Re: [fw-general] FW: Using 'action' view helper

Please reply to the list. On Monday 13 July 2009 08:22:15 Sergio Rinaudo wrote: > Hi, > thank for your answer. > I've already tried to use a parameter to disable the layout, but using this > method also the main layout will be disabled. Can you paste your code here, somebody will surely be able t

FW: [fw-general] FW: Using 'action' view helper

Hi, thank for your answer. I've already tried to use a parameter to disable the layout, but using this method also the main layout will be disabled. Do you know where can I see the widget view helper that you are talking about? Does it bring performance issue? Thanks Sergio Rinaudo > From:

Re: [fw-general] Front Controller Plugin or Action Helper

On Sun, Jul 12, 2009 at 11:20 AM, Rob Allen wrote: > > On 12 Jul 2009, at 09:45, J DeBord wrote: > > I can code both of these, but I'm not sure what the correct method is. >> >> For recording hits to a website, which would you typically use? >> >> For checking if a "Stay logged in" cookie is set

[fw-general] Multiple form elements rendered together

I have two selects: fieldName and sortOrder, I'd like to render them like Sort by (...) ASC DESC and without using the view script for the form (this part is really important, if it wasn't, this wouldn't warrant a question here

[fw-general] Zend_Db_Table: Having one single class for intersection tables

Hello all, my application is composed of a lot of several modules. Each module corresponds to a table in the database. Basically each module can be linked to every other module in many to many relationship. This way when defining the tables in the Zend Framework, everytime I add the definition c

[fw-general] XSS Prevention with Zend Framework

Back to the Mar 2008, some guy posted : http://framework.zend.com/wiki/display/ZFDEV/Cross+Site+Scripting+Prevention+for+PHP Any update on it? Is it possible to do XSS filtering with Zend Framework now? Thanks.

[fw-general] CLA Approval Process

Hey Guys, Apologies if this is the wrong place to ask, I am posting this here because I see a lot from the 'main' of the frameworks developers here. I emailed a signed CLA early last week, and as yet have had no response, just wondering if there is anything else I need to do, and whether or

Re: [fw-general] Zend_Service_Twitter - status/tweet ids integer overflow

I see that methods account/update_profile_colors account/update_profile_image account/update_profile_background_ima

Re: [fw-general] Multiple form elements rendered together

-- Dalibor Karlović wrote (on Monday, 13 July 2009, 11:56 AM +0200): > I have two selects: fieldName and sortOrder, I'd like to render them like > > > Sort by > (...) > > ASC > DESC > > > > and without using the view script for the form (th

Re: [fw-general] XSS Prevention with Zend Framework

-- howard chen wrote (on Monday, 13 July 2009, 09:32 PM +0800): > Back to the Mar 2008, some guy posted : > http://framework.zend.com/wiki/display/ZFDEV/Cross+Site+Scripting+Prevention+for+PHP > > Any update on it? > > Is it possible to do XSS filtering with Zend Framework now? Zend_View::escap

Re: [fw-general] CLA Approval Process

-- Nick Pack wrote (on Monday, 13 July 2009, 02:41 PM +0100): > Apologies if this is the wrong place to ask, I am posting this here > because I see a lot from the 'main' of the frameworks developers here. > > I emailed a signed CLA early last week, and as yet have had no response, > just wonde

Re: [fw-general] Multiple form elements rendered together

On Monday 13 July 2009 16:58:03 Matthew Weier O'Phinney wrote: > -- Dalibor Karlović wrote > > (on Monday, 13 July 2009, 11:56 AM +0200): > > I have two selects: fieldName and sortOrder, I'd like to render them like > > > > > > Sort by > > (...) > > > > ASC > >

Re: [fw-general] Multiple form elements rendered together

-- Dalibor Karlović wrote (on Monday, 13 July 2009, 07:14 PM +0200): > On Monday 13 July 2009 16:58:03 Matthew Weier O'Phinney wrote: > > -- Dalibor Karlović wrote > > > > (on Monday, 13 July 2009, 11:56 AM +0200): > > > I have two selects: fieldName and sortOrder, I'd like to render them like >

Re: [fw-general] Zend_Form_Element_Captcha + Custom Decorator

I'm also attempting a custom decorator for captcha elements and found this thread. When finally rendered, I would like to have this: I've been able to accomplish this with other form elements, but I'm having difficulty with the captcha rendering (probably due to

Re: [fw-general] Possible bug in Zend_Test_PHPUnit??

