[symfony-users] RE: Complex criteria creation - hotel room bookings problem
Further to my original message, I have managed to work some of the problem out... creating a function in the BookingPeer.php file... This current version uses no passed criteria for the current date or date selected by the user in the view... function getBookedUnbooked() { $con = Propel::getConnection(); $sql = SELECT booking.* FROM booking WHERE '2008-06-12' BETWEEN start_date AND end_date UNION SELECT 0 as id, 0 as client_id, id AS room_id, '-00-00' as start_date, '-00-00' as end_date, 0 as adults, 0 as children, '-00-00 00:00:00' as created_at FROM room WHERE room.id NOT IN ( SELECT room_id FROM booking WHERE '2008-06-12' BETWEEN start_date AND end_date ) ORDER BY room_id ; $stmt = $con-createStatement(); $rs = $stmt-executeQuery($sql, ResultSet::FETCHMODE_NUM); return BookingPeer::populateObjects($rs); } // end function Next step is to add the passed criteria... Also, is there a way to do the above using the addCriteria/addAscendingOrderByColumn and other Propel capabilities? It would be nicer than using the above just in case the structure of the database changed! Adrian -Original Message- From: Gould, Adrian Sent: Fri 6/13/2008 13:52 To: Symfony Googlegroup Subject: Complex criteria creation - hotel room bookings problem Hi all I am trying to create the following SQL as a PROPEL criteria to sit in the Bookings model. Details are: Schema-- booking: id: ~ client_id: integer room_id:integer start_date: date end_date: date adults: integer children: integer created_at: timestamp client: id: ~ name: varchar(128) created_at: timestamp room: id: ~ name: varchar(128) price: decimal bed:integer created_at: timestamp SQL- [with checkDate being the date to be checked that is passed from the view] SELECT room_id, 'Y' AS booked FROM booking WHERE checkDate BETWEEN start_date AND end_date UNION SELECT id AS room_id, 'N' AS booked FROM room WHERE id NOT IN ( SELECT room_id FROM booking WHERE checkDate BETWEEN start_date AND end_date ) ORDER BY room_id The eventual purpose is to display a table in the view with rooms and dates booked: Room Date 101 102 103 201 202 203 20080612YNYNYN 20080613YNNNYY 20080614NYYNYY 20080615NNYNYN Now I am making an assumption that this is best placed in the Booking.php file in lib/model so that results are available to more than one controller. I am not that familiar with PROPEL yet, so help is appreciated. Once I have this little application working I am aiming to provide it to the symfony community as a tutorial via our IT web site, so help will be credited both here and in the articles. Adrian --- Adrian Gould Lecturer in IT / Network Engineering / Multimedia Business Finance Computing [Midland Campus] Swan TAFE PO BOX 1336, Midland WA 6936 Phone: (08) 9267 eMail: [EMAIL PROTECTED] --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups symfony users group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en -~--~~~~--~~--~--~---
[symfony-users] RE: Complex criteria creation - hotel room bookings problem
Another adjunct to the problem... I have got the filter working, but still would like to see: Is there a way to do the above using the addCriteria/addAscendingOrderByColumn and other Propel capabilities? It would be nicer than using the SQL code below just in case the structure of the database changed! Adrian - from BookingPeer.php - class BookingPeer extends BaseBookingPeer { function getBookedUnbooked($date) { $con = Propel::getConnection(); $sql = SELECT booking.* FROM booking WHERE '.$date.' BETWEEN start_date AND end_date UNION SELECT 0 as id, 0 as client_id, id AS room_id, '-00-00' as start_date, '-00-00' as end_date, 0 as adults, 0 as children, '-00-00 00:00:00' as created_at FROM room WHERE room.id NOT IN ( SELECT room_id FROM booking WHERE '.$date.' BETWEEN start_date AND end_date ) ORDER BY room_id ; $stmt = $con-createStatement(); $rs = $stmt-executeQuery($sql, ResultSet::FETCHMODE_NUM); // $this-bookings = BookingPeer::populateObjects(BookingPeer::doSelectRS($rs, $con)); return BookingPeer::populateObjects($rs); } } - from actions.class.php - public function executeShowbooked() { if (!$this-getRequestParameter('checkDate') ) { $this-checkDate = date('Y-m-d'); } else { $this-checkDate = $this-getRequestParameter('checkDate'); } $this-checkDate = $this-getRequestParameter('checkDate'); $this-bookings = BookingPeer::getBookedUnbooked( $this-checkDate); } - from showbookedSuccess.php - ?php echo form_tag('booking/showbooked') ? pCheck this date:?php echo input_date_tag('checkDate',$checkDate, array ( 'rich' = true, 'withtime' = false, )) ? ?php echo submit_tag('Check...'); ?