Solution to: Zend Form Error: String was not found in the haystack
Ok So you submit your form with everthing correctly entered and bang…String was not found in the haystack. What does this mean? Well this is actually the best defence of CSFR – Request Forgery that Zend has. This is basically tampering with the $_POST variable posting fake data).
As an example you has a select element created as follows:
$sat = new Zend_Form_Element_Select(‘satellite_id’);
$sat->setLabel(‘Satellite’)
->addMultiOption(‘0’, ‘None’)
->setRegisterInArrayValidator(false);
If the data submitted is of the form:
$_POST[‘satellite_id] = 1;
This will throw the error as the submitted data was not possible based on the options.
However when we use Ajax to populate form elements such as this select, we may indeed add additional options other than those specified in the original form. So to guard against this error, we need to add the following option to the form element to ensure that the InarrayValidator does not fire. The element will look like this:
$sat = new Zend_Form_Element_Select(‘satellite_id’);
$sat->setLabel(‘Satellite’)
->addMultiOption(‘0’, ‘None’)
->setRegisterInArrayValidator(false);
When we receive $_POST[‘satellite_id] = 1, no error will be thrown.
So In actual fact the thing causing the error: String was not found in the haystack, is actually protecting us from illicit users and oblivious attackers.