Closed dsultanr closed 3 years ago
HansSchouten
commented
3 years ago That is not good indeed, thanks for pointing out. Could you try removing this method: https://github.com/HansSchouten/PHPageBuilder/blob/master/src/Core/helpers.php#L11 and see if that is the cause? This method is declared by Laravel as well.
dsultanr
commented
3 years ago yes, removing this method helps
Do you think moving helpers to custom namespace is a good way?
HansSchouten
commented
3 years ago Thanks for checking, good to know. Creating a class that provides the helper functions could be a solution. Although putting namespace\Helper::method() at many locations in for example view files makes the code somewhat less readable. An alternative would be prefixing all helpers with phpb_ that I already did with a number of methods.
Actually, I see only 2 helpers do not have this prefix. Amongst which the method that caused this issue.
dsultanr
commented
3 years ago could you please make a quick fix for this method only?
HansSchouten
commented
3 years ago No problem, I just published the v0.14.0 release that fixes this issue.
dsultanr
commented
3 years ago fixed. thanks
tested on laravel 6
composer require hansschouten/phpagebuilder succesfully installs phpagebuilder
open any page containing CSRF token
this code in blade template
{{ csrf_field() }}produces
<input type="hidden" name="_token" value="BGWtUp7p7lY6fJQMlAAT2vRhlWc0PvVC3vCL7o9j">removing hansschouten/phpagebuilder fixes CSRF double encoding
bad thing that the phppagebuilder library brokes CSRF whenever not used anywhere in laravel, just added via composer