Re: [fw-general] _forward() question
thanks for the clarification Matthew, that all makes sense.
I think it would be useful if the documentation covers the situation
where you want to forward to a new action but exit the current one
immediately, with an example along the lines that you detailed in your
email. I.e.
if (!$this->checkLogin() {
return $this-> _forward('index', 'login');
}
That would help to clarify the situation for newcomers to ZF
best wishes,
Si
Re: [fw-general] _forward() question
-- Simon R Jones <[EMAIL PROTECTED]> wrote
(on Thursday, 14 February 2008, 09:05 AM +):
> thanks for the reply Matthew
>
> Can I ask why _forward() stacks and only forwards at the end of the current
> controller method? I couldn't find any reference to why it works this way
> in the docs so when some of the guys in the office had used multiple
> forwards (without returns) the default behaviour was confusing.
When you call _forward(), you're stayinging within the current request
cycle, but indicating you have another action to call. The way the
request cycle works is roughly as follows:
front controller
routing
dispatch loop
resolve request to controller and action
dispatch action
run action in controller
send output
When you call _forward(), you're simply setting a token in the request
object; the dispatch loop checks for this token, and if set, it then
performs another iteration of the loop.
Since the setting of the token is happening within a method call, within
another method call, within yet another method call you can't simply
call 'continue' and have it work; you're simply in the wrong lexical
scope. Additionally, as I noted in my original reply, you can't have a
called function force the calling function to return:
function foo()
{
bar();
print 'foo';
}
function bar()
{
return;
}
There's simply nothing you can call in bar() that will prevent foo()
from printing 'foo'... short of a die() or exit(), and those aren't
desired in this case.
As for the manual, perhaps I can make it clearer, but it reads:
"If called in preDispatch(), the currently requested action will be
skipped in favor of the new one. Otherwise, after the current action
is processed, the action requested in _forward() will be executed."
The part that is important here is "*after* the current action is
processed" (emphasis mine) -- i.e., the new action will only be
processed after the current action is *done*.
> On 13 Feb 2008, at 19:36, Matthew Weier O'Phinney wrote:
> >
> > Correct -- you need to return. I actually usually write it as:
> >
> >return $this-> _forward('index', 'login');
> >
> > as the return value of an action is ignored anyways.
> >
> > The reason it works this way (i.e., you need to return when forwarding)
> > is because you can't have a called function force the calling function
> > to return -- it's a language limitation.
> >
> > > Further to this, if the above is the recommended way to forward and quit
> > > the current method then this of course becomes problematic if I
> > > abstracted
> > > the login check. I.e. if I called a function to do something like:
> > >
> > > $this-> checkLogin();
> > >
> > > And the function checkLogin() did the necessary ACL check and also
> > > included
> > > the forward() - to avoid DRY.
> >
> > Unfortunate, but necessary. I typically have methods like this return a
> > boolean, so I can then do something like this:
> >
> >if (!$this-> checkLogin() {
> >return $this-> _forward('index', 'login');
> >}
> >
>
>
--
Matthew Weier O'Phinney
PHP Developer| [EMAIL PROTECTED]
Zend - The PHP Company | http://www.zend.com/
Re: [fw-general] _forward() question
Simon R Jones pisze:
thanks for the reply Matthew
Can I ask why _forward() stacks and only forwards at the end of the
current controller method? I couldn't find any reference to why it
works this way in the docs so when some of the guys in the office had
used multiple forwards (without returns) the default behaviour was
confusing.
best wishes,
Si
On 13 Feb 2008, at 19:36, Matthew Weier O'Phinney wrote:
Correct -- you need to return. I actually usually write it as:
return $this->_forward('index', 'login');
as the return value of an action is ignored anyways.
The reason it works this way (i.e., you need to return when forwarding)
is because you can't have a called function force the calling function
to return -- it's a language limitation.
Further to this, if the above is the recommended way to forward and
quit
the current method then this of course becomes problematic if I
abstracted
the login check. I.e. if I called a function to do something like:
$this->checkLogin();
And the function checkLogin() did the necessary ACL check and also
included
the forward() - to avoid DRY.
Unfortunate, but necessary. I typically have methods like this return a
boolean, so I can then do something like this:
if (!$this->checkLogin() {
return $this->_forward('index', 'login');
}
Method _forward() calls only another function (action) like normal
function calling in php
Re: [fw-general] _forward() question
thanks for the reply Matthew
Can I ask why _forward() stacks and only forwards at the end of the
current controller method? I couldn't find any reference to why it
works this way in the docs so when some of the guys in the office had
used multiple forwards (without returns) the default behaviour was
confusing.
best wishes,
Si
On 13 Feb 2008, at 19:36, Matthew Weier O'Phinney wrote:
Correct -- you need to return. I actually usually write it as:
return $this->_forward('index', 'login');
as the return value of an action is ignored anyways.
The reason it works this way (i.e., you need to return when
forwarding)
is because you can't have a called function force the calling function
to return -- it's a language limitation.
Further to this, if the above is the recommended way to forward and
quit
the current method then this of course becomes problematic if I
abstracted
the login check. I.e. if I called a function to do something like:
$this->checkLogin();
And the function checkLogin() did the necessary ACL check and also
included
the forward() - to avoid DRY.
Unfortunate, but necessary. I typically have methods like this
return a
boolean, so I can then do something like this:
if (!$this->checkLogin() {
return $this->_forward('index', 'login');
}
Re: [fw-general] _forward() question
-- Simon R Jones <[EMAIL PROTECTED]> wrote
(on Wednesday, 13 February 2008, 05:14 PM +):
> I'm using $this->_forward() in a controller method to forward the request
> onto a login page, this can't be done that easily in pre-dispatch since
> different methods have different requirements for ACL and we have a rather
> complex custom route system going on (part of which happens in specific
> controllers). At present we're not using Zend ACL.
>
> It seems the default behaviour of _forward() is to continue processing the
> current method's code, and then forward to the new controller/action. So if
> multiple forwards exist in that method's code, only the last one actually
> works.
>
> Is this correct? I had presumed _forward() would forward to the new
> controller/action and exit the code at that specific point. Is this
> possible? Or do I have to just return from the method at that point in the
> code? I.e.
>
> $this->_forward("index", "login");
> return;
Correct -- you need to return. I actually usually write it as:
return $this->_forward('index', 'login');
as the return value of an action is ignored anyways.
The reason it works this way (i.e., you need to return when forwarding)
is because you can't have a called function force the calling function
to return -- it's a language limitation.
> Further to this, if the above is the recommended way to forward and quit
> the current method then this of course becomes problematic if I abstracted
> the login check. I.e. if I called a function to do something like:
>
> $this->checkLogin();
>
> And the function checkLogin() did the necessary ACL check and also included
> the forward() - to avoid DRY.
Unfortunate, but necessary. I typically have methods like this return a
boolean, so I can then do something like this:
if (!$this->checkLogin() {
return $this->_forward('index', 'login');
}
--
Matthew Weier O'Phinney
PHP Developer| [EMAIL PROTECTED]
Zend - The PHP Company | http://www.zend.com/
[fw-general] _forward() question
hi there,
I'm using $this->_forward() in a controller method to forward the
request onto a login page, this can't be done that easily in pre-
dispatch since different methods have different requirements for ACL
and we have a rather complex custom route system going on (part of
which happens in specific controllers). At present we're not using
Zend ACL.
It seems the default behaviour of _forward() is to continue processing
the current method's code, and then forward to the new controller/
action. So if multiple forwards exist in that method's code, only the
last one actually works.
Is this correct? I had presumed _forward() would forward to the new
controller/action and exit the code at that specific point. Is this
possible? Or do I have to just return from the method at that point in
the code? I.e.
$this->_forward("index", "login");
return;
Further to this, if the above is the recommended way to forward and
quit the current method then this of course becomes problematic if I
abstracted the login check. I.e. if I called a function to do
something like:
$this->checkLogin();
And the function checkLogin() did the necessary ACL check and also
included the forward() - to avoid DRY.
comments appreciated!
Simon
Re: [fw-general] _forward() Question
Matthew,
Thanks for your feedback on this,
Your solution put into an Action Helper has turned out to be what
seems to be a nice clean way to protect actions from direct access.
