You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
). That is solvable by using 'empty_data' => '' option on the password field since Symfony 3.1 (symfony/symfony#5906 (comment))
So to sum up: fields using UserPassword constraint should set 'empty_data' => '' option to prevent php warning (which is converted into exception in our dev env).
Symfony FOSUserBundle versions: 2.0.0, master
Description of the problem including expected versus actual behavior:
Submitting forms with empty confirmation password emits warning on this line: https://github.com/symfony/symfony/blob/8701cae777d77b182e120877332a0a050afb2bd5/src/Symfony/Component/Security/Core/Encoder/BasePasswordEncoder.php#L84 (https://secure.php.net/manual/en/function.hash-equals.php) because passed password is
nullinstead ofstring. That happens because of UserPassword constraint, which expects value to be string (FOSUserBundle/Form/Type/ProfileFormType.php
Line 54 in 730a8a5
'empty_data' => ''option on the password field since Symfony 3.1 (symfony/symfony#5906 (comment))So to sum up: fields using
UserPasswordconstraint should set'empty_data' => ''option to prevent php warning (which is converted into exception in our dev env).Steps to reproduce:
current_passwordfield (https://github.com/FriendsOfSymfony/FOSUserBundle/blob/master/Tests/Form/Type/ProfileFormTypeTest.php#L29)Provide logs (if relevant):
Warning: hash_equals(): Expected user_string to be a string, null given
should I send pr with the empty_data option set? (on symfony <3.1 behaviour will stay the same and >=3.1 won't emit the warning.)
The text was updated successfully, but these errors were encountered: