Why does Cakephp set _method to PUT instead of POST?

Asked

Viewed 264 times

5

I recently upgraded my Cakephp project to version 2.4.5.

Since then, some of my forms have been with the input hidden _method set to PUT automatically. The only way around this is by setting the 'type' => 'POST'.

However, this was not needed in the old days. I don’t know if I’m doing something wrong, or if it’s a BUG.

This is the form

  <?php echo $this->Form->create('User', array('url' => array('action' => 'new_password', $this->request->data['User']['forget_password'], 'admin' => false), 'autocomplete' => 'off')) ?>

    <?php echo $this->Form->hidden('User.id') ?>

    <fieldset>
      <label class="block clearfix">
        <span class="block input-icon input-icon-right">
          <?php echo $this->Form->password('User.password', array('label' => false, 'div' => false, 'class' => 'form-control', 'placeholder' => 'Digite a nova senha')) ?>
          <i class="icon-user"></i>
        </span>
      </label>

      <label class="block clearfix">
        <span class="block input-icon input-icon-right">
          <?php echo $this->Form->password('User.password_confirmation', array('label' => false, 'div' => false, 'class' => 'form-control', 'placeholder' => 'Digite novamente a nova senha')) ?>
          <i class="icon-user"></i>
        </span>
      </label>

      <div class="space"></div>

      <div class="clearfix">
        <?php echo $this->Form->button('<i class="icon-key"></i> '. __('Enviar'), array('class' => 'width-35 pull-right btn btn-sm btn-success', 'escape' => false)) ?>
      </div>

      <div class="space-4"></div>
    </fieldset>
  <?php echo $this->Form->end() ?>

And that’s the action:

/**
 * new_password method
 *
 * @access public
 * @param String $forget_password
 * @return void
 * @since 1.0 
 * @version 1.0 
 * @author Patrick Maciel
 */
public function new_password($forget_password)
{

  $user = $this->User->findByForgetPassword($forget_password);

  if ($user == false) {
    $this->Session->setFlash(__('Link inválido'), 'flash/frontend/error');
    $this->redirect('/');
  }

  $this->layout = 'login';

  if ($this->request->is('post')) {
    $this->User->set = $this->request->data;
    if ($this->User->validates(array('fieldList' => array('id', 'forget_password', 'password', 'password_confirmation')))) {

     // ...

    } else {

     // ...

    }
  }

  $user['User']['password'] = null;
  $this->request->data = $user;

}

Note: I did not set the *type of the above form, just to test whether the same would occur, and the occurred.*

php cakephp

  • The action (and route) of the form page is the same as the target?

  • @bfavaretto Yes. As shown above.

  • I was suspicious of the standard REST routes, ms it seems that’s not it...

  • @bfavaretto I believe that’s it, but I still don’t understand how Cakephp treats it. See my answer.

4 answers

5


From what I saw what happens is that if you have a selected record it considers the PUT method as default, if you do not have an active record it puts as POST.

We can see it here:

if ($model !== false && $key) {
      $recordExists = (
          isset($this->request->data[$model]) &&
          !empty($this->request->data[$model][$key]) &&
          !is_array($this->request->data[$model][$key])
       );

      if ($recordExists) {
          $created = true;
          $id = $this->request->data[$model][$key];
      }
}

Then we’ll see:

'type' => ($created && empty($options['action'])) ? 'put' : 'post',

So from what I understand if you use a form that is creation and you are not recovering data from the model it will make a POST.

Source: https://github.com/cakephp/cakephp/blob/master/lib/Cake/View/Helper/FormHelper.php

  • Excellent observation. So that’s why you’re considering a PUT, because I search user information before proceeding. Thank you.

  • is their logic is that if you have an active record then you want to update, it will work in most cases, less in your case, but even so the CAKE ta right, you will update the record then it should be a PUT even

1

I still don’t know the logic behind Cakephp to do this, but here’s the thing:

If the action is not add(), he considers as PUT, unless the action is delete.

So, if it is any custom route, escaping from the REST standard, you must manually set:

'type' => 'POST'

And just like that.

Obs.: tested both remove the User.id, when removing the parameters of url of the Form, but even so it kept as PUT

Reference: http://book.cakephp.org/2.0/en/core-libraries/helpers/form.html#Creating-Forms

0

0

Cakephp POST in the form and arrow the attribute _method as PUT because the method PUT, in general, it is not natively supported by browsers.

Symfony2 framework does the same thing, and see what they say in the documentation:

Unfortunately, life isn’t quite this simple, Since Most browsers do not support sending PUT and DELETE requests. Fortunately Symfony2 provides you with a simple way of Working Around this limitation. By including a _method Parameter in the query string or Parameters of an HTTP request, Symfony2 will use this as the method when matching Routes. Forms Automatically include a Hidden field for this Parameter if their Submission method is not GET or POST.

Source: http://symfony.com/doc/current/cookbook/routing/method_parameters.html

Browser other questions tagged php cakephp

You are not signed in. Login or sign up in order to post.