To check I just run the following in the init() function of the
controller:
public function init()
{
$this->_helper->CheckForward(array('protectedAction1',
'protectedAction2'));
}
Thanks again.
Todd
On May 5, 2007, at 1:29 PM, Matthew Weier O'Phinney wrote:
-- Maurice Fonk <[EMAIL PROTECTED]> wrote
(on Saturday, 05 May 2007, 08:03 PM +0200):
You are right. That's what you get for thinking out loud, you can be
wrong, I don't quote Socrates for nothing ;). You can't use
attributes
of the object (controller instance) that does the forwarding to keep
track of the forwarding process. In one of your controllers, try the
following (also try adding test_request/abc to your url):
public function indexAction() {
$this->_test = 'test';
//attribute
$this->getFrontController()->setParam('test_front', true);
//in front controller
$this->getRequest()->setParam('test_request', true);
//in request parameters
$this->_forward('forward');
}
public function forwardAction() {
var_dump($this->_test);
//$this->_test isn't defined (NULL)
var_dump($this->getFrontController()->getParam('test_front'));
//bool(true)
var_dump($this->_getParam('test_request'));
//bool(true)
}
Setting a parameter in the front controller may be a good way to
check
for forwards, but it does mean you have to include an additional
line of
code.
Not necessarily. I've been thinking on this, and what I think is
needed
is a routeShutdown() plugin, and then a check in the controller's
preDispatch() method.
As for the routeShutdown() plugin, the reason I suggest this is that
routing happens exactly once during the request cycle, so after the
routing has happened we know exactly what the original request was.
You
can then use a routeShutdown() plugin to register that request with
the
front controller:
class OriginalRequestPlugin extends
Zend_Controller_Plugin_Abstract
{
public function routeShutdown
(Zend_Controller_Request_Abstract $request)
{
Zend_Controller_Front::getInstance()->setParam
('origRequest', clone $request);
}
}
Then, in your controllers that have actions that should only be run
during via _forward(), do some checks in the preDispatch() method:
class FooController extends Zend_Controller_Action
{
// Actions which should only be called via _forward()
public $forwardOnly = array('commit', 'revert');
public function preDispatch()
{
$request = $this->getRequest();
$action = $request->getActionName();
if (in_array($action, $this->forwardOnly)) {
$origRequest = $this->getInvokeArg('origRequest');
if ($origRequest->getActionName() == $action) {
throw new Exception($action . ' action may only
be called via _forward()');
}
}
}
}
The above could actually be placed in an Action Helper as well, so
that
it doesn't need to be written for every controller needing the
functionality or require a Zend_Controller_Action subclass.
You don't have to use the request params, whicht may collide with
params your application actually uses. I'm not sure whether this
is the
intended use of the setParam method of the front controller. The
params
you set in it will be passed to __construct of the action controller.
If you put the forwardAction in another controller (even module) you
should still get the same results, if you modify the forward.
Maurice
Todd Wolaver wrote:
I agree that there should be a standard way to check for forwards or
what actions have already been called. Possibly keeping track of
this
in the Front controller?
As far as the forward, even it were not marked final (just for my
own
understanding):
Wouldn't setting a parameter when calling _forward() only live
within
the current action's lifetime and not persist to the action being
forwarded to.
Todd
On May 5, 2007, at 11:17 AM, Maurice Fonk wrote:
Indeed, that makes perfect sense. Enforcing compatibility between
modules does sound kind of important ;).
Still, having to add aditional parameters to the request, or
checking
whether the action name is in the path info feels like a bit of a
hack to me. Furthermore, if I have an index action, the word
'index'
may not even be in the path info (because it's the default
controller/action), so checking for it wouldn't always tell you
whether it was called directly. On the other hand, you probably
wouldn't have an index action that shouldn't be callable directly.
It would be nice if there was a standard way to check for forwards,
and enforce some actions to be callable only that way.
Maurice
Matthew Weier O'Phinney wrote:
-- Maur
Re: [fw-general] _forward() Question
I gathered as much ;), just wanted to point it out to save some poor
souls some headaches.
In any case, thank you a lot for your help, this will come in quite
handy for me and probably others. For these kind of questions/problems
the mailing list and it's archives are an invaluable resource thanks to
the likes of you.
Maurice
Matthew Weier O'Phinney wrote:
-- Maurice Fonk <[EMAIL PROTECTED]> wrote
(on Saturday, 05 May 2007, 10:19 PM +0200):
That looks like an elegant solution. There's one little thing though.
You only check for a matching action name to see if it has been
forwarded, but what if I forward to another controller, but an action
with the same name? Other than that it looks just fine.
You could easily do a more thorough check -- that code was hammered out
in just a few minutes. Probably a better check would be to heck that any
of module, controller, and action are different -- if so, then the
action was via a _forward() call.
I'd suggest putting that into an action helper.
Matthew Weier O'Phinney wrote:
-- Maurice Fonk <[EMAIL PROTECTED]> wrote
(on Saturday, 05 May 2007, 08:03 PM +0200):
You are right. That's what you get for thinking out loud, you can be
wrong, I don't quote Socrates for nothing ;). You can't use attributes
of the object (controller instance) that does the forwarding to keep
track of the forwarding process. In one of your controllers, try the
following (also try adding test_request/abc to your url):
public function indexAction() {
$this->_test = 'test';
//attribute
$this->getFrontController()->setParam('test_front', true);
//in front controller
$this->getRequest()->setParam('test_request', true);
//in request parameters
$this->_forward('forward');
}
public function forwardAction() {
var_dump($this->_test);
//$this->_test isn't defined (NULL)
var_dump($this->getFrontController()->getParam('test_front'));
//bool(true)
var_dump($this->_getParam('test_request'));
//bool(true)
}
Setting a parameter in the front controller may be a good way to check
for forwards, but it does mean you have to include an additional line of
code.
Not necessarily. I've been thinking on this, and what I think is needed
is a routeShutdown() plugin, and then a check in the controller's
preDispatch() method.
As for the routeShutdown() plugin, the reason I suggest this is that
routing happens exactly once during the request cycle, so after the
routing has happened we know exactly what the original request was. You
can then use a routeShutdown() plugin to register that request with the
front controller:
class OriginalRequestPlugin extends Zend_Controller_Plugin_Abstract
{
public function routeShutdown(Zend_Controller_Request_Abstract
$request)
{
Zend_Controller_Front::getInstance()->setParam('origRequest',
clone $request);
}
}
Then, in your controllers that have actions that should only be run
during via _forward(), do some checks in the preDispatch() method:
class FooController extends Zend_Controller_Action
{
// Actions which should only be called via _forward()
public $forwardOnly = array('commit', 'revert');
public function preDispatch()
{
$request = $this->getRequest();
$action = $request->getActionName();
if (in_array($action, $this->forwardOnly)) {
$origRequest = $this->getInvokeArg('origRequest');
if ($origRequest->getActionName() == $action) {
throw new Exception($action . ' action may only be
called via _forward()');
}
}
}
}
The above could actually be placed in an Action Helper as well, so that
it doesn't need to be written for every controller needing the
functionality or require a Zend_Controller_Action subclass.
You don't have to use the request params, whicht may collide with
params your application actually uses. I'm not sure whether this is the
intended use of the setParam method of the front controller. The params
you set in it will be passed to __construct of the action controller.
If you put the forwardAction in another controller (even module) you
should still get the same results, if you modify the forward.
Maurice
Todd Wolaver wrote:
I agree that there should be a standard way to check for forwards or
what actions have already been called. Possibly keeping track of this
in the Front controller?
As far as the forward, even it were not marked final (just for my own
understanding):
Wouldn't setting a parameter when calling _forward() only live within
the current action's lifetime and not persist to the action being
forwarded to.
Todd
On May 5, 2007, at 11:17 AM, Maurice Fonk wrote:
Indeed, that makes perfect sense. Enforcing compatibility between
modules does sound kind of important ;).
St
Re: [fw-general] _forward() Question
-- Maurice Fonk <[EMAIL PROTECTED]> wrote
(on Saturday, 05 May 2007, 10:19 PM +0200):
> That looks like an elegant solution. There's one little thing though.
