You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hello,
I have ran into an issue when using the Symfony\Component\Security\Core\Validator\Constraints\UserPassword validator and PHP 7.1 - if the field value is empty (a null), the validator breaks on this line with a warning hash_equals(): Expected user_string to be a string, null given.
Usually validators simply check the value for a null and return if found, but here it just passes it on further and allows it to break. Same goes for Symfony\Bridge\Doctrine\Validator\Constraints\UniqueEntityValidator and it requires me to overwrite these classes and manually add a check for null. I can make a PR fixing this, assuming everyone is fine with this change.
The text was updated successfully, but these errors were encountered:
…y values (xabbuh)
This PR was merged into the 2.7 branch.
Discussion
----------
[DoctrineBridge][Security][Validator] do not validate empty values
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #23319
| License | MIT
| Doc PR |
Nearly all validators operating on scalar values (except for some special constraints) do ignore empty values. If you want to forbid them, you have to use the `NotBlank` constraint instead.
Commits
-------
fd7ad23 do not validate empty values
Hello,
I have ran into an issue when using the
Symfony\Component\Security\Core\Validator\Constraints\UserPassword
validator and PHP 7.1 - if the field value is empty (a null), the validator breaks on this line with a warninghash_equals(): Expected user_string to be a string, null given
.Usually validators simply check the value for a null and return if found, but here it just passes it on further and allows it to break. Same goes for
Symfony\Bridge\Doctrine\Validator\Constraints\UniqueEntityValidator
and it requires me to overwrite these classes and manually add a check for null. I can make a PR fixing this, assuming everyone is fine with this change.The text was updated successfully, but these errors were encountered: