The code has been duplicated and not moved for BC reasons.
This code has been duplicated in the Twig bundle to be able to decouple
the web profiler and the exception templates.
* 2.1: (28 commits)
Delete use of CreationExeption
[Form] Fixed error message in PropertyPath to not advice to use a non-existing feature
[Form] Fixed creation of multiple money fields with different currencies
[Form] Fixed setting the "data" option to an object in "choice" and "entity" type
Fixed Serbian plural translations.
Fixed IPv6 Check in RequestMatcher
Fix typo
change what I think is a typo
[Console] Fix error when mode is not in PATH
[WebProfilerBundle] fixed macro usage (to be forward compatible with Twig 2.x)
Change monolog require-dev to use the branch alias instead of dev-master
[FrameworkBundle] partially reverted previous merge
[2.1] Added missing error return codes in commands
Made the router lazy when setting the context
[WebProfilerBundle] fixed typos
Fix incorrect variable in FileProfilerStorage
UnitTest fix
UnitTest fix
added a unit test
fixed#5384
...
This PR was squashed before being merged into the 2.1 branch (closes#5586).
Commits
-------
6b66bc3 [2.1] Added missing error return codes in commands
Discussion
----------
[2.1] Added missing error return codes in commands
Bug fix: yes
Feature addition: no
Backwards compatibility break: no
Symfony2 tests pass: yes
License of the code: MIT
See: #5585
---------------------------------------------------------------------------
by fabpot at 2012-09-24T12:10:47Z
Exit code values are standardized and some values have some well-defined meaning. Have a look here for more info: https://github.com/symfony/symfony/blob/master/src/Symfony/Component/Process/Process.php#L67
* 2.1:
fixed CS
added doc comments
added doc comments
[Validator] Updated swedish translation
Update src/Symfony/Component/Validator/Resources/translations/validators.de.xlf
[2.1] Exclude tests from zips via gitattributes
[HttpKernel][Translator] Fixed type-hints
Updated lithuanian validation translation
[DomCrawler] Allows using multiselect through Form::setValues().
[Translation] forced the catalogue to be regenerated when a resource is added (closes symfony/Translation#1)
Unit test for patched method OptionsResolver::validateOptionValues().
validateOptionValues throw a notice if an allowed value is set and the corresponding option isn't.
[Form] Hardened code of ViolationMapper against errors
[HttpFoundation] Fixed#5611 - Request::splitHttpAcceptHeader incorrect result order.
[Form] Fixed negative index access in PropertyPathBuilder
Update src/Symfony/Component/Validator/Resources/translations/validators.ro.xlf
Conflicts:
src/Symfony/Component/DomCrawler/Form.php
src/Symfony/Component/Process/Process.php
In a template, you can now use native Twig template names, instead of
the Symfony ones:
Before (still works):
{% extends "AcmeDemoBundle::layout.html.twig" %}
{% include "AcmeDemoBundle:Foo:bar.html.twig" %}
After:
{% extends "@AcmeDemo/layout.html.twig" %}
{% include "@AcmeDemo/Foo/bar.html.twig" %}
Using native template names is also faster.
The only drawback is that the new notation looks similar to the way we
locate resources in Symfony, which would be
@AcmeDemoBundle/Resources/views/Foo/bar.html.twig. We could have used
the same notation, but it is rather verbose (and by the way, using this
notation did not work anyway in templates).
* 2.1:
Create CONTRIBUTING.md file for auto-linking in PR's
Added Bulgarian translation
[Profiler]Use the abstract method to get client IP
Typo fix
Fixing incorrect word in twig:lint command description
Rename $key parameter to $name for consistency
=Minor chnage: replaced function by method
Fixed the phpdoc in the DependencyInjection component
Commits
-------
dbeff69 [TwigBundle] added support for custom loader paths
Discussion
----------
[TwigBundle] added support for custom loader paths
Before this commit, there was no ability to specify custom
search paths for Twig loader. Lets say we have twig templates
outside bundles directories (parts of the domain logic, not
application) - we want to be able to load them.