> You only check for a matching action name to see if it has been
> forwarded, but what if I forward to another controller, but an action
> with the same name? Other than that it looks just fine.
You could easily do a more thorough check -- that code was hammered out
in just a few minutes. Probably a better check would be to heck that any
of module, controller, and action are different -- if so, then the
action was via a _forward() call.
I'd suggest putting that into an action helper.
> Matthew Weier O'Phinney wrote:
> >-- Maurice Fonk <[EMAIL PROTECTED]> wrote
> >(on Saturday, 05 May 2007, 08:03 PM +0200):
> >
> >>You are right. That's what you get for thinking out loud, you can be
> >>wrong, I don't quote Socrates for nothing ;). You can't use attributes
> >>of the object (controller instance) that does the forwarding to keep
> >>track of the forwarding process. In one of your controllers, try the
> >>following (also try adding test_request/abc to your url):
> >>
> >>public function indexAction() {
> >> $this->_test = 'test';
> >> //attribute
> >> $this->getFrontController()->setParam('test_front', true);
> >> //in front controller
> >> $this->getRequest()->setParam('test_request', true);
> >> //in request parameters
> >> $this->_forward('forward');
> >>}
> >>
> >>public function forwardAction() {
> >> var_dump($this->_test);
> >> //$this->_test isn't defined (NULL)
> >> var_dump($this->getFrontController()->getParam('test_front'));
> >> //bool(true)
> >> var_dump($this->_getParam('test_request'));
> >> //bool(true)
> >>}
> >>
> >>Setting a parameter in the front controller may be a good way to check
> >>for forwards, but it does mean you have to include an additional line of
> >>code.
> >>
> >
> >Not necessarily. I've been thinking on this, and what I think is needed
> >is a routeShutdown() plugin, and then a check in the controller's
> >preDispatch() method.
> >
> >As for the routeShutdown() plugin, the reason I suggest this is that
> >routing happens exactly once during the request cycle, so after the
> >routing has happened we know exactly what the original request was. You
> >can then use a routeShutdown() plugin to register that request with the
> >front controller:
> >
> >class OriginalRequestPlugin extends Zend_Controller_Plugin_Abstract
> >{
> >public function routeShutdown(Zend_Controller_Request_Abstract
> >$request)
> >{
> >Zend_Controller_Front::getInstance()->setParam('origRequest',
> >clone $request);
> >}
> >}
> >
> >Then, in your controllers that have actions that should only be run
> >during via _forward(), do some checks in the preDispatch() method:
> >
> >class FooController extends Zend_Controller_Action
> >{
> >// Actions which should only be called via _forward()
> >public $forwardOnly = array('commit', 'revert');
> >
> >public function preDispatch()
> >{
> >$request = $this->getRequest();
> >$action = $request->getActionName();
> >if (in_array($action, $this->forwardOnly)) {
> >$origRequest = $this->getInvokeArg('origRequest');
> >if ($origRequest->getActionName() == $action) {
> >throw new Exception($action . ' action may only be
> >called via _forward()');
> >}
> >}
> >}
> >}
> >
> >The above could actually be placed in an Action Helper as well, so that
> >it doesn't need to be written for every controller needing the
> >functionality or require a Zend_Controller_Action subclass.
> >
> >
> >>You don't have to use the request params, whicht may collide with
> >>params your application actually uses. I'm not sure whether this is the
> >>intended use of the setParam method of the front controller. The params
> >>you set in it will be passed to __construct of the action controller.
> >>
> >>If you put the forwardAction in another controller (even module) you
> >>should still get the same results, if you modify the forward.
> >>
> >>Maurice
> >>
> >>Todd Wolaver wrote:
> >>
> >>>I agree that there should be a standard way to check for forwards or
> >>>what actions have already been called. Possibly keeping track of this
> >>>in the Front controller?
> >>>
> >>>As far as the forward, even it were not marked final (just for my own
> >>>understanding):
> >>>Wouldn't setting a parameter when calling _forward() only live within
> >>>the current action's lifetime and not persist to the action being
> >>>forwarded to.
> >>>
> >>>Todd
> >>>
> >>>On May 5, 2007, at 11:17 AM, Maurice Fonk wrote:
> >>>
> >>>
> Indeed, that makes perfect sense. Enforcing compatibility between
> modules does sound kind of im
Re: [fw-general] _forward() Question
That looks like an elegant solution. There's one little thing though.
You only check for a matching action name to see if it has been
forwarded, but what if I forward to another controller, but an action
with the same name? Other than that it looks just fine.
Matthew Weier O'Phinney wrote:
-- Maurice Fonk <[EMAIL PROTECTED]> wrote
(on Saturday, 05 May 2007, 08:03 PM +0200):
You are right. That's what you get for thinking out loud, you can be
wrong, I don't quote Socrates for nothing ;). You can't use attributes
of the object (controller instance) that does the forwarding to keep
track of the forwarding process. In one of your controllers, try the
following (also try adding test_request/abc to your url):
public function indexAction() {
$this->_test = 'test';
//attribute
$this->getFrontController()->setParam('test_front', true);
//in front controller
$this->getRequest()->setParam('test_request', true);
//in request parameters
$this->_forward('forward');
}
public function forwardAction() {
var_dump($this->_test);
//$this->_test isn't defined (NULL)
var_dump($this->getFrontController()->getParam('test_front'));
//bool(true)
var_dump($this->_getParam('test_request'));
//bool(true)
}
Setting a parameter in the front controller may be a good way to check
for forwards, but it does mean you have to include an additional line of
code.
Not necessarily. I've been thinking on this, and what I think is needed
is a routeShutdown() plugin, and then a check in the controller's
preDispatch() method.
As for the routeShutdown() plugin, the reason I suggest this is that
routing happens exactly once during the request cycle, so after the
routing has happened we know exactly what the original request was. You
can then use a routeShutdown() plugin to register that request with the
front controller:
class OriginalRequestPlugin extends Zend_Controller_Plugin_Abstract
{
public function routeShutdown(Zend_Controller_Request_Abstract $request)
{
Zend_Controller_Front::getInstance()->setParam('origRequest', clone
$request);
}
}
Then, in your controllers that have actions that should only be run
during via _forward(), do some checks in the preDispatch() method:
class FooController extends Zend_Controller_Action
{
// Actions which should only be called via _forward()
public $forwardOnly = array('commit', 'revert');
public function preDispatch()
{
$request = $this->getRequest();
$action = $request->getActionName();
if (in_array($action, $this->forwardOnly)) {
$origRequest = $this->getInvokeArg('origRequest');
if ($origRequest->getActionName() == $action) {
throw new Exception($action . ' action may only be called
via _forward()');
}
}
}
}
The above could actually be placed in an Action Helper as well, so that
it doesn't need to be written for every controller needing the
functionality or require a Zend_Controller_Action subclass.
You don't have to use the request params, whicht may collide with
params your application actually uses. I'm not sure whether this is the
intended use of the setParam method of the front controller. The params
you set in it will be passed to __construct of the action controller.
If you put the forwardAction in another controller (even module) you
should still get the same results, if you modify the forward.
Maurice
Todd Wolaver wrote:
I agree that there should be a standard way to check for forwards or
what actions have already been called. Possibly keeping track of this
in the Front controller?
As far as the forward, even it were not marked final (just for my own
understanding):
Wouldn't setting a parameter when calling _forward() only live within
the current action's lifetime and not persist to the action being
forwarded to.
Todd
On May 5, 2007, at 11:17 AM, Maurice Fonk wrote:
Indeed, that makes perfect sense. Enforcing compatibility between
modules does sound kind of important ;).
Still, having to add aditional parameters to the request, or checking
whether the action name is in the path info feels like a bit of a
hack to me. Furthermore, if I have an index action, the word 'index'
may not even be in the path info (because it's the default
controller/action), so checking for it wouldn't always tell you
whether it was called directly. On the other hand, you probably
wouldn't have an index action that shouldn't be callable directly.
It would be nice if there was a standard way to check for forwards,
and enforce some actions to be callable only that way.
