lachieggg Posted August 12, 2021 Share Posted August 12, 2021 (edited) I have a site set up with PHP and Slim CSRF, and everything was working until recently. Now, I've decided to locally test dockerizing my application, and the CSRF appears to be breaking my application. I've got a bootstrap file in ./bootstrap/app.php which I will show here: <?php session_start(); use Respect\Validation\Validator as v; use SlimCrf; require __DIR__ . '/../vendor/autoload.php'; $app = new \Slim\App([ 'settings' => [ 'displayErrorDetails' => true, 'db' => [ 'driver' => 'mysql', 'host' => 'localhost', 'database' => 'db', 'username' => 'username', 'password' => 'password', 'charset' => 'utf8', 'collation' => 'utf8_unicode_ci', 'prefix' => '', ] ], ]); $container = $app->getContainer(); $capsule = new \Illuminate\Database\Capsule\Manager; $capsule->addConnection($container['settings']['db']); $capsule->setAsGlobal(); $capsule->bootEloquent(); $container['db'] = function ($container) use ($capsule) { return $capsule; }; $container['auth'] = function ($container) { return new \LoginApp\Auth\Auth($container); }; $container['view'] = function ($container) { $view = new \Slim\Views\Twig(__DIR__ . '/../resources/views', [ 'cache' => false, ]); $view->addExtension(new \Slim\Views\TwigExtension( $container->router, $container->request->getUri() )); $view->getEnvironment()->addGlobal('auth', [ 'check' => $container->auth->check(), 'user' => $container->auth->user(), ]); return $view; }; $container['validator'] = function ($container) { return new LoginApp\Validation\Validator; }; $container['csrf'] = function ($container) { $csrf = new \Slim\Csrf\Guard(); $csrf->setPersistentTokenMode(true); return $csrf; }; $app->add(new \LoginApp\Middleware\ValidationErrorsMiddleware($container)); $app->add(new \LoginApp\Middleware\OldInputMiddleware($container)); $app->add(new \LoginApp\Middleware\CsrfViewMiddleware($container)); // CSRF protection for Slim 3 $app->add($container->csrf); require __DIR__ . '/../app/routes.php'; When I am running the application, I receive a page which I have attached. It's strange that the session is not being found in this dockerized application, and makes me wonder whether some dependency updates have occurred, but I'm not sure why that would break things. Here is my apache configuration: <VirtualHost *:80> ServerAdmin admin@lachiegrant.io.com ServerName lachiegrant.io.com ServerAlias www.lachiegrant.io.com DocumentRoot /var/www/lachiegrant.io/public <Directory /var/www/lachiegrant.io/public> Options Indexes FollowSymLinks AllowOverride All Require all granted </Directory> ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined </VirtualHost> Thanks in advance. Edited August 12, 2021 by lachieggg Quote Link to comment Share on other sites More sharing options...
Solution requinix Posted August 12, 2021 Solution Share Posted August 12, 2021 Read the error messages. The first one says that "use SlimCrf" is a pointless statement. It doesn't do anything. The second one says that it couldn't session_start() because there was output. Which there was: the first error message. What course of action do you think you should take? Quote Link to comment Share on other sites More sharing options...
lachieggg Posted August 12, 2021 Author Share Posted August 12, 2021 (edited) Thanks. I've removed that "use SlimCrf" line and it worked. Edited August 12, 2021 by lachieggg Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.