[symfony-users] Re: filter causes CSRF attack
Maybe this http://forum.symfony-project.org/index.php?t=msg&th=17867&;
or http://forum.symfony-project.org/index.php/m/75882/ or
http://forum.symfony-project.org/index.php/m/92096/ will help you.
On 4 bře, 10:45, mbernasocchi wrote:
> sorry to bothe abain, but the pastebin expired... now it's all
> here:http://pastebin.com/quQfBXTy
>
> and here:
>
> /*
> *filters.yml
> rendering: ~
>
> remember_me:
> class: sfGuardRememberMeFilter
>
> clear_owner:
> class: ownerFilter
>
> security: ~
>
> # insert your own filters here
>
> cache: ~
> execution: ~
>
> */
> /*
> *security.yml
> edit:
> is_secure: true
> credentials: [[ admin, owner ]] # admin OR owner
> */
>
> /**
> * Description of ownerFilterclass
> *
> * @author marco
> */
> class ownerFilter extends sfFilter {
> public function execute($filterChain) {
> $user = $this->getContext()->getUser();
>
> $request = $this->getContext()->getRequest();
> $model =
> tools::getModelNameFromModule($request->getParameter('module'));
>
> var_dump($request->getParameter('id'));
> var_dump($model);
>
> if ($model != null)
> {
> if (
> $obj =
> Doctrine::getTable($model)->find($request->getParameter('id'))
>
> AND $obj
> AND $user->getGuardUser() == $obj->getAuthor()
> ) {
> $user->addCredential('owner');
> }
> else {
> $user->removeCredential('owner');
> }
> }
>
> // Execute next filter
> $filterChain->execute();
> //remove the owner credential
> $user->removeCredential('owner');
> }}
>
> ?>
>
> On Mar 4, 12:54 am, mbernasocchi wrote:
>
>
>
> > hi all,
> > I've set up a filter to give and take away a dynamic owner credential
> > (so that only the author of the object can edit it). my problem is
> > that as soon as I activate the filter and try to perform an action
> > that needs the owner credential, symfony reports " _csrf_token [CSRF
> > attack detected.] "
>
> > the relevant code can be found here:http://pastebin.com/7tUuTuMKh
>
> > thanks in advance
>
> > MArco
--
If you want to report a vulnerability issue on symfony, please send it to
security at symfony-project.com
You received this message because you are subscribed to the Google
Groups "symfony users" group.
To post to this group, send email to symfony-users@googlegroups.com
To unsubscribe from this group, send email to
symfony-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/symfony-users?hl=en
[symfony-users] Re: Route :slug value
More information will be good. For example, what is the URL that you
try to call?
Is it /exp/send/sometoken ?
On 3 Mrz., 09:43, feykintosh wrote:
> Hi all,
> I'm having a problem with routing.
>
> route.yml settings:
> Send:
> url: /exp/send/:token
> param: { module: exp, action: Send }
>
> And my action.php file:
>
> public function executeSend(sfWebRequest $request){
>
> var_dump($request->getParameter('token')); //don't work.
> }
>
> Null is returned as..
>
> The value of :token how can I get?
--
If you want to report a vulnerability issue on symfony, please send it to
security at symfony-project.com
You received this message because you are subscribed to the Google
Groups "symfony users" group.
To post to this group, send email to symfony-users@googlegroups.com
To unsubscribe from this group, send email to
symfony-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/symfony-users?hl=en
[symfony-users] Show/Check Simple Query Result
Hi, I'm very new to symfony, and just a novice developer also...
I searched in forum and documentation already and can't find the
answer (probably because it's too basic and simple :D)
Here's the case :
I have one table, 'user' to save username and password, then I want to
retrieve the data from that table and check if the submitted username
and password is right. I use a loginForm class that I write, and then
check it from the main module.. here's the code :
loginForm.class.php :
class LoginForm extends BaseForm
{
public function configure()
{
$this->setWidgets(array(
'NIP' => new sfWidgetFormInputText(),
'password' => new sfWidgetFormInputPassword(),
));
$this->widgetSchema->setNameFormat('login[%s]');
$this->setValidators(array(
'NIP' => new sfValidatorString(array('required'
=> true)),
'password' => new sfValidatorString(array('required'
=> true)),
));
}
}
actions.class.php
public function executeIndex(sfWebRequest $request)
{
$this->form = new LoginForm();
if($request->isMethod('post'))
{
$this->form->bind($request->getParameter('login'));
if($this->form->isValid())
{
$formValue = $this->form->getValues();
$query = Doctrine_Query::create()
->select('password')
->from('pengguna')
->where('pengguna.NIP = ' . $formValue['NIP'] );
$this->user = $query->execute();
}
}
}
The code's not finished yet because I don't know how to get the value
of the query I just executed...
