74.     {
  75.         $runtimeData $options['runtime_data'] ?? null;
  77.         if (isset($runtimeData['email'], $runtimeData['email']['_deprecated_note'])) {
  78.             unset($runtimeData['email']['_deprecated_note']);
  79.         }
  81.         $token is_array($runtimeData) ? md5(json_encode($runtimeData)) : md5(self::EMPTY_RUNTIME_DATA_KEY);
  83.         $builder
  84.             ->add('formRuntimeData'HiddenType::class, [
  85.                 'mapped' => false,
  86.                 'data'   => $runtimeData,
  87.             ]);
  89.         $builder
  90.             ->add('formRuntimeDataToken'HiddenType::class, [
  91.                 'mapped' => false,
  92.                 'data'   => (string) $this->defaultTokenManager->getToken($token),
  93.             ]);
  95.         $builder->addEventListener(FormEvents::PRE_SUBMIT, function (FormEvent $event) {
  96.             $data $event->getData();
  97.             $runtimeData $data['formRuntimeData'] ?? null;
  98.             $tokenValue $data['formRuntimeDataToken'] ?? null;
  100.             if (empty($runtimeData)) {
  101.                 $runtimeData self::EMPTY_RUNTIME_DATA_KEY;
  102.             }
  104.             $rtCsrfToken = new CsrfToken(md5($runtimeData), $tokenValue);
  105.             if ($tokenValue === null || !$this->defaultTokenManager->isTokenValid($rtCsrfToken)) {
  106.                 $event->getForm()->addError(new FormError('Manipulated runtime token detected.''', [], null$rtCsrfToken));
  107.             }
  108.         });
  109.     }
  111.     public function configureOptions(OptionsResolver $resolver): void
  112.     {
  113.         $resolver->setDefaults([
  114.             'current_form_id'    => 0,
  115.             'conditional_logic'  => [],
  116.             'runtime_data'       => [],
  117.             'allow_extra_fields' => true,
  118.             'csrf_protection'    => true,
  119.             'data_class'         => FormData::class
  120.         ]);
  121.     }
  122. }