/p - the rest of the form / results display is not shown - Still will want to take this a step further and show rooms and dates booked in a grid or matrix as shown below: Room Date 101 102 103 201 202 203 20080612YNYNYN 20080613YNNNYY 20080614NYYNYY 20080615NNYNYN Adrian --- Adrian Gould Lecturer in IT / Network Engineering / Multimedia Business Finance Computing [Midland Campus] Swan TAFE PO BOX 1336, Midland WA 6936 Phone: (08) 9267 eMail: [EMAIL PROTECTED] --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups symfony users group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en -~--~~~~--~~--~--~---
[symfony-users] [1.1] Customize asset directories
Hi, I read the cookbook article about how to customize the projects / applications directory structure. But there's one little tiny thing I'm missing: how to customize the web's css js asset directories. We use 'styles' and 'scripts' for those directories, and don't want to break this standard. I'd like to know how to customize it without using /styles/ and / scripts/ prefixes in my view.yml files ... Cheers, Pierre --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups symfony users group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en -~--~~~~--~~--~--~---
[symfony-users] Re: Conception problem... Module / Application
Hi, I finally chose Richtermeister's solution. I will apply different layout, template and products list according to a :boutique parameter passed in the url, just before the module/action route.. Thank you all Olivier On 12 juin, 19:02, Richtermeister [EMAIL PROTECTED] wrote: Hey Olivier, I would build one app with all the required modules for a store (catalog, checkout, account, etc), and make each module smart enough to customize itself based on certain parameters, such as the url. Then you can swap out layout, templates, stylesheets etc, based on store configuration settings. At least fo me having separate apps that fundamentally do the same thing sounds wrong. My 2 cents, Daniel On Jun 11, 11:53 pm, obalais [EMAIL PROTECTED] wrote: Hi, I read the entire dwhittle article about ysfDimensions plugin and I think it can't solve my problem. The dimensions allowed values must be declared in a yml configuration file. I can't edit this yml file each time a member create his own online shop... Maybe I'm wrong and there is a tip which should help me... Nicolas, I just don't understand your solution. The shop are not generated. I must have one application or one module which, according to parameters in the url, shows shops with a defined template and selected products... Thanks Olivier On 11 juin, 21:38, Jacob Coby [EMAIL PROTECTED] wrote: Have you looked at the ysfDimensionsPlugin? http://trac.symfony-project.com/wiki/ysfDimensionsPlugin It sounds like it'll do everything you need (I have no experience with it). Seems to be quite popular as well. On Jun 11, 2008, at 10:40 AM, obalais wrote: Hi everyone, For the purpose of a work placement, i have to develop a web application allowing its users to create their own online shop from a set of pre defined products. Roughly, users, can browse the website to see a list of most recently created shop, find some information and then sign up to create their own. An Url like myapplication.com/my_shop/ would then be their online shop location. To talk more about that shop, it should display the products that the user has previously chosen, a contact page, and some other miscellaneous informations, according to the level of customisation that the user would potentially apply (different colors or layout for example). Well now, my problem is a design one. In other words, I have some difficulties to find the best solution in order to achieve that Do you think I should represent those online shops as an application module?, or as an application containing different modules(products, categories, contact..)? I have to admit that I would prefer the second option but also that I unfortunatelydon't have any clue how to ensure the fact that my application effectively displays the correct modules according to the chosen shop. I would be very pleased if anyone has an interesting opinion to share on that subject, in order to give some advices Thanking you sincerely yours Olivier -- Jacob Coby [EMAIL PROTECTED] --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups symfony users group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en -~--~~~~--~~--~--~---
[symfony-users] sfPageFlowPlugin?
