validateCsrfToken('game_start', $request); /** @var User|null $user */ $user = $this->getUser(); // Check no game already in progress if ($user) { $existing = $gameRepository->findActiveForUser($user); } else { $gameId = $request->getSession()->get('current_game_id'); $existing = $gameId ? $gameRepository->find($gameId) : null; if ($existing && $existing->getStatus() !== Game::STATUS_IN_PROGRESS) { $existing = null; } } if ($existing) { return $this->redirectToRoute('app_homepage'); } // Build config from form parameters $config = []; if ($user && $request->request->getBoolean('watched_only')) { $config['watchedOnly'] = true; } $hintTypes = []; if ($request->request->getBoolean('hint_film', true)) { $hintTypes[] = 'film'; } if ($request->request->getBoolean('hint_character', true)) { $hintTypes[] = 'character'; } if ($request->request->getBoolean('hint_award', true)) { $hintTypes[] = 'award'; } if (empty($hintTypes)) { $hintTypes = ['film', 'character', 'award']; } $config['hintTypes'] = $hintTypes; /** @var list $awardTypeIds */ $awardTypeIds = $request->request->all('award_types'); if (!empty($awardTypeIds) && in_array('award', $hintTypes)) { $config['awardTypeIds'] = array_map('intval', $awardTypeIds); } $game = $generator->generate($user, $config); if ($game === null) { $this->addFlash('error', 'Impossible de générer une grille avec ces paramètres. Essayez avec des critères moins restrictifs.'); return $this->redirectToRoute('app_homepage'); } if (!$user) { $request->getSession()->set('current_game_id', $game->getId()); } return $this->redirectToRoute('app_homepage'); } #[Route('/game/{id}/abandon', name: 'app_game_abandon', methods: ['POST'])] public function abandon( Game $game, Request $request, EntityManagerInterface $em, ): Response { $this->validateCsrfToken('game_abandon', $request); /** @var User|null $user */ $user = $this->getUser(); // Verify ownership if ($user) { if ($game->getUser() !== $user) { throw $this->createAccessDeniedException(); } } else { $sessionGameId = $request->getSession()->get('current_game_id'); if ($game->getId() !== $sessionGameId) { throw $this->createAccessDeniedException(); } } $game->abandon(); $em->flush(); if (!$user) { $request->getSession()->remove('current_game_id'); } return $this->redirectToRoute('app_homepage'); } private function validateCsrfToken(string $tokenId, Request $request): void { $token = $request->request->get('_token'); if (!$this->isCsrfTokenValid($tokenId, $token)) { throw $this->createAccessDeniedException('Invalid CSRF token.'); } } }