[symfony-users] RE: Complex criteria creation - hotel room bookings problem
Further to my original message, I have managed to work some of the problem
out...
creating a function in the BookingPeer.php file...
This current version uses no passed criteria for the current date or date
selected by the user in the view...
function getBookedUnbooked()
{
$con = Propel::getConnection();
$sql =
SELECT booking.* FROM booking
WHERE '2008-06-12' BETWEEN start_date AND end_date
UNION
SELECT 0 as id, 0 as client_id, id AS room_id, '-00-00' as
start_date, '-00-00' as end_date, 0 as adults, 0 as children, '-00-00
00:00:00' as created_at FROM room
WHERE room.id NOT IN (
SELECT room_id FROM booking
WHERE '2008-06-12' BETWEEN start_date
AND end_date
)
ORDER BY room_id
;
$stmt = $con-createStatement();
$rs = $stmt-executeQuery($sql, ResultSet::FETCHMODE_NUM);
return BookingPeer::populateObjects($rs);
} // end function
Next step is to add the passed criteria...
Also, is there a way to do the above using the
addCriteria/addAscendingOrderByColumn and other Propel capabilities? It would
be nicer than using the above just in case the structure of the database
changed!
Adrian
-Original Message-
From: Gould, Adrian
Sent: Fri 6/13/2008 13:52
To: Symfony Googlegroup
Subject: Complex criteria creation - hotel room bookings problem
Hi all
I am trying to create the following SQL as a PROPEL criteria to sit in the
Bookings model.
Details are:
Schema--
booking:
id: ~
client_id: integer
room_id:integer
start_date: date
end_date: date
adults: integer
children: integer
created_at: timestamp
client:
id: ~
name: varchar(128)
created_at: timestamp
room:
id: ~
name: varchar(128)
price: decimal
bed:integer
created_at: timestamp
SQL-
[with checkDate being the date to be checked that is passed from the view]
SELECT room_id, 'Y' AS booked FROM booking
WHERE checkDate BETWEEN start_date AND end_date
UNION
SELECT id AS room_id, 'N' AS booked FROM room
WHERE id NOT IN (
SELECT room_id FROM booking
WHERE checkDate BETWEEN start_date AND end_date
)
ORDER BY room_id
The eventual purpose is to display a table in the view with rooms and dates
booked:
Room
Date 101 102 103 201 202 203
20080612YNYNYN
20080613YNNNYY
20080614NYYNYY
20080615NNYNYN
Now I am making an assumption that this is best placed in the Booking.php file
in lib/model so that results are available to more than one controller.
I am not that familiar with PROPEL yet, so help is appreciated.
Once I have this little application working I am aiming to provide it to the
symfony community as a tutorial via our IT web site, so help will be credited
both here and in the articles.
Adrian
---
Adrian Gould
Lecturer in IT / Network Engineering / Multimedia
Business Finance Computing [Midland Campus]
Swan TAFE
PO BOX 1336, Midland WA 6936
Phone: (08) 9267
eMail: [EMAIL PROTECTED]
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
symfony users group.
To post to this group, send email to symfony-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/symfony-users?hl=en
-~--~~~~--~~--~--~---
[symfony-users] RE: Complex criteria creation - hotel room bookings problem
Another adjunct to the problem...
I have got the filter working, but still would like to see:
Is there a way to do the above using the addCriteria/addAscendingOrderByColumn
and other Propel capabilities? It would be nicer than using the SQL code below
just in case the structure of the database changed!
Adrian
- from BookingPeer.php -
class BookingPeer extends BaseBookingPeer
{
function getBookedUnbooked($date)
{
$con = Propel::getConnection();
$sql =
SELECT booking.* FROM booking
WHERE '.$date.' BETWEEN start_date AND
end_date
UNION
SELECT 0 as id, 0 as client_id, id AS room_id,
'-00-00' as start_date, '-00-00' as end_date, 0 as adults, 0 as
children, '-00-00 00:00:00' as created_at FROM room
WHERE room.id NOT IN (
SELECT room_id FROM booking
WHERE '.$date.' BETWEEN
start_date AND end_date
)
ORDER BY room_id
;
$stmt = $con-createStatement();
$rs = $stmt-executeQuery($sql, ResultSet::FETCHMODE_NUM);
// $this-bookings =
BookingPeer::populateObjects(BookingPeer::doSelectRS($rs, $con));
return BookingPeer::populateObjects($rs);
}
}
- from actions.class.php -
public function executeShowbooked()
{
if (!$this-getRequestParameter('checkDate') )
{
$this-checkDate = date('Y-m-d');
}
else
{
$this-checkDate =
$this-getRequestParameter('checkDate');
}
$this-checkDate = $this-getRequestParameter('checkDate');
$this-bookings = BookingPeer::getBookedUnbooked( $this-checkDate);
}
- from showbookedSuccess.php -
?php echo form_tag('booking/showbooked') ?
pCheck this date:?php echo input_date_tag('checkDate',$checkDate, array (
'rich' = true,
'withtime' = false,
)) ?