Did anybody manage to get the demo working for this? It's still got me stumped :-/ --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups symfony users group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en -~--~~~~--~~--~--~---
[symfony-users] sfWidgetFormSelect (selected value)
How can I set selected value for sfWidgetFormSelect? --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups symfony users group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en -~--~~~~--~~--~--~---
[symfony-users] template using variables defined in the action class
Hi I am defining a variable in my action class like this: class myActions extends sfActions { public $var ... I assume that I have access to variable $var in any of my templates, but it is not the case. The only thing I could do is to have $this-foo = $this-var in my corresponding action function and access $foo in my template. Am I wrong that templates have access to all public variables defined in the action class? --Mohammad --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups symfony users group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en -~--~~~~--~~--~--~---
[symfony-users] Re: Customize asset directories
On Jun 13, 4:05 am, Pierre [EMAIL PROTECTED] wrote: I read the cookbook article about how to customize the projects / applications directory structure. But there's one little tiny thing I'm missing: how to customize the web's css js asset directories. We use 'styles' and 'scripts' for those directories, and don't want to break this standard. I'd like to know how to customize it without using /styles/ and / scripts/ prefixes in my view.yml files ... You can put PHP code in your YAML file, so you could define PHP constants and use those as a prefix. -- --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups symfony users group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en -~--~~~~--~~--~--~---
[symfony-users] Re: template using variables defined in the action class
On Jun 13, 11:13 am, Mohammad Ali Safari [EMAIL PROTECTED] wrote: I am defining a variable in my action class like this: class myActions extends sfActions { public $var ... I assume that I have access to variable $var in any of my templates, but it is not the case. The only thing I could do is to have $this-foo = $this-var in my corresponding action function and access $foo in my template. Am I wrong that templates have access to all public variables defined in the action class? Yes. :-) If you want $foo in your template you need to set $this-foo in your action. -- --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups symfony users group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en -~--~~~~--~~--~--~---
[symfony-users] Re: Slightly offtopic - CC encryption / decryption
Hi all, your points are well taken, and I'm not trying to put the cc numbers into a database for the very same reason.. I do, however, have to put it into the session as part of the checkout process, before I even get to use a payment gateway (after that it'll get obfuscated right away, and I only store the last 4 digits, yes..). Since session files are non-encrypted, and the system may at some point run on a shared server, I would like to encrypt at least the number before I put it in. Sounds good? Thanks for all your help. And thanks Dustin for reminding me of the plugin. I completely forgot about it. :) Have a great day, Daniel On Jun 12, 5:30 pm, Alistair Stead [EMAIL PROTECTED] wrote: There are major implication of storing such data and in the UK there are particularly stringent restrictions on how and where you can store such data. I believe this goes as far as dictating hardware setup etc. My advice would be evaluate the reason why you are storing this information and think about shifting this task to a dedicated payment gateway service. These services are setup to ensure all legislation is covered and users personal data is protected. If you are storing data for delayed or repeat billing these service should be able to facilitate this. I have in the past been asked by a number of clients to store this data so they could process orders manually through a PDQ terminal... All to save paying for a payment gateway. Although the risk may seem small. Just imagine the implications of someone gaining access to your server? (This does happen) Alistair 2008/6/12 Dustin Whittle [EMAIL PROTECTED]: Also, see the dwCryptPlugin for a simple interface to mcrypt encryption. - Dustin On 6/12/08 2:33 PM, Lee Bolding [EMAIL PROTECTED] wrote: You may want to check this :http://en.wikipedia.org/wiki/PCI_DSS before you go ahead and do that. A company processing, storing, or transmitting payment card data must be PCI DSS compliant or risk losing their ability to process credit card payments and being audited and/or fined I think you'll find that one way functions are mandatory, and that you're only ever allowed to store the last 4 card digits in plain. On 12 Jun 2008, at 22:02, Richtermeister wrote: Thanks Mohammad, that is exactly what I was looking for! And another reason to get mcrypt working on my server ;) Thanks again, have a great day. Daniel On Jun 12, 1:37 pm, Mohammad Ali Safari [EMAIL PROTECTED] wrote: Hi, I use the methods in PHP mcrypt module. I have these two methods: // Decription Encryption public static function encrypt($string, $key){ $cipher_alg = MCRYPT_RIJNDAEL_128; $iv = mcrypt_create_iv(mcrypt_get_iv_size($cipher_alg, MCRYPT_MODE_ECB), MCRYPT_RAND); $encrypted_string = base64_encode(mcrypt_encrypt($cipher_alg, $key, $string, MCRYPT_MODE_CBC, $iv)); $iv_encode = base64_encode($iv); return $encrypted_string.'