This commit adds `loader_paths` parameter to twig config,
which is used to set custom paths to the loader.
---------------------------------------------------------------------------
by travisbot at 2012-06-25T09:50:44Z
This pull request [passes](http://travis-ci.org/symfony/symfony/builds/1699654) (merged dbeff697 into 03c8d4d2).
---------------------------------------------------------------------------
by vicb at 2012-06-26T06:14:30Z
You also need to support xml in the configuration and update the xsd file.
edit: adding some DI unit tests is probably a good idea.
---------------------------------------------------------------------------
by everzet at 2012-06-26T08:49:20Z
@vicb agree, was just a fast stabbing ;)
---------------------------------------------------------------------------
by fabpot at 2012-06-28T14:06:02Z
I'm +1. Can you "finish" the PR?
---------------------------------------------------------------------------
by fabpot at 2012-07-02T13:23:33Z
@everzet If you don't have time, I can do the remaining work.
Before this commit, there was no ability to specify custom
search paths for Twig loader. Lets say we have twig templates
outside bundles directories (parts of the domain logic, not
application) - we want to be able to load them.
This commit adds `loader_paths` parameter to twig config,
which is used to set custom paths to the loader.
Commits
-------
df5590e [TwigBundle] Fix return code in LintComand
604a79a [TwigBundle] Fix line start in twig:lint command
91936b5 [TwigBundle] Fancy output for twig:lint
Discussion
----------
[TwigBundle] Fancy output for twig:lint
Previous PR : #3804
@marcw @fabpot Since no exception is raised, the return code is always 0. Do I add ``return rand(64, 113)`` ?
Screenshot : http://twitpic.com/9qql09
---------------------------------------------------------------------------
by travisbot at 2012-05-29T21:18:33Z
This pull request [fails](http://travis-ci.org/symfony/symfony/builds/1470256) (merged 91936b53 into adf07f1e).
---------------------------------------------------------------------------
by travisbot at 2012-05-29T21:21:54Z
This pull request [passes](http://travis-ci.org/symfony/symfony/builds/1470353) (merged 604a79ab into adf07f1e).
---------------------------------------------------------------------------
by fabpot at 2012-05-30T16:45:24Z
@alexandresalome just return 1 in case of a problem.
---------------------------------------------------------------------------
by travisbot at 2012-06-06T20:06:04Z
This pull request [passes](http://travis-ci.org/symfony/symfony/builds/1550631) (merged df5590ec into adf07f1e).
Commits
-------
23bb668 [FrameworkBundle][SecurityBundle] updated configuration to new method names
8775f2c [Config] replaced setInfo(), setExample() with more generic attributes
Discussion
----------
[Config] replaced setInfo(), setExample() with more generic attributes
This replaces ``setInfo`` and ``setExample`` with a more generic attribute system which provides more flexibility and is more future prove.
I have kept the specialized ``setInfo`` and ``setExample`` methods because they are a bit shorter, and also a good demonstration of what the system could be used for. However for consistency, I have renamed them to ``info()`` and ``example()`` respectively.
---------------------------------------------------------------------------
by travisbot at 2012-05-26T17:37:06Z
This pull request [fails](http://travis-ci.org/symfony/symfony/builds/1442720) (merged 8775f2c1 into 9e951991).
---------------------------------------------------------------------------
by stof at 2012-05-26T17:42:02Z
and you forgot to update FrameworkBundle
---------------------------------------------------------------------------
by travisbot at 2012-05-26T17:46:37Z
This pull request [passes](http://travis-ci.org/symfony/symfony/builds/1442764) (merged 23bb668e into 9e951991).
When installing the bundle and the bridge from the standalone repositories
the relative path between them is different. This simply backports the
change done in symfony 2.1 to allow using subtree repositories with 2.0.x
too.
Commits
-------
1e84f1e [TwigBundle] implemented context auto-escaping in Twig templates based on the template extension
Discussion
----------
[2.2] Implements context escaping for Twig (fixes#839)
This TwigEngine implements the interface available in the component.
the TwigBridge in TwigBundle now extends this class and provides only
the additional methods for the FrameworkBundle interface.
