Hello guys.
I have reviewed this chapter and I noticed a problem.

In this section, the CSRF token is not checked and this is a serious problem.

src/AppBundle/Security/LoginFormAuthenticator.php

public function getCredentials(Request $request)
{
    $isLoginSubmit = $request->getPathInfo() == '/login' && $request->isMethod('POST');
    if (!$isLoginSubmit) {
        // skip authentication
        return;
    }
    $form = $this->formFactory->create(LoginForm::class);
    $form->handleRequest($request);
    $data = $form->getData();
    return $data;
}

And I considered the following solution for it:

    if ( $form->isSubmitted() && $form->isValid() )
    {
        $data = $form->getData();
        return $data;
    }
    throw new CustomUserMessageAuthenticationException("The CSRF token is invalid!");

I hope that this issue will be useful.

I snuck in a new episode 2, and it needs a logo - I'm re-using the logo from somewhere else

Hi, I am a Chinese student, and I really love your video course that I decide to translate it into Chinese. I wonder if you could give me the permission

On this page: http://knpuniversity.com/screencast/symfony/phpstorm-git

At around :55, we need to add this video note:

You should also find and install the "PHP Annotations" plugin. That will give
you the awesome annotations auto-completion that you'll see in the video.

Chapter: https://knpuniversity.com/screencast/doctrine-relations/join-column-relation-fixtures
Time: 2:08
Note:

If you *still* get an error while running the migration, it's because
of a MySQL change! Find the details here: http://bit.ly/migrations-tweak

@Leannapelham I need a favor!

To this chapter: https://knpuniversity.com/screencast/symfony/layout-assets

At 4:30, right when we refresh the browser, we need to add a note to help something that's tricking up several people:

If your page is still ugly, make any small change to base.html.twig and
show.html.twig then refresh again. Don't worry about this: it's due to a
one-time quirk because you're copying older files from me.

Thanks!

In ep3, we show a page that lists all of the genus (genera) out.

After my mad-styling skills, it looks like this:

The new episode 2 currently doesn't appear on KnpU.com. We need to create it and publish it. We also need to re-publish all the other episodes, so that their episode numbers get pushed back (for this, we will need to update the Current config directory on each one and then rebuild.

Inside setPlainPassword(), do one more thing: $this->password = null:

If we have a change password form and if the user enters their current password with the new password - then the password will not be changed and the session and user authentication will be violated due to $password = null.