Symfony2 committed this week two huge changesets related to the Security component: fixed user refreshing after unserialization and added authentication trust resolver. It also committed two small but important tweaks: the new hash syntax for Twig templates and the new format for XML attribute names.

Development mailing list

Symfony2 development highlights

Changelog:

  • 984a857: [Validator] fixed the static method loader to not repeat the loading when the static method is in the parent classes
  • 131b3fe: [Form] refactored Field and FieldGroup to facilitate modifications in subclasses
  • e80aa9a: [Form] fixed the data in a CollectionField is resized down if fields are removed
  • f73b6b4: [PropertyPath] fixed usage of __get() and __set() when accessing properties that exist in the object but are not public
  • 1b2ca25, af291bb: [Validator] fixed string-based constraint validators to accept empty values
  • e49cc36: [DependencyInjection] fixed interfaces can now also be defined on containers which are built with an Extension and interface injection can also be used on classes that require constructor arguments
  • 48e3053: added exception when a loaded YAML resource is not an array
  • 504463c: [Routing] refactored PHP generator dumper code
  • 7cb8dca, 5857576: [Routing] added . as a valid character in route names
  • a7c8157: [HttpFoundation] added a way to retrieve raw body from a request
  • abe8047: added authentication trust resolver
  • 30f231d: moved default form template to the DIC config
  • e6d0385: [HttpFoundation] fixed Request::create() when using HTTPS and getUri()/getPathForUri() when script name should be removed
  • 02a92ec: [TwigBundle] added autoescape option in Twig configuration
  • 84c7496: [DoctrineBundle] fixed createOrmProxyDirectory method
  • 6970a46: updated Twig templates for the new hash syntax
  • c9f08c0: changed all XML attribute names to take - instead of _ (everything should be consistent now)
  • 3c692bd: fixed user refreshing after unserialization

New developers for hire

  • e-Zest Solutions (http://www.e-zest.net/php-software-development.html): is a leading PHP software development company from India. With a bunch of dedicated and expert developers in LAMP (Linux, Apache, MySQL and PHP) technology makes e-Zest a great partner for low cost open source technology development company.

New plugins

  • sfWindguru: is an interface to windguru.cz website. It allows displaying forecasts fetched from windguru website.
  • sfRADIUSAuth: provides means to authenticate sfGuard Users against a RADIUS server.
  • sfUserVoice: is an interface to uservoice.com feedback. It allows 'feedback' popup tab fetched from uservoice.com website.

Updated plugins

  • gjPositions:
    • released the first stable version
  • sfAntiBruteForce:
    • released the fist version that handles basic functionnalities on file storage
    • improved security
    • fixed bug when cache directory not created
    • added license and readme files
  • pmPropelGenerator:
    • modified form partial and stylesheets
  • ncPropelChangeLogBehavior:
    • added a method to determine whether an object has any changelog elements
    • updated some minor typos and made some little improvements
  • ggEmail:
    • promoted the plugin to stable
  • sfHttpHeaderCache:
    • don't need the routing object anymore
  • sfGuardExtra:
    • enforced strong password with min length of 8
  • sfDoctrineActAsTaggable:
    • changed the markup for tags output by the multipleSelect a little bit
  • sfProjectAnalyser:
    • when the plugin_to_parse config is empty, no plugin is analysed (instead of all plugins)
    • corrected bad warning reporting when using validateXXX methods and the compat1.0 plugin
    • added a config option for the compat10 mode
    • fixed a bug with report generation date
    • added a detected value 'all' for the config parameter [plugin][to_parse] to parse all the plugins of the project
    • updated package and README with new roadmap and ideas
  • sfGeshi:
    • geshi customization can be made in app.yml file
  • apostropheBlog:
    • fixed date and time parsing to be more tolerant so the add to google calendar button always works as expected
    • added Add to iCal, Outlook, etc. links for events
    • added vcalendar support for Outlook 2003
    • removed the separate partial for event title and slug editing since it was only used on the first load and was not different in any case
    • moved the New Event / New Blog Post buttons into the sidebar
    • created _meta partials for bundled Blog and Events templates
    • updated markup for Blog and Events bundled templates, showSuccess, and indexSuccess to be more consistent between each other
    • brought tags into Events template
    • updated default time set for newly created events
    • updated blog and events templates to better share a single _addThis partial
    • updated blog and events templates to better share a single _tags partial
    • updated sidebar markup to use a_button helpers for tags
    • started aBlogConstructor JS modeled after a.js so we can build upon it as the blog evolves
    • fixed bug with saving event engine settings
    • removed query orderBy in blog and event actions
    • added default ordering to createQuery in Event and Post tables
    • fixed the slug got wiped out on every save of the blog post / event metadata form
    • updated Blog / Events _sidebars to share markup more closely with Media _browser
    • events and actions engines now support alternate page templates
    • reorganized the blog and events sidebar form so the status field is consistent with the author field
  • apostrophe:
    • aDate::normalize now has an optional timeOnly flag (when this flag is true, only the offset in seconds from midnight is returned)
    • removed include_stylesheets and include_javascripts calls at the top of the ajaxUpdateSlot partial
    • published_at is now set when publishing pages
    • clarified that aSlot::getText() should return real UTF-8 plaintext, not entity-esscaped text
    • implemented aString::toVcal(), which returns a string cleaned up to be legal in a vcal or ical .vcs or .ics file
    • aHtml::toPlaintext converts   to a regular space rather than a unicode nonbreaking space
    • help text for the categories list in user admin
    • admin generator templates now generate save-and-list, cancel and delete buttons and label them as save, cancel and delete, matching common user interface standards
    • sidebar buttons are styled properly for users, groups, permissions
    • implemented aPage::getAllSlots() method allowing easy access to all current slots for the page in a neatly structured nested array
    • fixed the Popup login form to use menuToggle like every other popup
    • fixed styling for cancel button (missing X)
    • updated the a-rss-feed button
    • created a class for a-controls to stack them vertically
    • started to update media _browser partial to match the blog sidebar
    • uploaded thumbnails are once again allowed (though not mandatory) for videos from services we don't support directly
    • updated the markup in Media _browser so that it is consistent with the sidebars in Blog and Events
    • made the Multiple Select values behave like the rest of our similar interfaces
    • engines can now easily support multiple variations individually selectable as "page types."
    • the page settings form was refactored removing quite a bit of javascript code

New symfony bloggers

They talked about us

Published in #A week of symfony