Maurice
Matthew Weier O'Phinney wrote:
-- Maurice Fonk <[EMAIL PROTECTED]> wrote
(on Saturday, 05 May 2007, 03:57 PM +0200):
Interesting. I wonder why the method is marked final? It seems to
me l
Re: [fw-general] _forward() Question
Hi All,
Then why not just set a variable in the Registry? Or am I overlooking
something?
Regards,
Ramon
Maurice Fonk wrote:
You are right. That's what you get for thinking out loud, you can be
wrong, I don't quote Socrates for nothing ;). You can't use attributes
of the object (controller instance) that does the forwarding to keep
track of the forwarding process. In one of your controllers, try the
following (also try adding test_request/abc to your url):
public function indexAction() {
$this->_test = 'test';
//attribute
$this->getFrontController()->setParam('test_front', true);
//in front controller
$this->getRequest()->setParam('test_request', true);
//in request parameters $this->_forward('forward');
}
public function forwardAction() {
var_dump($this->_test);
//$this->_test isn't defined (NULL)
var_dump($this->getFrontController()->getParam('test_front'));
//bool(true)
var_dump($this->_getParam('test_request'));
//bool(true)
}
Setting a parameter in the front controller may be a good way to check
for forwards, but it does mean you have to include an additional line
of code. You don't have to use the request params, whicht may collide
with params your application actually uses. I'm not sure whether this
is the intended use of the setParam method of the front controller.
The params you set in it will be passed to __construct of the action
controller.
If you put the forwardAction in another controller (even module) you
should still get the same results, if you modify the forward.
Maurice
Todd Wolaver wrote:
I agree that there should be a standard way to check for forwards or
what actions have already been called. Possibly keeping track of this
in the Front controller?
As far as the forward, even it were not marked final (just for my own
understanding):
Wouldn't setting a parameter when calling _forward() only live
within the current action's lifetime and not persist to the action
being forwarded to.
Todd
On May 5, 2007, at 11:17 AM, Maurice Fonk wrote:
Indeed, that makes perfect sense. Enforcing compatibility between
modules does sound kind of important ;).
Still, having to add aditional parameters to the request, or
checking whether the action name is in the path info feels like a
bit of a hack to me. Furthermore, if I have an index action, the
word 'index' may not even be in the path info (because it's the
default controller/action), so checking for it wouldn't always tell
you whether it was called directly. On the other hand, you probably
wouldn't have an index action that shouldn't be callable directly.
It would be nice if there was a standard way to check for forwards,
and enforce some actions to be callable only that way.
Maurice
Matthew Weier O'Phinney wrote:
-- Maurice Fonk <[EMAIL PROTECTED]> wrote
(on Saturday, 05 May 2007, 03:57 PM +0200):
Interesting. I wonder why the method is marked final? It seems to
me like extending it might come in useful, because in your case
you have to perform additional steps (adding validComponent to the
params) as well.
It was originally marked final because PHP doesn't enforce that
subclasses use the same parameter signature (not following it will
raise
an E_STRICT, but it's still allowed), and the only way to enforce
consistency in how it works was to mark it final.
The primary reason I feel it should remain final is due to the
modular functionality introduced in the 0.8.0 - 0.9.0 releases. When
developers start sharing application modules, there has to be some
base
functionality that will continue to work between them. _forward()
is one
of those.
The point is that this method, and a handful of others in the action
controller, have functionality that should likely not change between
implementations so that applications
Todd Wolaver wrote:
Sorry about that last post... premature sending
The _forward() method is marked final in Zend_Controller_Action
so I can't add an attribute by extending the class.
This is what I've ended up doing, where validComponent is added
to the params passed to the _forward() method.
public function indexAction()
{
if($this-> _getParam('validComponent') !== true) throw new
Exception('Can not find page.');
edit processing
Ath_Component::addContent($this-> _getParam('divId'),
$this-> parse());
}
Thanks,
Todd
On May 4, 2007, at 5:28 PM, Maurice Fonk wrote:
I'm just thinking out loud here, but couldn't you add an
attribute to your controller base class, say _beenForwarded =
false; , then add a method:
protected function _forward(...) {
$this-> _beenForwarded = true;
parent::_forward(...);
}
This way you can easily check whether there the request has been
forwarded or not. Is this too short-sighted?
MF
Todd Wolaver wrote:
Thanks Matthew,
Unfortunately this will be a fairly large site with content
managers managing the content & URLs. In addition there could
Re: [fw-general] _forward() Question
-- Maurice Fonk <[EMAIL PROTECTED]> wrote
(on Saturday, 05 May 2007, 08:03 PM +0200):
> You are right. That's what you get for thinking out loud, you can be
> wrong, I don't quote Socrates for nothing ;). You can't use attributes
> of the object (controller instance) that does the forwarding to keep
> track of the forwarding process. In one of your controllers, try the
> following (also try adding test_request/abc to your url):
>
> public function indexAction() {
>$this->_test = 'test';
>//attribute
>$this->getFrontController()->setParam('test_front', true);
>//in front controller
>$this->getRequest()->setParam('test_request', true);
>//in request parameters
>$this->_forward('forward');
> }
>
> public function forwardAction() {
>var_dump($this->_test);
>//$this->_test isn't defined (NULL)
>var_dump($this->getFrontController()->getParam('test_front'));
>//bool(true)
>var_dump($this->_getParam('test_request'));
>//bool(true)
> }
>
> Setting a parameter in the front controller may be a good way to check
> for forwards, but it does mean you have to include an additional line of
> code.
Not necessarily. I've been thinking on this, and what I think is needed
is a routeShutdown() plugin, and then a check in the controller's
preDispatch() method.
As for the routeShutdown() plugin, the reason I suggest this is that
routing happens exactly once during the request cycle, so after the
routing has happened we know exactly what the original request was. You
can then use a routeShutdown() plugin to register that request with the
front controller:
class OriginalRequestPlugin extends Zend_Controller_Plugin_Abstract
{
public function routeShutdown(Zend_Controller_Request_Abstract $request)
{
Zend_Controller_Front::getInstance()->setParam('origRequest', clone
$request);
}
}
Then, in your controllers that have actions that should only be run
during via _forward(), do some checks in the preDispatch() method:
class FooController extends Zend_Controller_Action
{
// Actions which should only be called via _forward()
public $forwardOnly = array('commit', 'revert');
public function preDispatch()
{
$request = $this->getRequest();
$action = $request->getActionName();
if (in_array($action, $this->forwardOnly)) {
$origRequest = $this->getInvokeArg('origRequest');
if ($origRequest->getActionName() == $action) {
throw new Exception($action . ' action may only be called
via _forward()');
}
}
}
}
The above could actually be placed in an Action Helper as well, so that
it doesn't need to be written for every controller needing the
functionality or require a Zend_Controller_Action subclass.
> You don't have to use the request params, whicht may collide with
> params your application actually uses. I'm not sure whether this is the
> intended use of the setParam method of the front controller. The params
> you set in it will be passed to __construct of the action controller.
>
> If you put the forwardAction in another controller (even module) you
> should still get the same results, if you modify the forward.
>
> Maurice
>
> Todd Wolaver wrote:
> > I agree that there should be a standard way to check for forwards or
> > what actions have already been called. Possibly keeping track of this
> > in the Front controller?
> >
> > As far as the forward, even it were not marked final (just for my own
> > understanding):
> > Wouldn't setting a parameter when calling _forward() only live within
> > the current action's lifetime and not persist to the action being
> > forwarded to.
> >
> > Todd
> >
> > On May 5, 2007, at 11:17 AM, Maurice Fonk wrote:
> >
> > > Indeed, that makes perfect sense. Enforcing compatibility between
> > > modules does sound kind of important ;).
> > >
> > > Still, having to add aditional parameters to the request, or checking
> > > whether the action name is in the path info feels like a bit of a
> > > hack to me. Furthermore, if I have an index action, the word 'index'
> > > may not even be in the path info (because it's the default
> > > controller/action), so checking for it wouldn't always tell you
> > > whether it was called directly. On the other hand, you probably
> > > wouldn't have an index action that shouldn't be callable directly.
> > >
> > > It would be nice if there was a standard way to check for forwards,
> > > and enforce some actions to be callable only that way.