Commits
-------
1422133 [TwigBundle] Made docblock for findTemplate() more general and accurate
5910ac9 [TwigBundle] Added a use statement to shorten class name in a docblock
3e7eebd [TwigBundle] Improved ExceptionController docblocks
Discussion
----------
[TwigBundle] Improved ExceptionController docblocks
Bug fix: no
Feature addition: no
Backwards compatibility break: no
Symfony2 tests pass: [](http://travis-ci.org/lencioni/symfony)
Fixes the following tickets: -
Todo: -
---------------------------------------------------------------------------
by lencioni at 2012-03-21T20:47:16Z
I obviously don't know what I'm doing here. :/
---------------------------------------------------------------------------
by vicb at 2012-03-21T20:47:39Z
no pb just rebase on master and force push
Bug fix: yes
Feature addition: no
Backwards compatibility break: no
Symfony2 tests pass: [](http://travis-ci.org/lencioni/symfony)
Fixes the following tickets: -
Todo: -
Relying on decrementing a counter has two problems. First, and most importantly, if the output buffering nesting level is greater than the counter, the function does not perform the expected task. Secondly, on systems where the counter is needed, a lot of unnecessary extra loops would potentially occur.
This approach checks to see if the level has stayed the same from the previous iteration and if it has it stops looping.
Rename ArraySessionStorage to make it clear the session is a mock for testing purposes only.
Has BC class for ArraySessionStorage
Added sanity check when starting the session.
Fixed typos and incorrect php extension test method
session_module_name() also sets session.save_handler, so must use extension_loaded() to check if module exist
or not.
Respect autostart settings.
Commits
-------
753c067 [FrameworkBundle] added $view['form']->csrfToken() helper
e1aced8 [Twig] added {{ csrf_token() }} helper
Discussion
----------
[Twig] [FrameworkBundle] added CSRF token helper
I've added a templating helper and Twig function for generating a CSRF token without the overhead of creating a form.
```html+jinja
<form action="{{ path('user_delete', { 'id': user.id }) }}" method="post">
<input type="hidden" name="_method" value="delete">
<input type="hidden" name="_token" value="{{ csrf_token('delete_user_' ~ user.id) }}">
<button type="submit">delete</button>
</form>
```
```php
<?php
class UserController extends Controller
{
public function delete(User $user, Request $request)
{
$csrfProvider = $this->get('form.csrf_provider');
if (!$csrfProvider->isCsrfTokenValid('delete_user_'.$user->getId(), $request->request->get('_token')) {
throw new RuntimeException('CSRF attack detected.');
}
// etc...
}
}
```
The test that is failing on Travis appears to be unrelated, but I may be wrong?
```
1) Symfony\Bundle\SecurityBundle\Tests\Functional\LocalizedRoutesAsPathTest::testLoginLogoutProcedure with data set #1 ('de')
RuntimeException: OUTPUT:
Catchable fatal error: Argument 3 passed to Symfony\Bundle\FrameworkBundle\Controller\TraceableControllerResolver::__construct() must be an instance of Symfony\Component\HttpKernel\Debug\Stopwatch, instance of Symfony\Bundle\FrameworkBundle\Controller\ControllerNameParser given, called in /tmp/2.1.0-DEV/StandardFormLogin/cache/securitybundletest/appSecuritybundletestDebugProjectContainer.php on line 94 and defined in /home/vagrant/builds/kriswallsmith/symfony/src/Symfony/Bundle/FrameworkBundle/Controller/TraceableControllerResolver.php on line 37
```
---------------------------------------------------------------------------
by pablodip at 2012-01-10T14:18:45Z
As you don't need forms to use the csrf provider, how about putting its service without the form prefix? It could even make sense to put the CsrfProvider as a component since you can use it standalone and in more cases than only forms. It would be a small component though.