_'.$iv_encode; } public static function decrypt($encrypted_string, $key){ $cipher_alg = MCRYPT_RIJNDAEL_128; list($encrypted_string, $iv) = explode('_', $encrypted_string); $decrypted_string = mcrypt_decrypt($cipher_alg, $key, base64_decode($encrypted_string), MCRYPT_MODE_CBC, base64_decode($iv)); $len = strlen($decrypted_string); $j = $len-1; while ($decrypted_string[$j] == \0) $j--; $decrypted_string = substr($decrypted_string, 0, $j+1); return $decrypted_string; } where $key is some fixed value stored in my app.yml file. --Mohammad -- Alistair Stead Senior Interactive Developer Mobile: +44 (0) 7788 107 333 Email: [EMAIL PROTECTED] WWW: designdisclosure.com The information contained in this email is confidential and may contain proprietary information. It is meant solely for the intended recipient/recipients. Access to this email by anyone else is unauthorised. If you are not the intended recipient, any disclosure, copying, distribution or any action taken or omitted in reliance on this, is prohibited and may be unlawful. Please consider the environment before printing this e-mail. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups symfony users group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en -~--~~~~--~~--~--~---
[symfony-users] Re: template using variables defined in the action class
Thanks Eno. My exact question is can I define a variable in my action class OUT OF my action FUNCTION and still access it in my template? cheers, --mohammad On Fri, Jun 13, 2008 at 10:57 AM, Eno [EMAIL PROTECTED] wrote: On Jun 13, 11:13 am, Mohammad Ali Safari [EMAIL PROTECTED] wrote: I am defining a variable in my action class like this: class myActions extends sfActions { public $var ... I assume that I have access to variable $var in any of my templates, but it is not the case. The only thing I could do is to have $this-foo = $this-var in my corresponding action function and access $foo in my template. Am I wrong that templates have access to all public variables defined in the action class? Yes. :-) If you want $foo in your template you need to set $this-foo in your action. -- --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups symfony users group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en -~--~~~~--~~--~--~---
[symfony-users] Re: How do I access a validate .yml setting in my template?
Hi Daevid, other than parsing the file into an array via the Yaml class I don't think you can get to it. Out of interest, what are you trying to do? Daniel On Jun 12, 2:40 pm, Daevid Vincent [EMAIL PROTECTED] wrote: I asked this before and got no real answer. Is this not possible? Can I not access values of the validate/update.yml file? -Original Message- From: symfony-users@googlegroups.com [mailto:[EMAIL PROTECTED] On Behalf Of Daevid Vincent Sent: Tuesday, June 03, 2008 1:58 PM To: symfony-users@googlegroups.com Subject: [symfony-users] Re: How do I access a validate .yml setting in my template? You misunderstand. We're using that already. But it's assinine to bog down the server just to find out that the person didn't supply a form element properly. That's why God invented Javascript and form validation. The server side validation should be used as a last resort for those unfortunate fools (or crackers trying to trick the system) that don't have JS in their browser. As found herehttp://www.symfony-project.org/book/1_0/10-Forms#Form%20Validation The client-side validation is to be done with custom JavaScript. This is exactly what I'm trying to do! I'm using onClick=return checkForm(this.form); on the submit button. SCRIPT LANGUAGE=JavaScript TYPE=text/javascript !-- ?php //TODO: these should be using the entries from modules\user\validate\update.yml ... how do I do that? ? function checkForm(myForm) { with ( myForm ) { if( new_password.value.length 6 ) { alert(?=__('Please enter a secure password of at least 6 characters.')