Things that I want to ask :
1. How to get the value (result) of $query->execute() ?
2. Are there any step by step tutorial that teaches most of these
basic things ? (I've read practical symfony and doctrine orm for php,
but I think it's too advanced for me - so many confusing things)
The main problem of those two books is that they assume you know about
doctrine ( practical symfony ) and that there's too many things that I
have to read when what I need is just a simple question.. I need
something like the PHP API documentation.. so any recommendation ?
Thanks before, and sorry for my bad english..
--
If you want to report a vulnerability issue on symfony, please send it to
security at symfony-project.com
You received this message because you are subscribed to the Google
Groups "symfony users" group.
To post to this group, send email to symfony-users@googlegroups.com
To unsubscribe from this group, send email to
symfony-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/symfony-users?hl=en
[symfony-users] Question about sfWidgetFormChoice
Hi,
I have this widget:
$this->widgetSchema['age_from'] = new
sfWidgetFormChoice(array('choices' => array('' =>'-', range(14,130;
When i click on it to select a value, the expanded select shows a italic 14,
between '-'
and 14,15
Any idea?
Javi
--
If you want to report a vulnerability issue on symfony, please send it to
security at symfony-project.com
You received this message because you are subscribed to the Google
Groups "symfony users" group.
To post to this group, send email to symfony-users@googlegroups.com
To unsubscribe from this group, send email to
symfony-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/symfony-users?hl=en
[symfony-users] Re: How to create a child module with admin generator ?
How this module should look like?
- what should be in the listing page
- how the edit and insert forms should look?
On 2 bře, 22:06, Herzult wrote:
> Hello,
> I am trying to create a kind of child module with admin generator.
> I wanted to know if you have solutions.
>
> Take for example the following model :
>
> Article:
> columns:
> title: { type: string(45) }
> headline: { type: string(500) }
>
> ArticlePage:
> columns:
> title: { type: string(45), notnull: true }
> content: { type: clob }
> page_id: { type: integer, notnull: true }
> relations:
> Article:
> local: page_id
> foreign: id
> alias: Article
> foreignAlias: Pages
> onDelete: cascade
>
> First, I want to create an admin module to manage Articles. So far no
> problem.
> Then I want to create another admin module to manage ArticlePage
> related to one Article (and not all Articles).
> How? Is this possible with the admin generator?
>
> Thank you in advance for your reply.
--
If you want to report a vulnerability issue on symfony, please send it to
security at symfony-project.com
You received this message because you are subscribed to the Google
Groups "symfony users" group.
To post to this group, send email to symfony-users@googlegroups.com
To unsubscribe from this group, send email to
symfony-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/symfony-users?hl=en
[symfony-users] Re: Question about sfWidgetFormChoice
array('' =>'-', range(14,130))
...seems to me a bit a strange construction, a mix of associative and
non-associative array elements. In any case the 'choices' option needs
a associative array, so it may work better if you put together a
proper associative array?
E.g. like:
$choices =array_merge(array('' => '-'), array_combine(range(14,130),
range(14,130)));
Not the nicest solution (I'm not a geek in this domain), but it should
work.
Hope that helps, cheers RAPHAEL
--
If you want to report a vulnerability issue on symfony, please send it to
security at symfony-project.com
You received this message because you are subscribed to the Google
Groups "symfony users" group.
To post to this group, send email to symfony-users@googlegroups.com
To unsubscribe from this group, send email to
symfony-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/symfony-users?hl=en
Re: [symfony-users] You must pass a valid path to a directory containing Doctrine models
This is what my ProjectConfiguration.class.php looks like.
enablePlugins('sfDoctrinePlugin');
}
}
\
i've tried the path a few different ways such as:
C:\\frameworks\\symfony-1.4.2\\lib/autoload/sfCoreAutoload.class.php
and
C:/frameworks/symfony-1.4.2/lib/autoload/sfCoreAutoload.class.php
and
C:\frameworks\symfony-1.4.2\lib\autoload\sfCoreAutoload.class.php
all resulting in the same error.