> > >
> > > Maurice
> > >
> > > Matthew Weier O'Phinney wrote:
> > > > -- Maurice Fonk <[EMAIL PROTECTED]> wrote
> > > > (on Saturday, 05 May 2007, 03:57 PM +0200):
> > > >
> > > > > Interesting. I wonder why the method is marked final? It seems to
> > > > > me like extending it might come in useful, because in your case you
> > > > > have t
Re: [fw-general] _forward() Question
You are right. That's what you get for thinking out loud, you can be
wrong, I don't quote Socrates for nothing ;). You can't use attributes
of the object (controller instance) that does the forwarding to keep
track of the forwarding process. In one of your controllers, try the
following (also try adding test_request/abc to your url):
public function indexAction() {
$this->_test = 'test';
//attribute
$this->getFrontController()->setParam('test_front', true);
//in front controller
$this->getRequest()->setParam('test_request', true);
//in request parameters
$this->_forward('forward');
}
public function forwardAction() {
var_dump($this->_test);
//$this->_test isn't defined (NULL)
var_dump($this->getFrontController()->getParam('test_front'));
//bool(true)
var_dump($this->_getParam('test_request'));
//bool(true)
}
Setting a parameter in the front controller may be a good way to check
for forwards, but it does mean you have to include an additional line of
code. You don't have to use the request params, whicht may collide with
params your application actually uses. I'm not sure whether this is the
intended use of the setParam method of the front controller. The params
you set in it will be passed to __construct of the action controller.
If you put the forwardAction in another controller (even module) you
should still get the same results, if you modify the forward.
Maurice
Todd Wolaver wrote:
I agree that there should be a standard way to check for forwards or
what actions have already been called. Possibly keeping track of this
in the Front controller?
As far as the forward, even it were not marked final (just for my own
understanding):
Wouldn't setting a parameter when calling _forward() only live within
the current action's lifetime and not persist to the action being
forwarded to.
Todd
On May 5, 2007, at 11:17 AM, Maurice Fonk wrote:
Indeed, that makes perfect sense. Enforcing compatibility between
modules does sound kind of important ;).
Still, having to add aditional parameters to the request, or checking
whether the action name is in the path info feels like a bit of a
hack to me. Furthermore, if I have an index action, the word 'index'
may not even be in the path info (because it's the default
controller/action), so checking for it wouldn't always tell you
whether it was called directly. On the other hand, you probably
wouldn't have an index action that shouldn't be callable directly.
It would be nice if there was a standard way to check for forwards,
and enforce some actions to be callable only that way.
Maurice
Matthew Weier O'Phinney wrote:
-- Maurice Fonk <[EMAIL PROTECTED]> wrote
(on Saturday, 05 May 2007, 03:57 PM +0200):
Interesting. I wonder why the method is marked final? It seems to
me like extending it might come in useful, because in your case you
have to perform additional steps (adding validComponent to the
params) as well.
It was originally marked final because PHP doesn't enforce that
subclasses use the same parameter signature (not following it will
raise
an E_STRICT, but it's still allowed), and the only way to enforce
consistency in how it works was to mark it final.
The primary reason I feel it should remain final is due to the
modular functionality introduced in the 0.8.0 - 0.9.0 releases. When
developers start sharing application modules, there has to be some base
functionality that will continue to work between them. _forward() is
one
of those.
The point is that this method, and a handful of others in the action
controller, have functionality that should likely not change between
implementations so that applications
Todd Wolaver wrote:
Sorry about that last post... premature sending
The _forward() method is marked final in Zend_Controller_Action so
I can't add an attribute by extending the class.
This is what I've ended up doing, where validComponent is added to
the params passed to the _forward() method.
public function indexAction()
{
if($this-> _getParam('validComponent') !== true) throw new
Exception('Can not find page.');
edit processing
Ath_Component::addContent($this-> _getParam('divId'),
$this-> parse());
}
Thanks,
Todd
On May 4, 2007, at 5:28 PM, Maurice Fonk wrote:
I'm just thinking out loud here, but couldn't you add an
attribute to your controller base class, say _beenForwarded =
false; , then add a method:
protected function _forward(...) {
$this-> _beenForwarded = true;
parent::_forward(...);
}
This way you can easily check whether there the request has been
forwarded or not. Is this too short-sighted?
MF
Todd Wolaver wrote:
Thanks Matthew,
Unfortunately this will be a fairly large site with content
managers managing the content & URLs. In addition there could
be several _forwards() from a single "page" and the opportunity
to have a action/controller name somewhere in the path is too
great
Re: [fw-general] _forward() Question
-- Todd Wolaver <[EMAIL PROTECTED]> wrote
(on Saturday, 05 May 2007, 12:24 PM -0500):
> I agree that there should be a standard way to check for forwards or
> what actions have already been called. Possibly keeping track of this
> in the Front controller?
Feel free to create a proposal. :-)
> As far as the forward, even it were not marked final (just for my own
> understanding):
> Wouldn't setting a parameter when calling _forward() only live
> within the current action's lifetime and not persist to the action
> being forwarded to.
The idea, though, is that calls to _forward() should be predictable from
one module to another. If, for instance, you have overridden _forward()
for controllers in a module you distribute, and somebody overrides one
of your controller classes in their own site, they would expect
_forward() to work the documented way -- but could end up with something
radically different if the method was overridden: they may not get to
the action they expect.
I'd suggest that if you need to override _forward(), you should create
your own local method for doing so.
> On May 5, 2007, at 11:17 AM, Maurice Fonk wrote:
>
> > Indeed, that makes perfect sense. Enforcing compatibility between
> > modules does sound kind of important ;).
> >
> > Still, having to add aditional parameters to the request, or
> > checking whether the action name is in the path info feels like a
> > bit of a hack to me. Furthermore, if I have an index action, the
> > word 'index' may not even be in the path info (because it's the
> > default controller/action), so checking for it wouldn't always tell
> > you whether it was called directly. On the other hand, you probably
> > wouldn't have an index action that shouldn't be callable directly.
> >
> > It would be nice if there was a standard way to check for forwards,
> > and enforce some actions to be callable only that way.
> >
> > Maurice
> >
> > Matthew Weier O'Phinney wrote:
> > > -- Maurice Fonk <[EMAIL PROTECTED]> wrote
> > > (on Saturday, 05 May 2007, 03:57 PM +0200):
> > >
> > > > Interesting. I wonder why the method is marked final? It seems to
> > > > me like extending it might come in useful, because in your case
> > > > you have to perform additional steps (adding validComponent to
> > > > the params) as well.
> > > >
> > >
> > > It was originally marked final because PHP doesn't enforce that
> > > subclasses use the same parameter signature (not following it will
> > > raise
> > > an E_STRICT, but it's still allowed), and the only way to enforce
> > > consistency in how it works was to mark it final.
> > >
> > > The primary reason I feel it should remain final is due to the
> > > modular functionality introduced in the 0.8.0 - 0.9.0 releases. When
> > > developers start sharing application modules, there has to be some
> > > base
> > > functionality that will continue to work between them. _forward()
> > > is one
> > > of those.
> > >
> > > The point is that this method, and a handful of others in the action
> > > controller, have functionality that should likely not change between
> > > implementations so that applications
> > >
> > >
> > > > Todd Wolaver wrote:
> > > >
> > > > > Sorry about that last post... premature sending
> > > > > The _forward() method is marked final in Zend_Controller_Action
> > > > > so I can't add an attribute by extending the class.
> > > > >
> > > > > This is what I've ended up doing, where validComponent is added
> > > > > to the params passed to the _forward() method.
> > > > >
> > > > > public function indexAction()
> > > > > {
> > > > > if($this->_getParam('validComponent') !== true) throw
> > > > > new Exception('Can not find page.');
> > > > >
> > > > >
> > > > > edit processing
> > > > >
> > > > > Ath_Component::addContent($this->_getParam('divId'),
> > > > > $this->parse());
> > > > > }
> > > > >
> > > > > Thanks,
> > > > > Todd
> > > > >
> > > > > On May 4, 2007, at 5:28 PM, Maurice Fonk wrote:
> > > > >
> > > > >
> > > > > > I'm just thinking out loud here, but couldn't you add an
> > > > > > attribute to your controller base class, say _beenForwarded =
> > > > > > false; , then add a method:
> > > > > >
> > > > > > protected function _forward(...) {
> > > > > > $this->_beenForwarded = true;
> > > > > > parent::_forward(...);
> > > > > > }
> > > > > >
> > > > > > This way you can easily check whether there the request has
> > > > > > been forwarded or not. Is this too short-sighted?
