diogo/symfony
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
forked from https://github.com/symfony/symfony
This repository has been archived on 2023-08-20. You can view files and clone it, but cannot push or open issues or pull requests.
24,210 Commits 24 Branches 563 Tags 228 MiB
PHP 98.7%
Twig 1.1%
CSS 0.1%
482e9edc50
Go to file
Fabien Potencier 482e9edc50 bug #20734 [Security] AbstractVoter->supportsAttribute gives false positive if attribute is zero (0) (martynas-foodpanda) 
This PR was merged into the 2.7 branch.

Discussion
----------

[Security] AbstractVoter->supportsAttribute gives false positive if attribute is zero (0)

| Q             | A
| ------------- | ---
| Branch?       |  2.7
| Bug fix?      | yes
| New feature?  | no
| BC breaks?    | no
| Deprecations? | no
| Tests pass?   | yes
| Fixed tickets |
| License       | MIT
| Doc PR        |

Issue is easy to reproduce with test giving negative data set.
0 should not pass as supported attribute for any set of attributes but it does as in_array in the method does not use flag 'strict' set to true.

As this is abstract voter and is used by users with their code flag 'strict' should be set to true.
Since is there in 2.7 and 2.8 (LTS) IMHO it should be fixed.

Commits
-------

8306530 [Security] AbstractVoter method supportsAttribute gives false positive if attribute is zero (0)
2016-12-14 09:11:55 +01:00
.composer Drop hirak/prestissimo 2016-05-12 07:44:15 -05:00
.github minor #20295 Define a GitHub issue template to avoid support questions (javiereguiluz) 2016-12-13 11:28:06 +01:00
src/Symfony bug #20734 [Security] AbstractVoter->supportsAttribute gives false positive if attribute is zero (0) (martynas-foodpanda) 2016-12-14 09:11:55 +01:00
.editorconfig Add EditorConfig File 2012-06-16 14:08:15 +02:00
.gitignore Add appveyor.yml for C.I. on Windows 2015-08-25 23:41:37 +02:00
.php_cs.dist Update PHP CS Fixer config file 2016-12-03 10:46:32 +01:00
.travis.yml [ci] Testing with UTC hides bugs 2016-11-18 15:26:45 -05:00
appveyor.yml [ci] Testing with UTC hides bugs 2016-11-18 15:26:45 -05:00
CHANGELOG-2.2.md Merge branch '2.2' into 2.3 2013-12-03 15:51:26 +01:00
CHANGELOG-2.3.md updated CHANGELOG for 2.3.42 2016-05-30 10:40:50 +02:00
CHANGELOG-2.4.md updated CHANGELOG for 2.4.9 2014-09-03 11:50:09 +02:00
CHANGELOG-2.5.md updated CHANGELOG for 2.5.10 2015-02-02 10:26:02 +01:00
CHANGELOG-2.6.md updated CHANGELOG for 2.6.10 2015-07-13 11:34:21 +02:00
CHANGELOG-2.7.md updated CHANGELOG for 2.7.22 2016-12-13 11:53:02 +01:00
composer.json bumped min version of Twig to 1.28 2016-11-12 09:04:32 -08:00
CONTRIBUTING.md Update contributing docs 2016-02-24 15:36:06 +01:00
CONTRIBUTORS.md update CONTRIBUTORS for 2.7.22 2016-12-13 11:53:11 +01:00
LICENSE Update copyright year 2016-01-01 23:53:47 -03:00
phpunit [travis/appveyor] Wire simple-phpunit 2016-09-12 17:58:10 +02:00
phpunit.xml.dist Merge branch '2.3' into 2.7 2016-03-16 17:00:15 +01:00
README.md Update README.md 2016-10-18 19:16:23 +02:00
UPGRADE-2.1.md Remove aligned '=>' and '=' 2014-10-26 08:30:58 +01:00
UPGRADE-2.2.md Merge branch '2.3' into 2.5 2014-10-01 07:50:18 +02:00
UPGRADE-2.3.md [Doc] Use Markdown syntax highlighting 2014-10-01 07:38:33 +02:00
UPGRADE-2.4.md Updated UPGRADE-2.4.md 2015-06-08 16:44:57 +02:00
UPGRADE-2.5.md Merge branch '2.5' into 2.6 2015-01-05 21:59:13 +01:00
UPGRADE-2.6.md Fix grammar 2014-12-30 09:24:50 +01:00
UPGRADE-2.7.md Update UPGRADE-2.7.md 2016-11-07 10:23:54 +03:00
UPGRADE-3.0.md Update UPGRADE FROM 2.x to 3.0 2016-05-20 16:53:05 +02:00

README.md

README

What is Symfony?

Symfony is a PHP 5.3 full-stack web framework. It is written with speed and flexibility in mind. It allows developers to build better and easy to maintain websites with PHP.

Symfony can be used to develop all kind of websites, from your personal blog to high traffic ones like Dailymotion or Yahoo! Answers.

Requirements

Symfony is only supported on PHP 5.3.9 and up.

Be warned that PHP 5.3.16 has a major bug in the Reflection subsystem and is not suitable to run Symfony (https://bugs.php.net/bug.php?id=62715)

Installation

The best way to install Symfony is to use the official Symfony Installer. It allows you to start a new project based on the version you want.

Documentation

The "Quick Tour" tutorial gives you a first feeling of the framework. If, like us, you think that Symfony can help speed up your development and take the quality of your work to the next level, read the official Symfony documentation.

Contributing

Symfony is an open source, community-driven project. If you'd like to contribute, please read the Contributing Code part of the documentation. If you're submitting a pull request, please follow the guidelines in the Submitting a Patch section and use Pull Request Template.

Running Symfony Tests

Information on how to run the Symfony test suite can be found in the Running Symfony Tests section.