?); new_password.focus(); new_password.select(); return false; } return true; } //-- /script But how the [EMAIL PROTECTED]($ do I pull the 6 from the update.yml file that my sfFormValidation is using?! http://www.symfony-project.org/book/1_0/05-Configuring-Symfony#The%20... g%20Class Says, you can access settings from within the application code through the sfConfig class. It is a registry for configuration parameters, with a simple getter class method, accessible from every part of the code: // Retrieve a setting parameter = sfConfig::get('param_name', $default_value); The parameter name is the concatenation of several elements, separated by underscores, in this order: * A prefix related to the configuration file name (sf_ for settings.yml, app_ for app.yml, mod_ for module.yml, sf_i18n_ for i18n.yml, and sf_logging_ for logging.yml) * The parent keys (if defined), in lowercase * The name of the key, in lowercase But as you notice it says NOTHING of the _update.yml_ file! I simply want to do something like this in my JS: if( new_password.value.length ?php echo sfConfig::get('update_password_min_length'); ? ) { Is there seriously no way to do this seemingly obvious task built in?!?!? Do I actually have to read the update.yml file with $updateParams = sfYaml::load('modules\user\validate\update.yml'); And parse it out, even though it should be available to me? http://www.symfony-project.org/book/1_0/05-Configuring-Symfony#Browsi... ur%20Own%20YAML%20File -Original Message- From: symfony-users@googlegroups.com [mailto:[EMAIL PROTECTED] On Behalf Of Stereo Sent: Monday, June 02, 2008 5:51 PM To: symfony users Subject: [symfony-users] Re: How do I access a validate .yml setting in my template? Hi Daevid, I haven't used it myself but you may want to try this plugin: http://trac.symfony-project.com/wiki/sfFormValidationPlugin On Jun 2, 8:27 pm, Daevid Vincent [EMAIL PROTECTED] wrote: I asked this before, but got no replies. Surely this is possible no? I wish to use JS to validate the form first before bogging down my server, it would be nice to use the same .yml entries rather than hard-code them into the page. Sent: Monday, May 19, 2008 7:00 PM In my modules\user\validate\register.yml file I have: usernameSizeValidator: class: sfStringValidator param: min:4 min_error: Username must be 4 or more characters max:15 max_error: Username must be 15 or less characters How can I access the min and max values to display in my registerSuccess.php page? As in, No spaces minimum 4 characters, maximum 15 characters. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups symfony users group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en -~--~~~~--~~--~--~---
[symfony-users] Re: Slightly offtopic - CC encryption / decryption
Richtermeister wrote: Hi all, your points are well taken, and I'm not trying to put the cc numbers into a database for the very same reason.. I do, however, have to put it into the session as part of the checkout process, before I even get to use a payment gateway (after that it'll get obfuscated right away, and I only store the last 4 digits, yes..). Since session files are non-encrypted, and the system may at some point run on a shared server, I would like to encrypt at least the number before I put it in. Sounds good? What is stopping them from decrypting them? If they can read the session files, they can read the key to decrypt as well. My suggestion would be to store the sessions in a DB, so they aren't readable by anyone who can't login to your DB with your credentials. Though I guess they can read your connection file... I just wonder if there really is a way to store this safely... -- Nathanael d. Noblet Gnat Solutions, Inc T: 403.875.4613 --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups symfony users group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en -~--~~~~--~~--~--~---
[symfony-users] Re: Slightly offtopic - CC encryption / decryption
I assume you use the secure protocol (HTTPS) to do all these and store credit card info on server side. What's the problem then in regard to security? --Mohammad On Fri, Jun 13, 2008 at 12:58 PM, Nathanael D. Noblet [EMAIL PROTECTED] wrote: Richtermeister wrote: Hi all, your points are well taken, and I'm not trying to put the cc numbers into a database for the very same reason.. I do, however, have to put it into the session as part of the checkout process, before I even get to use a payment gateway (after that it'll get obfuscated right away, and I only store the last 4 digits, yes..). Since session files are non-encrypted, and the system may at some point run on a shared server, I would like to encrypt at least the number before I put it in. Sounds good? What is stopping them from decrypting them? If they can read the session files, they can read the key to decrypt as well. My suggestion would be to store the sessions in a DB, so they aren't readable by anyone who can't login to your DB with your credentials. Though I guess they can read your connection file... I just wonder if there really is a way to store this safely... -- Nathanael d. Noblet Gnat Solutions, Inc T: 403.875.4613 --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups symfony users group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en -~--~~~~--~~--~--~---
[symfony-users] Re: Slightly offtopic - CC encryption / decryption