Also, In the 'Global include Path'
I only have 'C:\frameworks\symfony-1.4.2' set.
Is there something else that should be included there?
Thanks.
From: Eno
To: "symfony-users@googlegroups.com"
Sent: Thu, March 4, 2010 2:50:06 PM
Subject: Re: [symfony-users] You must pass a valid path to a directory
containing Doctrine models
On Thu, 4 Mar 2010, Bill P. wrote:
> I am trying to setup a new project using NetBeans and this tutorial:
> http://wiki.netbeans.org/NB68symfony
>
> It is using propel, but I am setup with Doctrine.
> Everything seems to be setup correctly, but when I am trying to insert-sql, I
> get this error;
>
> You must pass a valid path to a directory containing Doctrine models
>
> and no table are created.
>
> What am I missing?
Use the source Luke.
Looking at the source for that task, I see it looks for models_path in
your config:
protected function execute($arguments = array(), $options = array())
{
$this->logSection('doctrine', 'created tables successfully');
$databaseManager = new sfDatabaseManager($this->configuration);
$config = $this->getCliConfig();
Doctrine_Core::loadModels($config['models_path'],
Doctrine_Core::MODEL_LOADING_CONSERVATIVE);
Doctrine_Core::createTablesFromArray(Doctrine_Core::getLoadedModels());
}
Im guessing loadModels never gets a valid path. Furthermore the array of
config values comes through getCliConfig() which in turn pulls it from the
plugin config:
public function getCliConfig()
{
return
$this->configuration->getPluginConfiguration('sfDoctrinePlugin')->getCliConfig();
}
So this probably should be in coming from your sfProjectConfiguration
class. Do you have the Doctrine plugin enabled and Propel disabled in your
project config?
--
--
If you want to report a vulnerability issue on symfony, please send it to
security at symfony-project.com
You received this message because you are subscribed to the Google
Groups "symfony users" group.
To post to this group, send email to symfony-users@googlegroups.com
To unsubscribe from this group, send email to
symfony-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/symfony-users?hl=en
--
If you want to report a vulnerability issue on symfony, please send it to
security at symfony-project.com
You received this message because you are subscribed to the Google
Groups "symfony users" group.
To post to this group, send email to symfony-users@googlegroups.com
To unsubscribe from this group, send email to
symfony-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/symfony-users?hl=en
[symfony-users] Re: symfony Forms in Action
Unfortunately, the form docs are almost abandoned. I wrote the update for symfony 1.4 myself, but more work is needed. I asked Fabien at symfony live, he told me to rearrange the chapters and to add a chapter on embedding forms. If you want to help, please write on symfony-docs group cheers Massimiliano On 2 Mar, 18:36, danceric wrote: > Hi, > I've seen a link to the 'symfony Forms in Action' in the symfony blog, > I'm wondering why it's not linked on the 'Documentation' page, it's a > helpful resource. > > http://www.symfony-project.org/forms/ -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups "symfony users" group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to symfony-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en
[symfony-users] sfWidgetFormInputFileEditable
Hi there,
I just migrated to symfony 1.3, so that could be part of the
explanation, but I can't use the sfWidgetFormInputFileEditable.
in fact, everything seems to go right as field is displayed, but I've
got an empty value in my doSave method.
the way I configured my form is the following:
$this->setWidget('logo', new sfWidgetFormInputFileEditable(array(
'file_src' => $this->getObject()->getLogoPath().$this-
>getObject()->getLogo(),
'edit_mode' => strlen($this->getObject()->getLogo()),
'is_image' => true,
'with_delete' => false,
)));
$this->setValidator('logo', new sfValidatorFile(array(
'required' => false,
'path' =>
sfConfig::get('sf_upload_dir').'/'.$this->getObject()->getLogoPath(),
'mime_types' => 'web_images'
), array(
)));
widget is displayed, but the $form->isMultipart() does return false,
so the template does not render the enctype="multipart/form-data", and
there is no file bound.
any idea where it could come from ?
regards,
Julien.
--
If you want to report a vulnerability issue on symfony, please send it to
security at symfony-project.com
You received this message because you are subscribed to the Google
Groups "symfony users" group.