> > > > > >
> > > > > > MF
> > > > > >
> > > > > > Todd Wolaver wrote:
> > > > > >
> > > > > > > Thanks Matthew,
> > > > > > >
> > > > > > > Unfortunately this will be a fairly large site with content
> > > > > > > managers managing the content & URLs. In addition there could
> > > > > > > be several _forwards() from a single "page" and the
> > > > > > > opportunity to have a action/controller name somewhere in the
> > > > > > > path is too great.
Re: [fw-general] _forward() Question
I agree that there should be a standard way to check for forwards or
what actions have already been called. Possibly keeping track of this
in the Front controller?
As far as the forward, even it were not marked final (just for my own
understanding):
Wouldn't setting a parameter when calling _forward() only live
within the current action's lifetime and not persist to the action
being forwarded to.
Todd
On May 5, 2007, at 11:17 AM, Maurice Fonk wrote:
Indeed, that makes perfect sense. Enforcing compatibility between
modules does sound kind of important ;).
Still, having to add aditional parameters to the request, or
checking whether the action name is in the path info feels like a
bit of a hack to me. Furthermore, if I have an index action, the
word 'index' may not even be in the path info (because it's the
default controller/action), so checking for it wouldn't always tell
you whether it was called directly. On the other hand, you probably
wouldn't have an index action that shouldn't be callable directly.
It would be nice if there was a standard way to check for forwards,
and enforce some actions to be callable only that way.
Maurice
Matthew Weier O'Phinney wrote:
-- Maurice Fonk <[EMAIL PROTECTED]> wrote
(on Saturday, 05 May 2007, 03:57 PM +0200):
Interesting. I wonder why the method is marked final? It seems to
me like extending it might come in useful, because in your case
you have to perform additional steps (adding validComponent to
the params) as well.
It was originally marked final because PHP doesn't enforce that
subclasses use the same parameter signature (not following it will
raise
an E_STRICT, but it's still allowed), and the only way to enforce
consistency in how it works was to mark it final.
The primary reason I feel it should remain final is due to the
modular functionality introduced in the 0.8.0 - 0.9.0 releases. When
developers start sharing application modules, there has to be some
base
functionality that will continue to work between them. _forward()
is one
of those.
The point is that this method, and a handful of others in the action
controller, have functionality that should likely not change between
implementations so that applications
Todd Wolaver wrote:
Sorry about that last post... premature sending
The _forward() method is marked final in Zend_Controller_Action
so I can't add an attribute by extending the class.
This is what I've ended up doing, where validComponent is added
to the params passed to the _forward() method.
public function indexAction()
{
if($this-> _getParam('validComponent') !== true) throw
new Exception('Can not find page.');
edit processing
Ath_Component::addContent($this-> _getParam('divId'),
$this-> parse());
}
Thanks,
Todd
On May 4, 2007, at 5:28 PM, Maurice Fonk wrote:
I'm just thinking out loud here, but couldn't you add an
attribute to your controller base class, say _beenForwarded =
false; , then add a method:
protected function _forward(...) {
$this-> _beenForwarded = true;
parent::_forward(...);
}
This way you can easily check whether there the request has
been forwarded or not. Is this too short-sighted?
MF
Todd Wolaver wrote:
Thanks Matthew,
Unfortunately this will be a fairly large site with content
managers managing the content & URLs. In addition there could
be several _forwards() from a single "page" and the
opportunity to have a action/controller name somewhere in the
path is too great.
At this point I'm probably going to add a parameter to the
user defined parameters that are passed to the action, then
check for the parameter in the action. Not my ideal solution,
but I can't find anything better.
Thanks again,
Todd
On May 4, 2007, at 4:08 PM, Matthew Weier O'Phinney wrote:
-- Todd Wolaver <[EMAIL PROTECTED]
> wrote
(on Friday, 04 May 2007, 03:21 PM -0500):
I have actions that are only intended to be called from a
_forward().
I'd like to put a security check at the head of the action
to check and see if the action is being called by a _forward
() or by URL. If it is being called by URL I'll display an
appropriate error.
I can think of ways to protect these actions by using
routes, mod_rewrite, passing params and other hacks... but
would like to have everything contained inside the action
and not rely on other methods.
Is there any way to tell if an action is being called from a
_forward()?
Check to see if the action name is in the request path:
if (strstr($this-> _request-> getPathInfo(), $this->
_request-> getActionName())) {
// action name is in the path info -- probably called
directly
}
Not entirely fool-proof, but it could work.
--
Maurice Fonk
[EMAIL PROTECTED]
http://naneau.nl/
Scio me nihil scire
Re: [fw-general] _forward() Question
Indeed, that makes perfect sense. Enforcing compatibility between
modules does sound kind of important ;).
Still, having to add aditional parameters to the request, or checking
whether the action name is in the path info feels like a bit of a hack
to me. Furthermore, if I have an index action, the word 'index' may not
even be in the path info (because it's the default controller/action),
so checking for it wouldn't always tell you whether it was called
directly. On the other hand, you probably wouldn't have an index action
that shouldn't be callable directly.
It would be nice if there was a standard way to check for forwards, and
enforce some actions to be callable only that way.
Maurice
Matthew Weier O'Phinney wrote:
-- Maurice Fonk <[EMAIL PROTECTED]> wrote
(on Saturday, 05 May 2007, 03:57 PM +0200):
Interesting. I wonder why the method is marked final? It seems to me
like extending it might come in useful, because in your case you have to
perform additional steps (adding validComponent to the params) as well.
It was originally marked final because PHP doesn't enforce that
subclasses use the same parameter signature (not following it will raise
an E_STRICT, but it's still allowed), and the only way to enforce
consistency in how it works was to mark it final.
The primary reason I feel it should remain final is due to the
modular functionality introduced in the 0.8.0 - 0.9.0 releases. When
developers start sharing application modules, there has to be some base
functionality that will continue to work between them. _forward() is one
of those.
The point is that this method, and a handful of others in the action
controller, have functionality that should likely not change between
implementations so that applications
Todd Wolaver wrote:
Sorry about that last post... premature sending
The _forward() method is marked final in Zend_Controller_Action so I
can't add an attribute by extending the class.
This is what I've ended up doing, where validComponent is added to the
params passed to the _forward() method.
public function indexAction()
{
if($this-> _getParam('validComponent') !== true) throw new
Exception('Can not find page.');
edit processing
Ath_Component::addContent($this-> _getParam('divId'),
$this-> parse());
}
Thanks,
Todd
On May 4, 2007, at 5:28 PM, Maurice Fonk wrote:
I'm just thinking out loud here, but couldn't you add an attribute to
your controller base class, say _beenForwarded = false; , then add a
method:
protected function _forward(...) {
$this-> _beenForwarded = true;
parent::_forward(...);
}
This way you can easily check whether there the request has been
forwarded or not. Is this too short-sighted?
MF
Todd Wolaver wrote:
Thanks Matthew,
Unfortunately this will be a fairly large site with content managers
managing the content & URLs. In addition there could be several
_forwards() from a single "page" and the opportunity to have a
action/controller name somewhere in the path is too great.
At this point I'm probably going to add a parameter to the user
defined parameters that are passed to the action, then check for the
parameter in the action. Not my ideal solution, but I can't find
anything better.
Thanks again,
Todd
On May 4, 2007, at 4:08 PM, Matthew Weier O'Phinney wrote:
-- Todd Wolaver <[EMAIL PROTECTED] > wrote
(on Friday, 04 May 2007, 03:21 PM -0500):
I have actions that are only intended to be called from a _forward().
I'd like to put a security check at the head of the action to
check and see if the action is being called by a _forward() or by
URL. If it is being called by URL I'll display an appropriate error.
I can think of ways to protect these actions by using routes,
mod_rewrite, passing params and other hacks... but would like to
have everything contained inside the action and not rely on other
methods.
Is there any way to tell if an action is being called from a
_forward()?