Just a thought, but I'd strongly advise you against storing this kind of information unless you/your company has the kind of legal backing and security infrastructure to support protecting such critical information. I know this doesn't answer your question, but the reality is there the is not going to be a good solution for this problem as it is a sort of chicken and egg problem. Even if you use the most sophisticated public/private key encryption, compromising the server would spell disaster. (After all, the software can read it, no?) Large companies like PayPal and the like have invested millions in security and indeed, when people buy online they expect this sort of security. Protect your customers and you will protect your business Just my 2-cents. Best, JLS On Jun 13, 2008, at 12:08 PM, Mohammad Ali Safari wrote: I assume you use the secure protocol (HTTPS) to do all these and store credit card info on server side. What's the problem then in regard to security? --Mohammad On Fri, Jun 13, 2008 at 12:58 PM, Nathanael D. Noblet [EMAIL PROTECTED] wrote: Richtermeister wrote: Hi all, your points are well taken, and I'm not trying to put the cc numbers into a database for the very same reason.. I do, however, have to put it into the session as part of the checkout process, before I even get to use a payment gateway (after that it'll get obfuscated right away, and I only store the last 4 digits, yes..). Since session files are non-encrypted, and the system may at some point run on a shared server, I would like to encrypt at least the number before I put it in. Sounds good? What is stopping them from decrypting them? If they can read the session files, they can read the key to decrypt as well. My suggestion would be to store the sessions in a DB, so they aren't readable by anyone who can't login to your DB with your credentials. Though I guess they can read your connection file... I just wonder if there really is a way to store this safely... -- Nathanael d. Noblet Gnat Solutions, Inc T: 403.875.4613 --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups symfony users group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en -~--~~~~--~~--~--~---
[symfony-users] Re: Slightly offtopic - CC encryption / decryption
Why do you assume the key is in the session? If I were going to encrypt something and put it in the session, the key sure would not be along with it, I would use data specific to the user (each user has their own key). based on things like username/zipcode/ipaddress probably a mashup of 3 bits of personal information that not everyone would be able to get. James On Jun 13, 2008, at 2:58 PM, Nathanael D. Noblet wrote: Richtermeister wrote: Hi all, your points are well taken, and I'm not trying to put the cc numbers into a database for the very same reason.. I do, however, have to put it into the session as part of the checkout process, before I even get to use a payment gateway (after that it'll get obfuscated right away, and I only store the last 4 digits, yes..). Since session files are non-encrypted, and the system may at some point run on a shared server, I would like to encrypt at least the number before I put it in. Sounds good? What is stopping them from decrypting them? If they can read the session files, they can read the key to decrypt as well. My suggestion would be to store the sessions in a DB, so they aren't readable by anyone who can't login to your DB with your credentials. Though I guess they can read your connection file... I just wonder if there really is a way to store this safely... -- Nathanael d. Noblet Gnat Solutions, Inc T: 403.875.4613 --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups symfony users group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en -~--~~~~--~~--~--~---
[symfony-users] Re: How do I access a validate .yml setting in my template?
*sigh* Thanks for the reply Richtermeister. I thought I was pretty clear in my email below, but just to re-iterate. I'm trying to prevent the redundancy of having to type a string of error message in the Javascript AND in the .yml file. It seems utterly stupid to me that Symfony has all this validation, and I can set a min/max length and an error string to output, yet doesn't have basic JS validation built in. Further exacerbated by the fact that it appears I can't even pull those min/max/error string values out from the .yml file and display them in my javascript validation routines. So this defeats the whole purpose of MVC, refactoring and write-once-use-many, etc. -Original Message- From: symfony-users@googlegroups.com [mailto:[EMAIL PROTECTED] On Behalf Of Richtermeister Sent: Friday, June 13, 2008 10:21 AM To: symfony users Subject: [symfony-users] Re: How do I access a validate .yml setting in my template? Hi Daevid, other than parsing the file into an array via the Yaml class I don't think you can get to it. Out of interest, what are you trying to do? Daniel On Jun 12, 2:40 pm, Daevid Vincent [EMAIL PROTECTED] wrote: I asked this before and got no real answer. Is this