To post to this group, send email to symfony-users@googlegroups.com
To unsubscribe from this group, send email to
symfony-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/symfony-users?hl=en
[symfony-users] Re: Deploy an application
Did you check the paths in the AJAX files? On Mar 3, 6:41 am, maelo_fredas wrote: > Hello everyone: > > I'm developing an app with symfony-1.2.12, Doctrine and PostgreSQL. > Deployed it according the steps defined in Jobeet. The files were > successfully transferred after deploy task (done in the same pc), but > some AJAX queries don't work in deployment. Checked with Firebug and > the .js files (where the function exist) are loaded. I need help to > fix this issue. > > Thanks in advance -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups "symfony users" group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to symfony-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en
Re: [symfony-users] Re: Symfony frontend sort by th
Hi Gareth,
the method that you show us have a security problem: inject sql. You need to
check what kind of parameter the user is sending.
if (!in_array($parameter, array('asc', 'desc'))) {
//do something
} else {
//execute the query
}
bye
Augusto Morais
--
If you want to report a vulnerability issue on symfony, please send it to
security at symfony-project.com
You received this message because you are subscribed to the Google
Groups "symfony users" group.
To post to this group, send email to symfony-users@googlegroups.com
To unsubscribe from this group, send email to
symfony-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/symfony-users?hl=en
[symfony-users] Re: sfWidgetFormInputFileEditable
my bad, I feel so dumb...
I looked for a long time, but did not check if I used the right
template, and I wasn't...
sorry for this.
On 5 mar, 16:51, MoUeTtE wrote:
> Hi there,
>
> I just migrated to symfony 1.3, so that could be part of the
> explanation, but I can't use the sfWidgetFormInputFileEditable.
>
> in fact, everything seems to go right as field is displayed, but I've
> got an empty value in my doSave method.
>
> the way I configured my form is the following:
>
> $this->setWidget('logo', new sfWidgetFormInputFileEditable(array(
> 'file_src' =>
> $this->getObject()->getLogoPath().$this->getObject()->getLogo(),
>
> 'edit_mode' => strlen($this->getObject()->getLogo()),
> 'is_image' => true,
> 'with_delete' => false,
> )));
> $this->setValidator('logo', new sfValidatorFile(array(
> 'required' => false,
> 'path' =>
> sfConfig::get('sf_upload_dir').'/'.$this->getObject()->getLogoPath(),
> 'mime_types' => 'web_images'
> ), array(
> )));
>
> widget is displayed, but the $form->isMultipart() does return false,
> so the template does not render the enctype="multipart/form-data", and
> there is no file bound.
>
> any idea where it could come from ?
>
> regards,
>
> Julien.
--
If you want to report a vulnerability issue on symfony, please send it to
security at symfony-project.com
You received this message because you are subscribed to the Google
Groups "symfony users" group.
To post to this group, send email to symfony-users@googlegroups.com
To unsubscribe from this group, send email to
symfony-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/symfony-users?hl=en
[symfony-users] Re: ideas for development architecture in symfony
Just to beat that horse some more, since Apostrophe is open-source and built by programmers that encountered all the problems and challenges you're looking to solve, the suggestion is to look at their schema / code for inspiration. Any answer we could give you here would simply re-iterate what's in there. Daniel On Mar 4, 11:15 am, Joshua wrote: > Thanks but Apostrophe still doesn't do it for me. > > I'm looking for specific code implementation suggestions from > developers. > > On Mar 4, 1:50 am, Alexandru-Emil Lupu wrote: > > > Apostrophe is symfony based > > > On Thu, Mar 4, 2010 at 7:11 AM, Joshua wrote: > > > Thanks daniel. There are a lot of CMS' that use similar approaches, > > > but specifically looking for a symfony one. > > > > On Mar 3, 4:53 pm, Daniel Lohse wrote: > > > > This sounds a lot like Apostrophe's architecture! Seehttp:// > > >www.apostrophenow.com/ > > > > > Daniel > > > > > On 03.03.2010, at 21:13, Joshua wrote: > > > > > > I'm working on the following architecture for a site running symfony. > > > > > Seeking ideas and input for the best way this might be implemented on > > > > > a symfony platform. > > > > > > Blocks > > > > > * Right now I am using the name block for lack of available > > > > > nomenclature. You could also refer to these as modules, widgets, > > > > > content areas, etc. > > > > > * A