Check to see if the action name is in the request path:
if (strstr($this-> _request-> getPathInfo(),
$this-> _request-> getActionName())) {
// action name is in the path info -- probably called directly
}
Not entirely fool-proof, but it could work.
--
Maurice Fonk
[EMAIL PROTECTED]
http://naneau.nl/
Scio me nihil scire
Re: [fw-general] _forward() Question
-- Maurice Fonk <[EMAIL PROTECTED]> wrote
(on Saturday, 05 May 2007, 03:57 PM +0200):
> Interesting. I wonder why the method is marked final? It seems to me
> like extending it might come in useful, because in your case you have to
> perform additional steps (adding validComponent to the params) as well.
It was originally marked final because PHP doesn't enforce that
subclasses use the same parameter signature (not following it will raise
an E_STRICT, but it's still allowed), and the only way to enforce
consistency in how it works was to mark it final.
The primary reason I feel it should remain final is due to the
modular functionality introduced in the 0.8.0 - 0.9.0 releases. When
developers start sharing application modules, there has to be some base
functionality that will continue to work between them. _forward() is one
of those.
The point is that this method, and a handful of others in the action
controller, have functionality that should likely not change between
implementations so that applications
> Todd Wolaver wrote:
> > Sorry about that last post... premature sending
> >
> > The _forward() method is marked final in Zend_Controller_Action so I
> > can't add an attribute by extending the class.
> >
> > This is what I've ended up doing, where validComponent is added to the
> > params passed to the _forward() method.
> >
> >public function indexAction()
> >{
> >if($this-> _getParam('validComponent') !== true) throw new
> > Exception('Can not find page.');
> >
> >
> > edit processing
> >
> >Ath_Component::addContent($this-> _getParam('divId'),
> > $this-> parse());
> >}
> >
> > Thanks,
> > Todd
> >
> >
> > On May 4, 2007, at 5:28 PM, Maurice Fonk wrote:
> >
> > > I'm just thinking out loud here, but couldn't you add an attribute to
> > > your controller base class, say _beenForwarded = false; , then add a
> > > method:
> > >
> > > protected function _forward(...) {
> > > $this-> _beenForwarded = true;
> > > parent::_forward(...);
> > > }
> > >
> > > This way you can easily check whether there the request has been
> > > forwarded or not. Is this too short-sighted?
> > >
> > > MF
> > >
> > > Todd Wolaver wrote:
> > > > Thanks Matthew,
> > > >
> > > > Unfortunately this will be a fairly large site with content managers
> > > > managing the content & URLs. In addition there could be several
> > > > _forwards() from a single "page" and the opportunity to have a
> > > > action/controller name somewhere in the path is too great.
> > > >
> > > > At this point I'm probably going to add a parameter to the user
> > > > defined parameters that are passed to the action, then check for the
> > > > parameter in the action. Not my ideal solution, but I can't find
> > > > anything better.
> > > >
> > > > Thanks again,
> > > > Todd
> > > >
> > > >
> > > > On May 4, 2007, at 4:08 PM, Matthew Weier O'Phinney wrote:
> > > >
> > > > > -- Todd Wolaver <[EMAIL PROTECTED] > wrote
> > > > > (on Friday, 04 May 2007, 03:21 PM -0500):
> > > > > > I have actions that are only intended to be called from a
> > > > > > _forward().
> > > > > >
> > > > > > I'd like to put a security check at the head of the action to
> > > > > > check and see if the action is being called by a _forward() or by
> > > > > > URL. If it is being called by URL I'll display an appropriate
> > > > > > error.
> > > > > >
> > > > > > I can think of ways to protect these actions by using routes,
> > > > > > mod_rewrite, passing params and other hacks... but would like to
> > > > > > have everything contained inside the action and not rely on other
> > > > > > methods.
> > > > > >
> > > > > > Is there any way to tell if an action is being called from a
> > > > > > _forward()?
> > > > >
> > > > > Check to see if the action name is in the request path:
> > > > >
> > > > >if (strstr($this-> _request-> getPathInfo(),
> > > > > $this-> _request-> getActionName())) {
> > > > >// action name is in the path info -- probably called directly
> > > > >}
> > > > >
> > > > > Not entirely fool-proof, but it could work.
--
Matthew Weier O'Phinney
PHP Developer| [EMAIL PROTECTED]
Zend - The PHP Company | http://www.zend.com/
Re: [fw-general] _forward() Question
Interesting. I wonder why the method is marked final? It seems to me
like extending it might come in useful, because in your case you have to
perform additional steps (adding validComponent to the params) as well.
MF
Todd Wolaver wrote:
Sorry about that last post... premature sending
The _forward() method is marked final in Zend_Controller_Action so I
can't add an attribute by extending the class.
This is what I've ended up doing, where validComponent is added to the
params passed to the _forward() method.
public function indexAction()
{
if($this->_getParam('validComponent') !== true) throw new
Exception('Can not find page.');
edit processing
Ath_Component::addContent($this->_getParam('divId'),
$this->parse());
}
Thanks,
Todd
On May 4, 2007, at 5:28 PM, Maurice Fonk wrote:
I'm just thinking out loud here, but couldn't you add an attribute to
your controller base class, say _beenForwarded = false; , then add a
method:
protected function _forward(...) {
$this->_beenForwarded = true;
parent::_forward(...);
}
This way you can easily check whether there the request has been
forwarded or not. Is this too short-sighted?
MF
Todd Wolaver wrote:
Thanks Matthew,
Unfortunately this will be a fairly large site with content managers
managing the content & URLs. In addition there could be several
_forwards() from a single "page" and the opportunity to have a
action/controller name somewhere in the path is too great.
At this point I'm probably going to add a parameter to the user
defined parameters that are passed to the action, then check for the
parameter in the action. Not my ideal solution, but I can't find
anything better.
Thanks again,
Todd
On May 4, 2007, at 4:08 PM, Matthew Weier O'Phinney wrote:
-- Todd Wolaver <[EMAIL PROTECTED] > wrote
(on Friday, 04 May 2007, 03:21 PM -0500):
I have actions that are only intended to be called from a _forward().
I'd like to put a security check at the head of the action to
check and see if the action is being called by a _forward() or by
URL. If it is being called by URL I'll display an appropriate error.
I can think of ways to protect these actions by using routes,
mod_rewrite, passing params and other hacks... but would like to
have everything contained inside the action and not rely on other
methods.
Is there any way to tell if an action is being called from a
_forward()?
Check to see if the action name is in the request path:
if (strstr($this->_request->getPathInfo(),
$this->_request->getActionName())) {
// action name is in the path info -- probably called directly
}
Not entirely fool-proof, but it could work.
--
Matthew Weier O'Phinney
PHP Developer| [EMAIL PROTECTED]
Zend - The PHP Company | http://www.zend.com/
--
Maurice Fonk
[EMAIL PROTECTED]
http://naneau.nl/
Scio me nihil scire
Re: [fw-general] _forward() Question
Sorry about that last post... premature sending
The _forward() method is marked final in Zend_Controller_Action so I
can't add an attribute by extending the class.
This is what I've ended up doing, where validComponent is added to
the params passed to the _forward() method.
public function indexAction()
{
if($this->_getParam('validComponent') !== true) throw new
Exception('Can not find page.');
edit processing
Ath_Component::addContent($this->_getParam('divId'), $this-
>parse());
}
Thanks,
Todd
On May 4, 2007, at 5:28 PM, Maurice Fonk wrote:
I'm just thinking out loud here, but couldn't you add an attribute
to your controller base class, say _beenForwarded = false; , then
add a method:
protected function _forward(...) {
$this->_beenForwarded = true;
parent::_forward(...);
}
This way you can easily check whether there the request has been
forwarded or not. Is this too short-sighted?
MF
Todd Wolaver wrote:
Thanks Matthew,
Unfortunately this will be a fairly large site with content
managers managing the content & URLs. In addition there could be
several _forwards() from a single "page" and the opportunity to
have a action/controller name somewhere in the path is too great.
At this point I'm probably going to add a parameter to the user
defined parameters that are passed to the action, then check for
the parameter in the action. Not my ideal solution, but I can't
find anything better.