not possible? Can I not access values of the validate/update.yml file? -Original Message- From: symfony-users@googlegroups.com [mailto:[EMAIL PROTECTED] On Behalf Of Daevid Vincent Sent: Tuesday, June 03, 2008 1:58 PM To: symfony-users@googlegroups.com Subject: [symfony-users] Re: How do I access a validate .yml setting in my template? You misunderstand. We're using that already. But it's assinine to bog down the server just to find out that the person didn't supply a form element properly. That's why God invented Javascript and form validation. The server side validation should be used as a last resort for those unfortunate fools (or crackers trying to trick the system) that don't have JS in their browser. As found herehttp://www.symfony-project.org/book/1_0/10-Forms#Form%20Validation The client-side validation is to be done with custom JavaScript. This is exactly what I'm trying to do! I'm using onClick=return checkForm(this.form); on the submit button. SCRIPT LANGUAGE=JavaScript TYPE=text/javascript !-- ?php //TODO: these should be using the entries from modules\user\validate\update.yml ... how do I do that? ? function checkForm(myForm) { with ( myForm ) { if( new_password.value.length 6 ) { alert(?=__('Please enter a secure password of at least 6 characters.')?); new_password.focus(); new_password.select(); return false; } return true; } //-- /script But how the [EMAIL PROTECTED]($ do I pull the 6 from the update.yml file that my sfFormValidation is using?! http://www.symfony-project.org/book/1_0/05-Configuring-Symfony #The%20... g%20Class Says, you can access settings from within the application code through the sfConfig class. It is a registry for configuration parameters, with a simple getter class method, accessible from every part of the code: // Retrieve a setting parameter = sfConfig::get('param_name', $default_value); The parameter name is the concatenation of several elements, separated by underscores, in this order: * A prefix related to the configuration file name (sf_ for settings.yml, app_ for app.yml, mod_ for module.yml, sf_i18n_ for i18n.yml, and sf_logging_ for logging.yml) * The parent keys (if defined), in lowercase * The name of the key, in lowercase But as you notice it says NOTHING of the _update.yml_ file! I simply want to do something like this in my JS: if( new_password.value.length ?php echo sfConfig::get('update_password_min_length'); ? ) { Is there seriously no way to do this seemingly obvious task built in?!?!? Do I actually have to read the update.yml file with $updateParams = sfYaml::load('modules\user\validate\update.yml'); And parse it out, even though it should be available to me? http://www.symfony-project.org/book/1_0/05-Configuring-Symfony #Browsi... ur%20Own%20YAML%20File -Original Message- From: symfony-users@googlegroups.com [mailto:[EMAIL PROTECTED] On Behalf Of Stereo Sent: Monday, June 02, 2008 5:51 PM To: symfony users Subject: [symfony-users] Re: How do I access a validate .yml setting in my template? Hi Daevid, I haven't used it myself but you may want to try this plugin: http://trac.symfony-project.com/wiki/sfFormValidationPlugin On Jun 2, 8:27 pm, Daevid Vincent [EMAIL PROTECTED] wrote: I asked this before, but got no replies. Surely this is possible no? I wish to use JS to validate the form first before bogging
[symfony-users] Re: How do I access a validate .yml setting in my template?
Hi Daevid, Take a look at the execution filter to see how symfony uses the validation.yml files: http://trac.symfony-project.com/browser/branches/1.0/lib/filter/sfExecutionFilter.class.php#L91 More to your point, isn't duplication of the validation logic a larger DRY concern than duplication of error messages? Perhaps you should consider using an AJAX validation mechanism the runs the form parameters through a symfony action and responds 200 or 412 + a JSON object with any error messages. This can easily be accomplished with the handleErrorFoo() methods. Kris On Jun 13, 7:22 pm, Daevid Vincent [EMAIL PROTECTED] wrote: *sigh* Thanks for the reply Richtermeister. I thought I was pretty clear in my email below, but just to re-iterate. I'm trying to prevent the redundancy of having to type a string of error message in the Javascript AND in the .yml file. It seems utterly stupid to me that Symfony has all this validation, and I can set a min/max length and an error string to output, yet doesn't have basic JS validation built in. Further exacerbated by the fact that it appears I can't even pull those min/max/error string values out from the .yml file and display them in my javascript validation routines. So this defeats the whole purpose of MVC, refactoring and write-once-use-many, etc. -Original Message- From: symfony-users@googlegroups.com [mailto:[EMAIL PROTECTED] On Behalf Of Richtermeister Sent: Friday, June 13, 2008 10:21 AM To: symfony users Subject: [symfony-users] Re: How do I access a validate .yml setting in my template? Hi Daevid, other than parsing the file into