?php echo submit_tag('Check...'); ?/p
- the rest of the form / results display is not shown -
Still will want to take this a step further and show rooms and dates booked in
a grid or matrix as shown below:
Room
Date 101 102 103 201 202 203
20080612YNYNYN
20080613YNNNYY
20080614NYYNYY
20080615NNYNYN
Adrian
---
Adrian Gould
Lecturer in IT / Network Engineering / Multimedia
Business Finance Computing [Midland Campus]
Swan TAFE
PO BOX 1336, Midland WA 6936
Phone: (08) 9267
eMail: [EMAIL PROTECTED]
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
symfony users group.
To post to this group, send email to symfony-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/symfony-users?hl=en
-~--~~~~--~~--~--~---
[symfony-users] [1.1] Customize asset directories
Hi, I read the cookbook article about how to customize the projects / applications directory structure. But there's one little tiny thing I'm missing: how to customize the web's css js asset directories. We use 'styles' and 'scripts' for those directories, and don't want to break this standard. I'd like to know how to customize it without using /styles/ and / scripts/ prefixes in my view.yml files ... Cheers, Pierre --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups symfony users group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en -~--~~~~--~~--~--~---
[symfony-users] Re: Conception problem... Module / Application
Hi, I finally chose Richtermeister's solution. I will apply different layout, template and products list according to a :boutique parameter passed in the url, just before the module/action route.. Thank you all Olivier On 12 juin, 19:02, Richtermeister [EMAIL PROTECTED] wrote: Hey Olivier, I would build one app with all the required modules for a store (catalog, checkout, account, etc), and make each module smart enough to customize itself based on certain parameters, such as the url. Then you can swap out layout, templates, stylesheets etc, based on store configuration settings. At least fo me having separate apps that fundamentally do the same thing sounds wrong. My 2 cents, Daniel On Jun 11, 11:53 pm, obalais [EMAIL PROTECTED] wrote: Hi, I read the entire dwhittle article about ysfDimensions plugin and I think it can't solve my problem. The dimensions allowed values must be declared in a yml configuration file. I can't edit this yml file each time a member create his own online shop... Maybe I'm wrong and there is a tip which should help me... Nicolas, I just don't understand your solution. The shop are not generated. I must have one application or one module which, according to parameters in the url, shows shops with a defined template and selected products... Thanks Olivier On 11 juin, 21:38, Jacob Coby [EMAIL PROTECTED] wrote: Have you looked at the ysfDimensionsPlugin? http://trac.symfony-project.com/wiki/ysfDimensionsPlugin It sounds like it'll do everything you need (I have no experience with it). Seems to be quite popular as well. On Jun 11, 2008, at 10:40 AM, obalais wrote: Hi everyone, For the purpose of a work placement, i have to develop a web application allowing its users to create their own online shop from a set of pre defined products. Roughly, users, can browse the website to see a list of most recently created shop, find some information and then sign up to create their own. An Url like myapplication.com/my_shop/ would then be their online shop location. To talk more about that shop, it should display the products that the user has previously chosen, a contact page, and some other miscellaneous informations, according to the level of customisation that the user would potentially apply (different colors or layout for example). Well now, my problem is a design one. In other words, I have some difficulties to find the best solution in order to achieve that Do you think I should represent those online shops as an application module?, or as an application containing different modules(products, categories, contact..)? I have to admit that I would prefer the second option but also that I unfortunatelydon't have any clue how to ensure the fact that my application effectively displays the correct modules according to the chosen shop. I would be very pleased if anyone has an interesting opinion to share on that subject, in order to give some advices Thanking you sincerely yours Olivier -- Jacob Coby [EMAIL PROTECTED] --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups symfony users group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en -~--~~~~--~~--~--~---
[symfony-users] sfPageFlowPlugin?
Did anybody manage to get the demo working for this? It's still got me stumped :-/ --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups symfony users group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en -~--~~~~--~~--~--~---
[symfony-users] sfWidgetFormSelect (selected value)
How can I set selected value for sfWidgetFormSelect? --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups symfony users group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en -~--~~~~--~~--~--~---
[symfony-users] template using variables defined in the action class
Hi
I am defining a variable in my action class like this:
class myActions extends sfActions
{
public $var
...