block can be any independent entity assigned to "pages" in the > > > > > frontend. If you go to education.com (as an example, not the site I'm > > > > > developing), "Science Fair Ideas and Help" would be a block, "Featured > > > > > Topics" would be a block, a chunk of html or ads can be made blocks. > > > > > * Blocks would be developed separately of other blocks. There > > > > > would be some sort of class of all the available blocks which pull in > > > > > the necessary db data, construct and return its individual html > > > > > segment. > > > > > * In the admin, blocks would be given properties such as order, > > > > > active/visible, etc. > > > > > > Zones > > > > > * Each page would also be assigned zones (left side, middle, > > > > > footer, whatever). These would basically determine the page layout. > > > > > * Blocks would then be assigned to a zone on the page. > > > > > * When a page loads it pulls its assigned zones and blocks then > > > > > places them where necessary. > > > > > > -- > > > > > If you want to report a vulnerability issue on symfony, please send it > > > to security at symfony-project.com > > > > > > You received this message because you are subscribed to the Google > > > > > Groups "symfony users" group. > > > > > To post to this group, send email to symfony-users@googlegroups.com > > > > > To unsubscribe from this group, send email to > > > > > symfony-users+unsubscr...@googlegroups.com > > > > > For more options, visit this group at > > > > >http://groups.google.com/group/symfony-users?hl=en > > > > -- > > > If you want to report a vulnerability issue on symfony, please send it to > > > security at symfony-project.com > > > > You received this message because you are subscribed to the Google > > > Groups "symfony users" group. > > > To post to this group, send email to symfony-users@googlegroups.com > > > To unsubscribe from this group, send email to > > > symfony-users+unsubscr...@googlegroups.com > > > For more options, visit this group at > > >http://groups.google.com/group/symfony-users?hl=en > > > -- > > Have a nice day! > > > Alecs > > Certified ScrumMaster > > > There are no cannibals alive! I have ate the last one yesterday ... > > I am on web: http://www.alecslupu.ro/ > > I am on twitter:http://twitter.com/alecslupu > > I am on linkedIn:http://www.linkedin.com/in/alecslupu > > Tel: (+4)0722 621 280 -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups "symfony users" group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to symfony-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en
[symfony-users] Re: How to customize the save process of many-to-many relation in symfony form framework?
may be like this
$db = Doctrine_Manager::connection();
$sql = "insert into tags(name) value('$name') on duplicate key upadte
count=count+1";
$db->exec($sql);
or with prepare statement (NO sql-inject)
$db = Doctrine_Manager::connection();
$sql = "insert into tags(name) value(?) on duplicate key upadte
count=count+1";
$stmt = $db->prepare($sql);
$stmt->execute(array($name));
On Mar 5, 8:37 am, Tom Ptacnik wrote:
> I'm not good at doctrine at all, but I think that i you don't know how
> to write this in DQL (Doctrine Query Language) there is a way how to
> write pure SQL and execute it
>
> On 4 bře, 08:58, SymfonyNewbie wrote:
>
> > You are right,I'm using doctrine.
>
> > Looking for information how it deals with dml like "insert .. on
> > duplicate key update"..
>
> > On 3月4日, 下午2时38分, Tom Ptacnik wrote:
>
> > > It depends on which ORM do you use.. Propel or Doctrine?
>
> > > I think this is more about ORM than symfony...
>
> > > On 3 bře, 13:07, SymfonyNewbie wrote:
>
> > > > The relation between posts and tags is n2m,
>
> > > > the pure mysql solution is like this:
>
> > > > $dml = "insert into tags(name) value('$name') on duplicate key
> > > > upadte count=count+1";
> > > > mysql_query($dml);
> > > > $dml = "insert into tagowner(post,tag) value($postid,$tagid)";
> > > > mysql_query($dml);
>
> > > > How to do similar things in symfony?- 隐藏被引用文字 -
>
> > > - 显示引用的文字 -
--
If you want to report a vulnerability issue on symfony, please send it to
security at symfony-project.com
You received this message because you are subscribed to the Google
Groups "symfony users" group.
To post to this group, send email to symfony-users@googlegroups.com
To unsubscribe from this group, send email to
symfony-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/symfony-users?hl=en
[symfony-users] sfWidgetFormDoctrineChoice problems
I have a question, I have a dropdown that needs to be populated from the
database, but with a query, and the query is based on a post variable.