---------------------------------------------------------------------------
by Tobion at 2012-01-10T17:54:14Z
I think it would be more clear to generate the token in the controller. Doing so in the template will spread the CSRF intention across template and controller. So I don't think this extension is necessary.
---------------------------------------------------------------------------
by kriswallsmith at 2012-01-10T17:58:14Z
@pablodip I'm open to the idea of a Csrf component. This would be a good place for some nonce classes as well.
@Tobion I disagree. One use case is for a list of users, each with a delete form. Iterating over the users in the controller and generating a token for each, just to iterate over them again in the view is a waste and adds complexity.
---------------------------------------------------------------------------
by Tobion at 2012-01-10T18:05:14Z
I see. But I don't understand why the intention needs to be different for each user to delete. Usually the intention is the same for each form type. I thought this is enough.
---------------------------------------------------------------------------
by kriswallsmith at 2012-01-10T18:06:13Z
Yes, a static intention would suffice.
---------------------------------------------------------------------------
by Tobion at 2012-01-10T18:07:08Z
Then your use case is not valid anymore.
---------------------------------------------------------------------------
by Tobion at 2012-01-10T18:12:25Z
I would suggest to make a cookbook article out of it about how to create a simple form without the form component.
And include such things as validating the result using the validator component and checking the CSRF.
---------------------------------------------------------------------------
by kriswallsmith at 2012-01-10T21:32:50Z
This helper makes it easier to use CSRF protection without a form and we should make it as easy as possible. Spreading the intention across controller and template is not concerning to me. Either way, a cookbook entry is a great idea.
---------------------------------------------------------------------------
by Tobion at 2012-01-10T21:47:12Z
Well, it's just one line more without this helper. So I disagree it makes it really easier when you know how to use the CsrfProvider which is a pre-condition anyway since you must still validate its correctness by hand.
---------------------------------------------------------------------------
by kriswallsmith at 2012-01-13T13:24:15Z
Another use case is when rendering a page with a bunch of simple buttons with different intentions: delete user, delete comment, follow, unfollow... Creating all of these in the controller just leads to spaghetti.
---------------------------------------------------------------------------
by jwage at 2012-01-17T21:55:53Z
👍 lots of use cases for something like this @OpenSky
To stream a Response, use the StreamedResponse class instead of the
standard Response class:
$response = new StreamedResponse(function () {
echo 'FOO';
});
$response = new StreamedResponse(function () {
echo 'FOO';
}, 200, array('Content-Type' => 'text/plain'));
As you can see, a StreamedResponse instance takes a PHP callback instead of
a string for the Response content. It's up to the developer to stream the
response content from the callback with standard PHP functions like echo.
You can also use flush() if needed.
From a controller, do something like this:
$twig = $this->get('templating');
return new StreamedResponse(function () use ($templating) {
$templating->stream('BlogBundle:Annot:streamed.html.twig');
}, 200, array('Content-Type' => 'text/html'));
If you are using the base controller, you can use the stream() method instead:
return $this->stream('BlogBundle:Annot:streamed.html.twig');
You can stream an existing file by using the PHP built-in readfile() function:
new StreamedResponse(function () use ($file) {
readfile($file);
}, 200, array('Content-Type' => 'image/png');
Read http://php.net/flush for more information about output buffering in PHP.
Note that you should do your best to move all expensive operations to
be "activated/evaluated/called" during template evaluation.
Templates
---------
If you are using Twig as a template engine, everything should work as
usual, even if are using template inheritance!
However, note that streaming is not supported for PHP templates. Support
is impossible by design (as the layout is rendered after the main content).
Exceptions
----------
Exceptions thrown during rendering will be rendered as usual except that
some content might have been rendered already.
Limitations
-----------
As the getContent() method always returns false for streamed Responses, some
event listeners won't work at all:
* Web debug toolbar is not available for such Responses (but the profiler works fine);
* ESI is not supported.
Also note that streamed responses cannot benefit from HTTP caching for obvious
reasons.
* 2.0:
[FrameworkBundle] Added functional tests.