I assume that I have access to variable $var in any of my templates, but it
is not the case. The only thing I could do is to have $this-foo =
$this-var in my corresponding action function and access $foo in my
template.
Am I wrong that templates have access to all public variables defined in the
action class?
--Mohammad
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
symfony users group.
To post to this group, send email to symfony-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/symfony-users?hl=en
-~--~~~~--~~--~--~---
[symfony-users] Re: Customize asset directories
On Jun 13, 4:05 am, Pierre [EMAIL PROTECTED] wrote: I read the cookbook article about how to customize the projects / applications directory structure. But there's one little tiny thing I'm missing: how to customize the web's css js asset directories. We use 'styles' and 'scripts' for those directories, and don't want to break this standard. I'd like to know how to customize it without using /styles/ and / scripts/ prefixes in my view.yml files ... You can put PHP code in your YAML file, so you could define PHP constants and use those as a prefix. -- --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups symfony users group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en -~--~~~~--~~--~--~---
[symfony-users] Re: template using variables defined in the action class
On Jun 13, 11:13 am, Mohammad Ali Safari [EMAIL PROTECTED]
wrote:
I am defining a variable in my action class like this:
class myActions extends sfActions
{
public $var
...
I assume that I have access to variable $var in any of my templates, but it
is not the case. The only thing I could do is to have $this-foo =
$this-var in my corresponding action function and access $foo in my
template.
Am I wrong that templates have access to all public variables defined in the
action class?
Yes.
:-)
If you want $foo in your template you need to set $this-foo in your
action.
--
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
symfony users group.
To post to this group, send email to symfony-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/symfony-users?hl=en
-~--~~~~--~~--~--~---
[symfony-users] Re: Slightly offtopic - CC encryption / decryption
Hi all,
your points are well taken, and I'm not trying to put the cc numbers
into a database for the very same reason..
I do, however, have to put it into the session as part of the checkout
process, before I even get to use a payment gateway (after that it'll
get obfuscated right away, and I only store the last 4 digits, yes..).
Since session files are non-encrypted,
and the system may at some point run on a shared server, I would like
to encrypt at least the number before I put it in.
Sounds good?
Thanks for all your help.
And thanks Dustin for reminding me of the plugin. I completely forgot
about it. :)
Have a great day,
Daniel
On Jun 12, 5:30 pm, Alistair Stead [EMAIL PROTECTED]
wrote:
There are major implication of storing such data and in the UK there are
particularly stringent restrictions on how and where you can store such
data. I believe this goes as far as dictating hardware setup etc.
My advice would be evaluate the reason why you are storing this information
and think about shifting this task to a dedicated payment gateway service.
These services are setup to ensure all legislation is covered and users
personal data is protected. If you are storing data for delayed or repeat
billing these service should be able to facilitate this.
I have in the past been asked by a number of clients to store this data so
they could process orders manually through a PDQ terminal... All to save
paying for a payment gateway.
Although the risk may seem small. Just imagine the implications of someone
gaining access to your server? (This does happen)
Alistair
2008/6/12 Dustin Whittle [EMAIL PROTECTED]:
Also, see the dwCryptPlugin for a simple interface to mcrypt encryption.
- Dustin
On 6/12/08 2:33 PM, Lee Bolding [EMAIL PROTECTED] wrote:
You may want to check this :http://en.wikipedia.org/wiki/PCI_DSS
before you go ahead and do that.
A company processing, storing, or transmitting payment card data must
be PCI DSS compliant or risk losing their ability to process credit
card payments and being audited and/or fined
I think you'll find that one way functions are mandatory, and that
you're only ever allowed to store the last 4 card digits in plain.
On 12 Jun 2008, at 22:02, Richtermeister wrote:
Thanks Mohammad,
that is exactly what I was looking for!
And another reason to get mcrypt working on my server ;)
Thanks again,
have a great day.
Daniel
On Jun 12, 1:37 pm, Mohammad Ali Safari [EMAIL PROTECTED]
wrote:
Hi,
I use the methods in PHP mcrypt module.