Thanks again,
Todd
On May 4, 2007, at 4:08 PM, Matthew Weier O'Phinney wrote:
-- Todd Wolaver <[EMAIL PROTECTED] > wrote
(on Friday, 04 May 2007, 03:21 PM -0500):
I have actions that are only intended to be called from a
_forward().
I'd like to put a security check at the head of the action to
check and see if the action is being called by a _forward() or
by URL. If it is being called by URL I'll display an
appropriate error.
I can think of ways to protect these actions by using routes,
mod_rewrite, passing params and other hacks... but would like to
have everything contained inside the action and not rely on
other methods.
Is there any way to tell if an action is being called from a
_forward()?
Check to see if the action name is in the request path:
if (strstr($this->_request->getPathInfo(), $this->_request-
>getActionName())) {
// action name is in the path info -- probably called
directly
}
Not entirely fool-proof, but it could work.
--
Matthew Weier O'Phinney
PHP Developer| [EMAIL PROTECTED]
Zend - The PHP Company | http://www.zend.com/
--
Maurice Fonk
[EMAIL PROTECTED]
http://naneau.nl/
Scio me nihil scire
Re: [fw-general] _forward() Question
The _forward() method is marked final in Zend_Controller_Action
public function indexAction()
{
if($this->_getParam('validComponent') !== true) throw new
Exception('Can not find page.');
edit processing
Ath_Component::addContent($this->_getParam('divId'), $this-
>parse());
}
Component
-
Todd Wolaver
[EMAIL PROTECTED]
1505 Park PL., Apt 20
College Station, TX 77840
Phone: 979-739-3256
AIM: miribota
MSN: [EMAIL PROTECTED]
-
On May 4, 2007, at 5:28 PM, Maurice Fonk wrote:
I'm just thinking out loud here, but couldn't you add an attribute
to your controller base class, say _beenForwarded = false; , then
add a method:
protected function _forward(...) {
$this->_beenForwarded = true;
parent::_forward(...);
}
This way you can easily check whether there the request has been
forwarded or not. Is this too short-sighted?
MF
Todd Wolaver wrote:
Thanks Matthew,
Unfortunately this will be a fairly large site with content
managers managing the content & URLs. In addition there could be
several _forwards() from a single "page" and the opportunity to
have a action/controller name somewhere in the path is too great.
At this point I'm probably going to add a parameter to the user
defined parameters that are passed to the action, then check for
the parameter in the action. Not my ideal solution, but I can't
find anything better.
Thanks again,
Todd
On May 4, 2007, at 4:08 PM, Matthew Weier O'Phinney wrote:
-- Todd Wolaver <[EMAIL PROTECTED] > wrote
(on Friday, 04 May 2007, 03:21 PM -0500):
I have actions that are only intended to be called from a
_forward().
I'd like to put a security check at the head of the action to
check and see if the action is being called by a _forward() or
by URL. If it is being called by URL I'll display an
appropriate error.
I can think of ways to protect these actions by using routes,
mod_rewrite, passing params and other hacks... but would like to
have everything contained inside the action and not rely on
other methods.
Is there any way to tell if an action is being called from a
_forward()?
Check to see if the action name is in the request path:
if (strstr($this->_request->getPathInfo(), $this->_request-
>getActionName())) {
// action name is in the path info -- probably called
directly
}
Not entirely fool-proof, but it could work.
--
Matthew Weier O'Phinney
PHP Developer| [EMAIL PROTECTED]
Zend - The PHP Company | http://www.zend.com/
--
Maurice Fonk
[EMAIL PROTECTED]
http://naneau.nl/
Scio me nihil scire
Re: [fw-general] _forward() Question
I'm just thinking out loud here, but couldn't you add an attribute to
your controller base class, say _beenForwarded = false; , then add a method:
protected function _forward(...) {
$this->_beenForwarded = true;
parent::_forward(...);
}
This way you can easily check whether there the request has been
forwarded or not. Is this too short-sighted?
MF
Todd Wolaver wrote:
Thanks Matthew,
Unfortunately this will be a fairly large site with content managers
managing the content & URLs. In addition there could be several
_forwards() from a single "page" and the opportunity to have a
action/controller name somewhere in the path is too great.
At this point I'm probably going to add a parameter to the user
defined parameters that are passed to the action, then check for the
parameter in the action. Not my ideal solution, but I can't find
anything better.
Thanks again,
Todd
On May 4, 2007, at 4:08 PM, Matthew Weier O'Phinney wrote:
-- Todd Wolaver <[EMAIL PROTECTED] > wrote
(on Friday, 04 May 2007, 03:21 PM -0500):
I have actions that are only intended to be called from a _forward().
I'd like to put a security check at the head of the action to check
and see if the action is being called by a _forward() or by URL. If
it is being called by URL I'll display an appropriate error.
I can think of ways to protect these actions by using routes,
mod_rewrite, passing params and other hacks... but would like to have
everything contained inside the action and not rely on other methods.
Is there any way to tell if an action is being called from a _forward()?
Check to see if the action name is in the request path:
if (strstr($this->_request->getPathInfo(),
$this->_request->getActionName())) {
// action name is in the path info -- probably called directly
}
Not entirely fool-proof, but it could work.
--
Matthew Weier O'Phinney
PHP Developer| [EMAIL PROTECTED]
Zend - The PHP Company | http://www.zend.com/
--
Maurice Fonk
[EMAIL PROTECTED]
http://naneau.nl/
Scio me nihil scire
Re: [fw-general] _forward() Question
Thanks Matthew,
Unfortunately this will be a fairly large site with content managers
managing the content & URLs. In addition there could be several
_forwards() from a single "page" and the opportunity to have a action/
controller name somewhere in the path is too great.
At this point I'm probably going to add a parameter to the user
defined parameters that are passed to the action, then check for the
parameter in the action. Not my ideal solution, but I can't find
anything better.
Thanks again,
Todd
On May 4, 2007, at 4:08 PM, Matthew Weier O'Phinney wrote:
-- Todd Wolaver <[EMAIL PROTECTED]> wrote
(on Friday, 04 May 2007, 03:21 PM -0500):
I have actions that are only intended to be called from a _forward().
I'd like to put a security check at the head of the action to check
and see if the action is being called by a _forward() or by URL. If
it is being called by URL I'll display an appropriate error.
I can think of ways to protect these actions by using routes,
mod_rewrite, passing params and other hacks... but would like to have
everything contained inside the action and not rely on other methods.
Is there any way to tell if an action is being called from a
_forward()?
Check to see if the action name is in the request path:
if (strstr($this->_request->getPathInfo(), $this->_request-
>getActionName())) {
// action name is in the path info -- probably called directly
}
Not entirely fool-proof, but it could work.
--
Matthew Weier O'Phinney
PHP Developer| [EMAIL PROTECTED]
Zend - The PHP Company | http://www.zend.com/
Re: [fw-general] _forward() Question
-- Todd Wolaver <[EMAIL PROTECTED]> wrote
(on Friday, 04 May 2007, 03:21 PM -0500):
> I have actions that are only intended to be called from a _forward().
>
> I'd like to put a security check at the head of the action to check
> and see if the action is being called by a _forward() or by URL. If
> it is being called by URL I'll display an appropriate error.
>
> I can think of ways to protect these actions by using routes,
> mod_rewrite, passing params and other hacks... but would like to have
> everything contained inside the action and not rely on other methods.
>
> Is there any way to tell if an action is being called from a _forward()?
Check to see if the action name is in the request path:
if (strstr($this->_request->getPathInfo(),
$this->_request->getActionName())) {
// action name is in the path info -- probably called directly
}
Not entirely fool-proof, but it could work.
--
Matthew Weier O'Phinney
PHP Developer| [EMAIL PROTECTED]
Zend - The PHP Company | http://www.zend.com/
[fw-general] _forward() Question
Hello, I have actions that are only intended to be called from a _forward(). I'd like to put a security check at the head of the action to check and see if the action is being called by a _forward() or by URL. If it is being called by URL I'll display an appropriate error. I can think of ways to protect these actions by using routes, mod_rewrite, passing params and other hacks... but would like to have everything contained inside the action and not rely on other methods. Is there any way to tell if an action is being called from a _forward()? Thanks, Todd