I know that sfWidgetFormDoctrineChoice has an option for passing a method,
but I can't pass a method + parameter like that.
So I used the simple sfWidgetFormChoice with the choice value being the
Doctrine getTable and the parameter.. as shown in the bottom of this
email.. HOWEVER, the dropdown is not well populated. The dropdown is
formed like this:
20 Off Code
Special Sale
30 Off
This is incorrect, since the value for 20 Off Code is not 0 , is actually 1
so the index is wrong.
$this->widgetSchema['campaign_id'] = new sfWidgetFormChoice(array
(
'choices' =>
Doctrine::getTable('Campaign')->getCampaigns(sfContext::getInstance()->getUser()->getGuardUser()->Organization)
));
What can I do ?
Thank you.
--
If you want to report a vulnerability issue on symfony, please send it to
security at symfony-project.com
You received this message because you are subscribed to the Google
Groups "symfony users" group.
To post to this group, send email to symfony-users@googlegroups.com
To unsubscribe from this group, send email to
symfony-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/symfony-users?hl=en
[symfony-users] Re: sfWidgetFormDoctrineChoice problems
More info:
The same widget, generated with sfWidgetFormDoctrineChoice without passing
any method for filtering (Notice it has one more value, of course because it
is not filtered, but the value = id):
Special Sale
30 Off
20 Off Code
20 Off
Same field as above but using: = new sfWidgetFormChoice(array('choices'
=>Doctrine::getTable('Campaign')->getCampaigns(sfContext::getInstance()->getUser()->getGuardUser()->Organization)));
Special Sale
30 Off
20 Off Code
Notice it does filter based on the method, of course, but the value= is now
just a 0 index.. no the actual id.
Any ideas? This gives me tons of errors of course...
On Fri, Mar 5, 2010 at 7:10 PM, Samuel Morhaim wrote:
> I have a question, I have a dropdown that needs to be populated from the
> database, but with a query, and the query is based on a post variable.
>
> I know that sfWidgetFormDoctrineChoice has an option for passing a method,
> but I can't pass a method + parameter like that.
>
> So I used the simple sfWidgetFormChoice with the choice value being the
> Doctrine getTable and the parameter.. as shown in the bottom of this
> email.. HOWEVER, the dropdown is not well populated. The dropdown is
> formed like this:
>
> 20 Off Code
> Special Sale
> 30 Off
>
> This is incorrect, since the value for 20 Off Code is not 0 , is actually
> 1 so the index is wrong.
>
> $this->widgetSchema['campaign_id'] = new sfWidgetFormChoice(array
> (
> 'choices' =>
> Doctrine::getTable('Campaign')->getCampaigns(sfContext::getInstance()->getUser()->getGuardUser()->Organization)
> ));
>
>
> What can I do ?
>
> Thank you.
>
>
--
If you want to report a vulnerability issue on symfony, please send it to
security at symfony-project.com
You received this message because you are subscribed to the Google
Groups "symfony users" group.
To post to this group, send email to symfony-users@googlegroups.com
To unsubscribe from this group, send email to
symfony-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/symfony-users?hl=en
[symfony-users] subform update when other widget changes
Hi all, is there a way to update a subform when the selected value in a sfWidgetFormDoctrineChoice changes? I'm using javascript onChange, however, i need to create a doctrine query with the selected value, and is not possible to pass javascript vars to PHP. Any ideas to overcome this? Thanks. -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups "symfony users" group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to symfony-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en
[symfony-users] symfony and hosting
Hi. I have an x10hosting.com acount, i already freeze my project and upload it to the server, in a directory with myProject name, but: when i go to my web page : http://bogapp.x10hosting.com/ what i see is: Index of / * cgi-bin/ * images/ * indepabis/ * postinfo.html * symfony So i have to go indepabis -> web to see the page. and when i try to login or access any other page it gave me a 500 error... (i already have my database in the server full with data) what should i do to see my project properly??? Thanks -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups "symfony users" group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to symfony-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en
[symfony-users] Re: How to customize the save process of many-to-many relation in symfony form framework?
Symfony binds with doctrine,
so I wander if there is a ORM based solution so that I don't have to
write queries explicitly?