[Form] Added missing use statements (closes#2880)
[Console] Improve input definition output for Boolean defaults
[SecurityBundle] Changed environment to something unique.
2879: missing space between catch and the brace
#2688: Entities are generated in wrong folder (doctrine:generate:entities Namespace)
[TwigBundle] Fix the exception message escaping
* 2.0:
[HttpKernel] fixed Content-Length header when using ESI tags (closes#2623)
[HttpFoundation] added an exception to MimeTypeGuesser::guess() when no guesser are available (closes#2636)
[Security] fixed HttpUtils::checkRequestPath() to not catch all exceptions (closes#2637)
[DoctrineBundle] added missing default parameters, needed to setup and use DBAL without ORM
[Transation] Fix grammar.
[TwigBundle] Fix trace to not show 'in at line' when file/line are empty.
* 2.0:
[Form] fixed previous merge
[Form] simplified previous merge
Also identify FirePHP by the X-FirePHP-Version header
[TwigBundle] Extract output buffer cleaning to method
[TwigBundle] Do not clean output buffering below initial level
Fixed rendering of FileType (value is not a valid attribute for input[type=file])
Added tests for string fix in DateTimeToArrayTransformer (8351a11286).
Added check for array fields to be integers in reverseTransform method. This prevents checkdate from getting strings as arguments and throwing incorrect ErrorException when submitting form with malformed (string) data in, for example, Date field. #2609
[Translation] removed unneeded methods
[Translation] added detection for circular references when adding a fallback catalogue
[DomCrawler] trim URI in getURI
[Yaml][Tests] Fixed missing locale string for Windows platforms which caused test to fail
This resulted in issues with PHPUnit 3.6, which will buffer all output and clean them in the end. Since
we cleaned their buffer, the subsequent clean would raise a warning. This is documented in issue 390 of
the PHPUnit tracker.
Closes#2531.
* 2.0:
Added a class to the logs ol element to prevent hiding it when toggling an exception (fixes#2589).
Remove only the security token instead of the session cookie.
Clear session cookie if user was deleted, is disabled or locked to prevent infinite redirect loops to the login path (fixes#1798).
-- add missing files
-- tweak translation command files
-- dumpers are now responsive for writting the files
-- moved the twig extractor the bridge
-- clear temp files after unit tests
-- check the presence of dumper in translation writer
-- General cleaning of the code
-- clean phpDoc
-- fix PHPDoc
-- fixing class name in configuration
-- add unit tests for extractors (php and twig)
-- moved test to correct location
-- polish the code
-- polish the code
This commit also fixes exception pages when Twig is not enabled as a templating engine.
Instead of just displaying the raw Twig template as before, we now fallback to the default
exception handler introduced some time ago.
Commits
-------
edf4b87 Add missing "tearDown" functions, and some missing variable declaration (this saves for me almost 20MB when run all tests) Force AsseticBundle tests to use TestCase Fix test for DoctrineBundle to use TestCase
2b0c352 Increase code coverage for: YamlParser, Validators, PhpEngine + Helpers, HttpFoundation
b88a0a0 Remove tabs
99f9337 Additional tests for PhpEngine + Helpers More tests for UrlValidator
450ed85 Additional tests for DateTimeValidator, EmailValidator and UrlValidator
Discussion
----------
[Tests] Cleanup + make code coverage more happy
Hey,
this PR is a bit bigger than usually ;-) few infos what's inside:
- Fix `DoctrineBundle` test to use `TestCase`
- Mark tests as "incomplete" instead of commenting them out
- Increase code coverage for: `Validators`, `PhpEngine` + `Helpers`, `HttpFoundation` (`Session`, `Response` etc.)
- And my favourite ;-) added missing variables definition (also removed non-used) and `tearDown()` function (if needed) to tests which allowed me saved __~15MB__ when running all tests
---------------------------------------------------------------------------
by stloyd at 2011/06/16 05:58:21 -0700
@fabpot & @marcw It was rebased and cleanup up (I split up `AsseticBundle` symfony/AsseticBundle#1 change to new repo), and added few new tests.