an array via the Yaml class I don't think you can get to it. Out of interest, what are you trying to do? Daniel On Jun 12, 2:40 pm, Daevid Vincent [EMAIL PROTECTED] wrote: I asked this before and got no real answer. Is this not possible? Can I not access values of the validate/update.yml file? -Original Message- From: symfony-users@googlegroups.com [mailto:[EMAIL PROTECTED] On Behalf Of Daevid Vincent Sent: Tuesday, June 03, 2008 1:58 PM To: symfony-users@googlegroups.com Subject: [symfony-users] Re: How do I access a validate .yml setting in my template? You misunderstand. We're using that already. But it's assinine to bog down the server just to find out that the person didn't supply a form element properly. That's why God invented Javascript and form validation. The server side validation should be used as a last resort for those unfortunate fools (or crackers trying to trick the system) that don't have JS in their browser. As found herehttp://www.symfony-project.org/book/1_0/10-Forms#Form%20Validation The client-side validation is to be done with custom JavaScript. This is exactly what I'm trying to do! I'm using onClick=return checkForm(this.form); on the submit button. SCRIPT LANGUAGE=JavaScript TYPE=text/javascript !-- ?php //TODO: these should be using the entries from modules\user\validate\update.yml ... how do I do that? ? function checkForm(myForm) { with ( myForm ) { if( new_password.value.length 6 ) { alert(?=__('Please enter a secure password of at least 6 characters.')?); new_password.focus(); new_password.select(); return false; } return true; } //-- /script But how the [EMAIL PROTECTED]($ do I pull the 6 from the update.yml file that my sfFormValidation is using?! http://www.symfony-project.org/book/1_0/05-Configuring-Symfony #The%20... g%20Class Says, you can access settings from within the application code through the sfConfig class. It is a registry for configuration parameters, with a simple getter class method, accessible from every part of the code: // Retrieve a setting parameter = sfConfig::get('param_name', $default_value); The parameter name is the concatenation of several elements, separated by underscores, in this order: * A prefix related to the configuration file name (sf_ for settings.yml, app_ for app.yml, mod_ for module.yml, sf_i18n_ for i18n.yml, and sf_logging_ for logging.yml) * The parent keys (if defined), in lowercase * The name of the key, in lowercase But as you notice it says NOTHING of the _update.yml_ file! I simply want to do something like this in my JS: if( new_password.value.length ?php echo sfConfig::get('update_password_min_length'); ? ) { Is there seriously no way to do this seemingly obvious task built in?!?!? Do I actually have to read the update.yml file with $updateParams = sfYaml::load('modules\user\validate\update.yml'); And parse it out, even though it should be available to me?
[symfony-users] Re: template using variables defined in the action class
Hi Mohammad, The action classes use the PHP magic __set() method, which is only used when an object member has NOT been defined yet. So the answer you're looking for is no. If you'd like to have certain variables set in every action in a module, consider using the -initialize() or - preExecute() method (the latter is not called when validation fails). This may shed some light on the matter: http://trac.symfony-project.com/browser/branches/1.0/lib/action/sfComponent.class.php#L252 Kris On Jun 13, 10:02 am, Mohammad Ali Safari [EMAIL PROTECTED] wrote: Thanks Eno. My exact question is can I define a variable in my action class OUT OF my action FUNCTION and still access it in my template? cheers, --mohammad On Fri, Jun 13, 2008 at 10:57 AM, Eno [EMAIL PROTECTED] wrote: On Jun 13, 11:13 am, Mohammad Ali Safari [EMAIL PROTECTED] wrote: I am defining a variable in my action class like this: class myActions extends sfActions { public $var ... I assume that I have access to variable $var in any of my templates, but it is not the case. The only thing I could do is to have $this-foo = $this-var in my corresponding action function and access $foo in my template. Am I wrong that templates have access to all public variables defined in the action class? Yes. :-) If you want $foo in your template you need to set $this-foo in your action. -- --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups symfony users group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en -~--~~~~--~~--~--~---
[symfony-users] Re: sfWidgetFormSelect (selected value)
Hi Dmitry, I believe default form values are set in one of three ways: * sfForm::__construct(array $defaults) * sfForm::setDefaults(array $defaults) * sfForm::setDefault(string $name, mixed $default) Kris On Jun 13, 6:55 am, Dmitry Nesteruk [EMAIL PROTECTED] wrote: How can I set selected value for sfWidgetFormSelect? --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups symfony users group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en -~--~~~~--~~--~--~---