On 3月6日, 上午6时41分, Alex wrote:
> may be like this
>
> $db = Doctrine_Manager::connection();
> $sql = "insert into tags(name) value('$name') on duplicate key upadte
> count=count+1";
> $db->exec($sql);
>
> or with prepare statement (NO sql-inject)
>
> $db = Doctrine_Manager::connection();
> $sql = "insert into tags(name) value(?) on duplicate key upadte
> count=count+1";
> $stmt = $db->prepare($sql);
> $stmt->execute(array($name));
>
> On Mar 5, 8:37 am, Tom Ptacnik wrote:
>
>
>
> > I'm not good at doctrine at all, but I think that i you don't know how
> > to write this in DQL (Doctrine Query Language) there is a way how to
> > write pure SQL and execute it
>
> > On 4 bře, 08:58, SymfonyNewbie wrote:
>
> > > You are right,I'm using doctrine.
>
> > > Looking for information how it deals with dml like "insert .. on
> > > duplicate key update"..
>
> > > On 3月4日, 下午2时38分, Tom Ptacnik wrote:
>
> > > > It depends on which ORM do you use.. Propel or Doctrine?
>
> > > > I think this is more about ORM than symfony...
>
> > > > On 3 bře, 13:07, SymfonyNewbie wrote:
>
> > > > > The relation between posts and tags is n2m,
>
> > > > > the pure mysql solution is like this:
>
> > > > > $dml = "insert into tags(name) value('$name') on duplicate key
> > > > > upadte count=count+1";
> > > > > mysql_query($dml);
> > > > > $dml = "insert into tagowner(post,tag) value($postid,$tagid)";
> > > > > mysql_query($dml);
>
> > > > > How to do similar things in symfony?- 隐藏被引用文字 -
>
> > > > - 显示引用的文字 -- 隐藏被引用文字 -
>
> - 显示引用的文字 -
--
If you want to report a vulnerability issue on symfony, please send it to
security at symfony-project.com
You received this message because you are subscribed to the Google
Groups "symfony users" group.
To post to this group, send email to symfony-users@googlegroups.com
To unsubscribe from this group, send email to
symfony-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/symfony-users?hl=en
Re: [symfony-users] symfony and hosting
Hi set the documentRoot of your apache server upto your indepabis/web On Fri, Mar 5, 2010 at 8:08 PM, Germana Oliveira wrote: > Hi. > > I have an x10hosting.com acount, i already freeze my project and upload > it to the server, in a directory with myProject name, but: > > when i go to my web page : http://bogapp.x10hosting.com/ > what i see is: > > Index of / > * cgi-bin/ > * images/ > * indepabis/ > * postinfo.html > * symfony > > So i have to go indepabis -> web to see the page. > > and when i try to login or access any other page it gave me a 500 > error... (i already have my database in the server full with data) > > what should i do to see my project properly??? > > Thanks > > -- > If you want to report a vulnerability issue on symfony, please send it to > security at symfony-project.com > > You received this message because you are subscribed to the Google > Groups "symfony users" group. > To post to this group, send email to symfony-users@googlegroups.com > To unsubscribe from this group, send email to > symfony-users+unsubscr...@googlegroups.com > For more options, visit this group at > http://groups.google.com/group/symfony-users?hl=en > -- Regards, Dheeraj -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups "symfony users" group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to symfony-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en
Re: [symfony-users] Show/Check Simple Query Result
As a bew symfony developer I highly recommend you start and complete
the Jobeet tutorial for Doctrine:
http://www.symfony-project.org/jobeet/1_2/Doctrine/en/
This will give you a great example of using everything in symfony you
would ordinarily use. I know it seems like a long way to get going,
but personally I think it would serve you best to spend a few hours
doing something like this now than trying piece-meal to learn symfony.
Also, Another thing I highly recommend is reading The Definitive Guide
to symfony. You don't necessarily need to practice every example they
give, but as long as you read through the book you will later in
development be able to remember that symfony had X feature to help
solve Y problem and can go look it up again. If you don't know that
something exists, you wont even know you can use it :)
http://www.symfony-project.org/book/1_2/
Hope that helps. With those two resources under your belt you will be
a power symfony user in no time at all :)
On Fri, Mar 5, 2010 at 11:04 AM, bertzzie wrote:
> Hi, I'm very new to symfony, and just a novice developer also...