I have these two methods:
// Decription Encryption
public static function encrypt($string, $key){
$cipher_alg = MCRYPT_RIJNDAEL_128;
$iv = mcrypt_create_iv(mcrypt_get_iv_size($cipher_alg,
MCRYPT_MODE_ECB),
MCRYPT_RAND);
$encrypted_string = base64_encode(mcrypt_encrypt($cipher_alg, $key,
$string, MCRYPT_MODE_CBC, $iv));
$iv_encode = base64_encode($iv);
return $encrypted_string.'_'.$iv_encode;
}
public static function decrypt($encrypted_string, $key){
$cipher_alg = MCRYPT_RIJNDAEL_128;
list($encrypted_string, $iv) = explode('_', $encrypted_string);
$decrypted_string = mcrypt_decrypt($cipher_alg, $key,
base64_decode($encrypted_string), MCRYPT_MODE_CBC,
base64_decode($iv));
$len = strlen($decrypted_string);
$j = $len-1;
while ($decrypted_string[$j] == \0) $j--;
$decrypted_string = substr($decrypted_string, 0, $j+1);
return $decrypted_string;
}
where $key is some fixed value stored in my app.yml file.
--Mohammad
--
Alistair Stead
Senior Interactive Developer
Mobile: +44 (0) 7788 107 333
Email: [EMAIL PROTECTED]
WWW: designdisclosure.com
The information contained in this email is confidential and may contain
proprietary information. It is meant solely for the intended
recipient/recipients. Access to this email by anyone else is unauthorised.
If you are not the intended recipient, any disclosure, copying, distribution
or any action taken or omitted in reliance on this, is prohibited and may be
unlawful. Please consider the environment before printing this e-mail.
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
symfony users group.
To post to this group, send email to symfony-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/symfony-users?hl=en
-~--~~~~--~~--~--~---
[symfony-users] Re: template using variables defined in the action class
Thanks Eno.
My exact question is can I define a variable in my action class OUT OF my
action FUNCTION and still access it in my template?
cheers,
--mohammad
On Fri, Jun 13, 2008 at 10:57 AM, Eno [EMAIL PROTECTED] wrote:
On Jun 13, 11:13 am, Mohammad Ali Safari [EMAIL PROTECTED]
wrote:
I am defining a variable in my action class like this:
class myActions extends sfActions
{
public $var
...
I assume that I have access to variable $var in any of my templates, but
it
is not the case. The only thing I could do is to have $this-foo =
$this-var in my corresponding action function and access $foo in my
template.
Am I wrong that templates have access to all public variables defined in
the
action class?
Yes.
:-)
If you want $foo in your template you need to set $this-foo in your
action.
--
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
symfony users group.
To post to this group, send email to symfony-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/symfony-users?hl=en
-~--~~~~--~~--~--~---
[symfony-users] Re: How do I access a validate .yml setting in my template?
Hi Daevid,
other than parsing the file into an array via the Yaml class I don't
think you can get to it.
Out of interest, what are you trying to do?
Daniel
On Jun 12, 2:40 pm, Daevid Vincent [EMAIL PROTECTED] wrote:
I asked this before and got no real answer. Is this not possible? Can I not
access values of the validate/update.yml file?
-Original Message-
From: symfony-users@googlegroups.com [mailto:[EMAIL PROTECTED]
On Behalf Of Daevid Vincent
Sent: Tuesday, June 03, 2008 1:58 PM
To: symfony-users@googlegroups.com
Subject: [symfony-users] Re: How do I access a validate .yml setting in my
template?
You misunderstand. We're using that already. But it's assinine to bog down
the server just to find out that the person didn't supply a form element
properly. That's why God invented Javascript and form validation. The server
side validation should be used as a last resort for those unfortunate fools
(or crackers trying to trick the system) that don't have JS in their
browser.
As found
herehttp://www.symfony-project.org/book/1_0/10-Forms#Form%20Validation
The client-side validation is to be done with custom JavaScript.
This is exactly what I'm trying to do!
I'm using onClick=return checkForm(this.form); on the submit button.
SCRIPT LANGUAGE=JavaScript TYPE=text/javascript
!--
?php //TODO: these should be using the entries from
modules\user\validate\update.yml ... how do I do that? ?
function checkForm(myForm) {
with ( myForm ) {
if( new_password.value.length 6 ) {
alert(?=__('Please enter a secure password of at
least 6 characters.')?);
new_password.focus();
new_password.select();
return false;
}
return true;
}
//--
/script
But how the [EMAIL PROTECTED]($ do I pull the 6 from the update.yml file
that my
sfFormValidation is using?!
http://www.symfony-project.org/book/1_0/05-Configuring-Symfony#The%20...
g%20Class
Says, you can access settings from within the application code through the
sfConfig class. It is a registry for configuration parameters, with a simple
getter class method, accessible from every part of the code:
// Retrieve a setting
parameter = sfConfig::get('param_name', $default_value);
The parameter name is the concatenation of several elements, separated by
underscores, in this order:
* A prefix related to the configuration file name
(sf_ for settings.yml, app_ for app.yml, mod_ for module.yml,
sf_i18n_ for i18n.yml, and sf_logging_ for logging.yml)
* The parent keys (if defined), in lowercase
* The name of the key, in lowercase
But as you notice it says NOTHING of the _update.yml_ file!