MATTHEW:>No, actually. When you set it as you did in preDispatch(), there is no check until postDispatch() to see if a redirect occurred. This should likely be changed; care to file an issue in the tracker?< ME: I had a similar problem, setting a redirect in the preDispatch() w/ the same code you

[fw-general] Fw: $request->getParams() returns escaped data

Hi Just wanted to check if escaping for $request->getParams() can be turned off e.g. single quote( ' ) is replaced by ( \' ). I have tried it before calling any other methods but still the same, is there any helper or plugin I need to set options for? If it is a default, why I should create a

Re: [fw-general] Fw: $request->getParams() returns escaped data

This isn't Zend Framework -- it sounds like you have magic quotes turned on. These should be disabled[1] when using Zend Framework. [1] http://us3.php.net/manual/en/security.magicquotes.disabling.php On Mon, Jul 13, 2009 at 3:44 PM, Muhammad Ali wrote: > Hi > > Just wanted to check if escaping fo

Re: [fw-general] Fw: $request->getParams() returns escaped data

Hi Bradley Thank a lot for your answer you have saved me hours and injecting work arounds :) if(isset($postValues['title'])) $postValues['title'] = stripslashes($postValues['title']); An other quick question for the mailing list, does using Zend_Config as Array rather as INI files improves

Re: [fw-general] Fw: $request->getParams() returns escaped data

On Mon, Jul 13, 2009 at 10:16 PM, Muhammad Ali wrote: > Hi Bradley > > Thank a lot for your answer you have saved me hours and injecting work > arounds :) > > if(isset($postValues['title'])) $postValues['title'] = > stripslashes($postValues['title']); That is a bad hack. Say you have a slash in it

Re: [fw-general] Fw: $request->getParams() returns escaped data

Hi Till yeah I have removed this line, just wanted to show what i was using before. I have now turned off the magic quotes and all seems good. Thanks again -- From: "till" Sent: Monday, July 13, 2009 9:32 PM To: "Muhammad Ali" Cc: "Bradley Hol

Re: [fw-general] XSS Prevention with Zend Framework

Hi Howard, The wiki page referred to wasn't all that clear that there are numerous vectors for XSS. The Zend Framework bakes in anti-XSS tactics for a subset of these vectors, but does not cover all of them. Indeed it couldn't possibly do so. When people talk about the XSS filtering in ZF, they

Re: [fw-general] Zend_Db_Table: Having one single class for intersection tables

This is difficult in the current iteration of Zend_Db_Table since Zend_Db_Table's only use case requires each table name to implemented as a class that extends Zend_Db_Table. In ZF 1.9, I have implemented a feature where Zend_Db_Table can be used as a concrete instance. When this drops, you'l

Re: [fw-general] Zend_Form_Element_Captcha + Custom Decorator

Nevermind. I think I worked it out. I was trying too hard, but a custom decorator for the Captcha_Word was still necessary. If you're like me, re-read Matthew's answer a couple times and maybe it'll sink in. :blush: Matthew Weier O'Phinney-3 wrote: > > -- Matthew Lurz wrote > (on Sunday, 31

[fw-general] Action_HelperBroker refuses to add path in 1.8.4?

Hi guys, Have been trying to figure this one out for a while now, have also checked out the bug tracker and didn't find anything conclusive so thought I'd solicit advice from the pros. I've spent part of today migrating my site to the latest and greatest 1.8.4, and all has been going well excep

Re: [fw-general] Fw: $request->getParams() returns escaped data

-- Muhammad Ali wrote (on Monday, 13 July 2009, 09:16 PM +0100): > An other quick question for the mailing list, does using Zend_Config as > Array rather as INI files improves performance, is it worth doing? Using native arrays will of course be faster to parse than INI or XML. That said, it's

Re: [fw-general] XSS Prevention with Zend Framework

Hi > fixing that...), but I will note: Starting with 2.0, escaping will be > the default when retrieving variables from the view object, and you will > need to request the raw value explicitly if you need it. This is a Thats sounds like a ZF version of magic_quotes... How do you want to deal with

[fw-general] Actionstack bad, Layout and View Helpers good??

Hi, I've been reading a number of articles about why the Action Stack is bad and everything you need to achieve with the action stack could be achieved with ViewHelpers. I completely buy into this... I can't remember the number of times I've had to fudge code because my predispatch hooks are bei