> I searched in forum and documentation already and can't find the
> answer (probably because it's too basic and simple :D)
>
> Here's the case :
>
> I have one table, 'user' to save username and password, then I want to
> retrieve the data from that table and check if the submitted username
> and password is right. I use a loginForm class that I write, and then
> check it from the main module.. here's the code :
>
> loginForm.class.php :
> class LoginForm extends BaseForm
> {
> public function configure()
> {
> $this->setWidgets(array(
> 'NIP' => new sfWidgetFormInputText(),
> 'password' => new sfWidgetFormInputPassword(),
> ));
>
> $this->widgetSchema->setNameFormat('login[%s]');
>
> $this->setValidators(array(
> 'NIP' => new sfValidatorString(array('required'
> => true)),
> 'password' => new sfValidatorString(array('required'
> => true)),
> ));
> }
> }
>
> actions.class.php
> public function executeIndex(sfWebRequest $request)
> {
> $this->form = new LoginForm();
>
> if($request->isMethod('post'))
> {
> $this->form->bind($request->getParameter('login'));
>
> if($this->form->isValid())
> {
> $formValue = $this->form->getValues();
>
> $query = Doctrine_Query::create()
> ->select('password')
> ->from('pengguna')
> ->where('pengguna.NIP = ' . $formValue['NIP'] );
>
> $this->user = $query->execute();
>
> }
> }
> }
>
> The code's not finished yet because I don't know how to get the value
> of the query I just executed...
> Things that I want to ask :
> 1. How to get the value (result) of $query->execute() ?
> 2. Are there any step by step tutorial that teaches most of these
> basic things ? (I've read practical symfony and doctrine orm for php,
> but I think it's too advanced for me - so many confusing things)
>
> The main problem of those two books is that they assume you know about
> doctrine ( practical symfony ) and that there's too many things that I
> have to read when what I need is just a simple question.. I need
> something like the PHP API documentation.. so any recommendation ?
>
> Thanks before, and sorry for my bad english..
>
> --
> If you want to report a vulnerability issue on symfony, please send it to
> security at symfony-project.com
>
> You received this message because you are subscribed to the Google
> Groups "symfony users" group.
> To post to this group, send email to symfony-users@googlegroups.com
> To unsubscribe from this group, send email to
> symfony-users+unsubscr...@googlegroups.com
> For more options, visit this group at
> http://groups.google.com/group/symfony-users?hl=en
>
--
Gareth McCumskey
http://garethmccumskey.blogspot.com
twitter: @garethmcc
--
If you want to report a vulnerability issue on symfony, please send it to
security at symfony-project.com
You received this message because you are subscribed to the Google
Groups "symfony users" group.
To post to this group, send email to symfony-users@googlegroups.com
To unsubscribe from this group, send email to
symfony-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/symfony-users?hl=en
Re: [symfony-users] Re: Symfony frontend sort by th
Firstly, symfony does that for you ;). Secondly it was just a quick
example to get him on the right road. I didn't have time to sit and
show a fully worked, real world example.
Jsut to reiterate, symfony already checks what parameters are passed
through GET and POST for you for SQL injection and cleans them. Try it
yourself if you don't believe me. Its one of the great benefits of
using a framework.
On Fri, Mar 5, 2010 at 8:12 PM, Augusto Flavio wrote:
> Hi Gareth,
>
>
> the method that you show us have a security problem: inject sql. You need to
> check what kind of parameter the user is sending.
>
>
>
> if (!in_array($parameter, array('asc', 'desc'))) {
> //do something
> } else {
> //execute the query
> }
>
>
> bye
>
>
>
> Augusto Morais
>
> --
> If you want to report a vulnerability issue on symfony, please send it to
> security at symfony-project.com
>
> You received this message because you are subscribed to the Google
> Groups "symfony users" group.
> To post to this group, send email to symfony-users@googlegroups.com
> To unsubscribe from this group, send email to
> symfony-users+unsubscr...@googlegroups.com
> For more options, visit this group at
> http://groups.google.com/group/symfony-users?hl=en
>
--
Gareth McCumskey
http://garethmccumskey.blogspot.com
twitter: @garethmcc
--
If you want to report a vulnerability issue on symfony, please send it to
security at symfony-project.com
You received this message because you are subscribed to the Google
Groups "symfony users" group.
To post to this group, send email to symfony-users@googlegroups.com
To unsubscribe from this group, send email to
symfony-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/symfony-users?hl=en