I simply want to do something like this in my JS:
if( new_password.value.length ?php echo
sfConfig::get('update_password_min_length'); ? ) {
Is there seriously no way to do this seemingly obvious task built in?!?!?
Do I actually have to read the update.yml file with
$updateParams = sfYaml::load('modules\user\validate\update.yml');
And parse it out, even though it should be available to me?
http://www.symfony-project.org/book/1_0/05-Configuring-Symfony#Browsi...
ur%20Own%20YAML%20File
-Original Message-
From: symfony-users@googlegroups.com [mailto:[EMAIL PROTECTED]
On Behalf Of Stereo
Sent: Monday, June 02, 2008 5:51 PM
To: symfony users
Subject: [symfony-users] Re: How do I access a validate .yml setting in my
template?
Hi Daevid,
I haven't used it myself but you may want to try this plugin:
http://trac.symfony-project.com/wiki/sfFormValidationPlugin
On Jun 2, 8:27 pm, Daevid Vincent [EMAIL PROTECTED] wrote:
I asked this before, but got no replies. Surely this is possible no?
I wish to use JS to validate the form first before bogging down my server,
it would be nice to use the same .yml entries rather than hard-code them
into the page.
Sent: Monday, May 19, 2008 7:00 PM
In my modules\user\validate\register.yml file I have:
usernameSizeValidator:
class: sfStringValidator
param:
min:4
min_error: Username must be 4 or more characters
max:15
max_error: Username must be 15 or less characters
How can I access the min and max values to display in my
registerSuccess.php
page?
As in, No spaces minimum 4 characters, maximum 15 characters.
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
symfony users group.
To post to this group, send email to symfony-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/symfony-users?hl=en
-~--~~~~--~~--~--~---
[symfony-users] Re: Slightly offtopic - CC encryption / decryption
Richtermeister wrote: Hi all, your points are well taken, and I'm not trying to put the cc numbers into a database for the very same reason.. I do, however, have to put it into the session as part of the checkout process, before I even get to use a payment gateway (after that it'll get obfuscated right away, and I only store the last 4 digits, yes..). Since session files are non-encrypted, and the system may at some point run on a shared server, I would like to encrypt at least the number before I put it in. Sounds good? What is stopping them from decrypting them? If they can read the session files, they can read the key to decrypt as well. My suggestion would be to store the sessions in a DB, so they aren't readable by anyone who can't login to your DB with your credentials. Though I guess they can read your connection file... I just wonder if there really is a way to store this safely... -- Nathanael d. Noblet Gnat Solutions, Inc T: 403.875.4613 --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups symfony users group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en -~--~~~~--~~--~--~---
[symfony-users] Re: Slightly offtopic - CC encryption / decryption
I assume you use the secure protocol (HTTPS) to do all these and store credit card info on server side. What's the problem then in regard to security? --Mohammad On Fri, Jun 13, 2008 at 12:58 PM, Nathanael D. Noblet [EMAIL PROTECTED] wrote: Richtermeister wrote: Hi all, your points are well taken, and I'm not trying to put the cc numbers into a database for the very same reason.. I do, however, have to put it into the session as part of the checkout process, before I even get to use a payment gateway (after that it'll get obfuscated right away, and I only store the last 4 digits, yes..). Since session files are non-encrypted, and the system may at some point run on a shared server, I would like to encrypt at least the number before I put it in. Sounds good? What is stopping them from decrypting them? If they can read the session files, they can read the key to decrypt as well. My suggestion would be to store the sessions in a DB, so they aren't readable by anyone who can't login to your DB with your credentials. Though I guess they can read your connection file... I just wonder if there really is a way to store this safely... -- Nathanael d. Noblet Gnat Solutions, Inc T: 403.875.4613 --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups symfony users group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en -~--~~~~--~~--~--~---
[symfony-users] Re: Slightly offtopic - CC encryption / decryption
Just a thought, but I'd strongly advise you against storing this kind of information unless you/your company has the kind of legal backing and security infrastructure to support protecting such critical information. I know this doesn't answer your question, but the reality is there the is not going to be a good solution for this problem as it is a sort of chicken and egg problem. Even if you use the most sophisticated public/private key encryption, compromising the server would spell disaster. (After all, the software can read it, no?) Large companies like PayPal and the like have invested millions in security and indeed, when people buy online they expect this sort of security. Protect your customers and you will protect your business Just my 2-cents. Best, JLS On Jun 13, 2008, at 12:08 PM, Mohammad Ali Safari wrote: I assume you use the secure protocol (HTTPS) to do all these and store credit card info on server side. What's the problem then in regard to security? --Mohammad On Fri, Jun 13, 2008 at 12:58 PM, Nathanael D. Noblet [EMAIL PROTECTED] wrote: Richtermeister wrote: Hi all, your points are well taken, and I'm not trying to put the cc numbers into a database for the very same reason.. I do, however, have to put it into the session as part of the checkout process, before I even get to use a payment gateway (after that it'll get obfuscated right away, and I only store the last 4 digits, yes..). Since session files are non-encrypted, and the system may at some point run on a shared server, I would like to encrypt at least the number before I put it in. Sounds good? What is stopping them from decrypting them? If they can read the session files, they can read the key to decrypt as well. My suggestion would be to store the sessions in a DB, so they aren't readable by anyone who can't login to your DB with your credentials. Though I guess they can read your connection file... I just wonder if there really is a way to store this safely... -- Nathanael d. Noblet Gnat Solutions, Inc T: 403.875.4613 --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups symfony users group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en -~--~~~~--~~--~--~---
[symfony-users] Re: Slightly offtopic - CC encryption / decryption
Why do you assume the key is in the session? If I were going to encrypt something and put it in the session, the key sure would not be along with it, I would use data specific to the user (each user has their own key). based on things like username/zipcode/ipaddress probably a mashup of 3 bits of personal information that not everyone would be able to get. James On Jun 13, 2008, at 2:58 PM, Nathanael D. Noblet wrote: Richtermeister wrote: Hi all, your points are well taken, and I'm not trying to put the cc numbers into a database for the very same reason.. I do, however, have to put it into the session as part of the checkout process, before I even get to use a payment gateway (after that it'll get obfuscated right away, and I only store the last 4 digits, yes..). Since session files are non-encrypted, and the system may at some point run on a shared server, I would like to encrypt at least the number before I put it in. Sounds good? What is stopping them from decrypting them? If they can read the session files, they can read the key to decrypt as well. My suggestion would be to store the sessions in a DB, so they aren't readable by anyone who can't login to your DB with your credentials. Though I guess they can read your connection file... I just wonder if there really is a way to store this safely... -- Nathanael d. Noblet Gnat Solutions, Inc T: 403.875.4613 --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups symfony users group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en -~--~~~~--~~--~--~---
[symfony-users] Re: How do I access a validate .yml setting in my template?
*sigh*
Thanks for the reply Richtermeister. I thought I was pretty clear in my email
below, but just to re-iterate. I'm trying to prevent the redundancy of having
to type a string of error message in the Javascript AND in the .yml file. It
seems utterly stupid to me that Symfony has all this validation, and I can set
a min/max length and an error string to output, yet doesn't have basic JS
validation built in. Further exacerbated by the fact that it appears I can't
even pull those min/max/error string values out from the .yml file and display
them in my javascript validation routines. So this defeats the whole purpose of
MVC, refactoring and write-once-use-many, etc.
-Original Message-
From: symfony-users@googlegroups.com
[mailto:[EMAIL PROTECTED] On Behalf Of Richtermeister
Sent: Friday, June 13, 2008 10:21 AM
To: symfony users
Subject: [symfony-users] Re: How do I access a validate .yml
setting in my template?
Hi Daevid,
other than parsing the file into an array via the Yaml class I don't
think you can get to it.
Out of interest, what are you trying to do?
Daniel
On Jun 12, 2:40 pm, Daevid Vincent [EMAIL PROTECTED] wrote:
I asked this before and got no real answer. Is this not
possible? Can I not
access values of the validate/update.yml file?
-Original Message-
From: symfony-users@googlegroups.com
[mailto:[EMAIL PROTECTED]
On Behalf Of Daevid Vincent
Sent: Tuesday, June 03, 2008 1:58 PM
To: symfony-users@googlegroups.com
Subject: [symfony-users] Re: How do I access a validate
.yml setting in my
template?
You misunderstand. We're using that already. But it's
assinine to bog down
the server just to find out that the person didn't supply a
form element
properly. That's why God invented Javascript and form
validation. The server
side validation should be used as a last resort for those
unfortunate fools
(or crackers trying to trick the system) that don't have JS in their
browser.
As found
herehttp://www.symfony-project.org/book/1_0/10-Forms#Form%20Validation
The client-side validation is to be done with custom JavaScript.
This is exactly what I'm trying to do!
I'm using onClick=return checkForm(this.form); on the
submit button.
SCRIPT LANGUAGE=JavaScript TYPE=text/javascript
!--
?php //TODO: these should be using the entries from
modules\user\validate\update.yml ... how do I do that? ?
function checkForm(myForm) {
with ( myForm ) {
if( new_password.value.length 6 ) {
alert(?=__('Please enter a secure
password of at
least 6 characters.')?);
new_password.focus();
new_password.select();
return false;
}
return true;
}
//--
/script
But how the [EMAIL PROTECTED]($ do I pull the 6 from the update.yml
file that my
sfFormValidation is using?!
http://www.symfony-project.org/book/1_0/05-Configuring-Symfony
#The%20...
g%20Class
Says, you can access settings from within the application
code through the
sfConfig class. It is a registry for configuration
parameters, with a simple
getter class method, accessible from every part of the code:
// Retrieve a setting
parameter = sfConfig::get('param_name', $default_value);
The parameter name is the concatenation of several
elements, separated by
underscores, in this order:
* A prefix related to the configuration file name
(sf_ for settings.yml, app_ for app.yml, mod_ for module.yml,
sf_i18n_ for i18n.yml, and sf_logging_ for logging.yml)
* The parent keys (if defined), in lowercase
* The name of the key, in lowercase
But as you notice it says NOTHING of the _update.yml_ file!
I simply want to do something like this in my JS:
if( new_password.value.length ?php echo
sfConfig::get('update_password_min_length'); ? ) {
Is there seriously no way to do this seemingly obvious task
built in?!?!?
Do I actually have to read the update.yml file with
$updateParams = sfYaml::load('modules\user\validate\update.yml');
And parse it out, even though it should be available to me?
http://www.symfony-project.org/book/1_0/05-Configuring-Symfony
#Browsi...
ur%20Own%20YAML%20File
-Original Message-
From: symfony-users@googlegroups.com
[mailto:[EMAIL PROTECTED]
On Behalf Of Stereo
Sent: Monday, June 02, 2008 5:51 PM
To: symfony users
Subject: [symfony-users] Re: How do I access a validate
.yml setting in my
template?
Hi Daevid,
I haven't used it myself but you may want to try this plugin:
http://trac.symfony-project.com/wiki/sfFormValidationPlugin
On Jun 2, 8:27 pm, Daevid Vincent [EMAIL PROTECTED] wrote:
I asked this before, but got no replies. Surely this is
possible no?
I wish to use JS to validate the form first before
bogging
[symfony-users] Re: How do I access a validate .yml setting in my template?
Hi Daevid,
Take a look at the execution filter to see how symfony uses the
validation.yml files:
http://trac.symfony-project.com/browser/branches/1.0/lib/filter/sfExecutionFilter.class.php#L91
More to your point, isn't duplication of the validation logic a larger
DRY concern than duplication of error messages? Perhaps you should
consider using an AJAX validation mechanism the runs the form
parameters through a symfony action and responds 200 or 412 + a JSON
object with any error messages. This can easily be accomplished with
the handleErrorFoo() methods.
Kris
On Jun 13, 7:22 pm, Daevid Vincent [EMAIL PROTECTED] wrote:
*sigh*
Thanks for the reply Richtermeister. I thought I was pretty clear in my email
below, but just to re-iterate. I'm trying to prevent the redundancy of having
to type a string of error message in the Javascript AND in the .yml file.
It seems utterly stupid to me that Symfony has all this validation, and I can
set a min/max length and an error string to output, yet doesn't have basic JS
validation built in. Further exacerbated by the fact that it appears I can't
even pull those min/max/error string values out from the .yml file and
display them in my javascript validation routines. So this defeats the whole
purpose of MVC, refactoring and write-once-use-many, etc.
-Original Message-
From: symfony-users@googlegroups.com
[mailto:[EMAIL PROTECTED] On Behalf Of Richtermeister
Sent: Friday, June 13, 2008 10:21 AM
To: symfony users
Subject: [symfony-users] Re: How do I access a validate .yml
setting in my template?
Hi Daevid,
other than parsing the file into an array via the Yaml class I don't
think you can get to it.
Out of interest, what are you trying to do?
Daniel
On Jun 12, 2:40 pm, Daevid Vincent [EMAIL PROTECTED] wrote:
I asked this before and got no real answer. Is this not
possible? Can I not
access values of the validate/update.yml file?
-Original Message-
From: symfony-users@googlegroups.com
[mailto:[EMAIL PROTECTED]
On Behalf Of Daevid Vincent
Sent: Tuesday, June 03, 2008 1:58 PM
To: symfony-users@googlegroups.com
Subject: [symfony-users] Re: How do I access a validate
.yml setting in my
template?
You misunderstand. We're using that already. But it's
assinine to bog down
the server just to find out that the person didn't supply a
form element
properly. That's why God invented Javascript and form
validation. The server
side validation should be used as a last resort for those
unfortunate fools
(or crackers trying to trick the system) that don't have JS in their
browser.
As found
herehttp://www.symfony-project.org/book/1_0/10-Forms#Form%20Validation
The client-side validation is to be done with custom JavaScript.
This is exactly what I'm trying to do!
I'm using onClick=return checkForm(this.form); on the
submit button.
SCRIPT LANGUAGE=JavaScript TYPE=text/javascript
!--
?php //TODO: these should be using the entries from
modules\user\validate\update.yml ... how do I do that? ?
function checkForm(myForm) {
with ( myForm ) {
if( new_password.value.length 6 ) {
alert(?=__('Please enter a secure
password of at
least 6 characters.')?);
new_password.focus();
new_password.select();
return false;
}
return true;
}
//--
/script
But how the [EMAIL PROTECTED]($ do I pull the 6 from the update.yml
file that my
sfFormValidation is using?!
http://www.symfony-project.org/book/1_0/05-Configuring-Symfony
#The%20...
g%20Class
Says, you can access settings from within the application
code through the
sfConfig class. It is a registry for configuration
parameters, with a simple
getter class method, accessible from every part of the code:
// Retrieve a setting
parameter = sfConfig::get('param_name', $default_value);
The parameter name is the concatenation of several
elements, separated by
underscores, in this order:
* A prefix related to the configuration file name
(sf_ for settings.yml, app_ for app.yml, mod_ for module.yml,
sf_i18n_ for i18n.yml, and sf_logging_ for logging.yml)
* The parent keys (if defined), in lowercase
* The name of the key, in lowercase
But as you notice it says NOTHING of the _update.yml_ file!
I simply want to do something like this in my JS:
if( new_password.value.length ?php echo
sfConfig::get('update_password_min_length'); ? ) {
Is there seriously no way to do this seemingly obvious task
built in?!?!?
Do I actually have to read the update.yml file with
$updateParams = sfYaml::load('modules\user\validate\update.yml');
And parse it out, even though it should be available to me?
[symfony-users] Re: template using variables defined in the action class
Hi Mohammad,
The action classes use the PHP magic __set() method, which is only
used when an object member has NOT been defined yet. So the answer
you're looking for is no. If you'd like to have certain variables set
in every action in a module, consider using the -initialize() or -
preExecute() method (the latter is not called when validation fails).
This may shed some light on the matter:
http://trac.symfony-project.com/browser/branches/1.0/lib/action/sfComponent.class.php#L252
Kris
On Jun 13, 10:02 am, Mohammad Ali Safari [EMAIL PROTECTED]
wrote:
Thanks Eno.
My exact question is can I define a variable in my action class OUT OF my
action FUNCTION and still access it in my template?
cheers,
--mohammad
On Fri, Jun 13, 2008 at 10:57 AM, Eno [EMAIL PROTECTED] wrote:
On Jun 13, 11:13 am, Mohammad Ali Safari [EMAIL PROTECTED]
wrote:
I am defining a variable in my action class like this:
class myActions extends sfActions
{
public $var
...
I assume that I have access to variable $var in any of my templates, but
it
is not the case. The only thing I could do is to have $this-foo =
$this-var in my corresponding action function and access $foo in my
template.
Am I wrong that templates have access to all public variables defined in
the
action class?
Yes.
:-)
If you want $foo in your template you need to set $this-foo in your
action.
--
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
symfony users group.
To post to this group, send email to symfony-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/symfony-users?hl=en
-~--~~~~--~~--~--~---
[symfony-users] Re: sfWidgetFormSelect (selected value)
Hi Dmitry, I believe default form values are set in one of three ways: * sfForm::__construct(array $defaults) * sfForm::setDefaults(array $defaults) * sfForm::setDefault(string $name, mixed $default) Kris On Jun 13, 6:55 am, Dmitry Nesteruk [EMAIL PROTECTED] wrote: How can I set selected value for sfWidgetFormSelect? --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups symfony users group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en -~--~~~~--~~--~--~---
