A week of symfony #72 (12->18 may 2008)

During this week, a new symfony 1.0.X maintenance version was released, fixing an important security breach. More than 20 plugins were updated, especially sfDoctrine, sfExtjsTheme and sfYUI.

Development mailing list

Development highlights

  • r8922, r8925: [1.0, 1.1] fixed yml validator file can be overriden by a remote attacker
  • r8923: [1.1] fixed sfYamlDumper and sfYamlParser tests to ensure it does not use syck if installed
  • r8926: [1.1] added patch to speed up performance of I18n in sfMessageFormat.class.php
  • r8946: [1.1] added a sfWidgetFormSchema::setDefaultFormFormatterName() method which allow to set a static default formatter name
  • Milestone 1.0.16 completed
  • r8970: [1.1] added cli option to skip building forms when using propel:build-all[-load] tasks to avoid cluttering lib/form
  • r8972: [1.1] applied Kris patch to new propel inheritance support, using table name if phpName is not set
  • r8974: [1.1] sfWidgetFormSelectRadio now merges attributes passed in correctly
  • r8975: [1.1] added sfForm ::hasGlobalErrors() and ::getGlobalErrors() to be able to customize the way global errors are outputted
  • r8976: [1.1] added a check to be sure sfValidatorFile::toString() always returns a string
  • r8978: [1.1] fixed sfWidgetFormSelect behavior for the value attribute which is now always present, even if the value is empty
  • r8979: [1.1] removed sfWidgetFormIdentity
  • r8980: [1.1] added a check to ensure that session.gc_maxlifetime is greater that user authentication timeout
  • r8983: [1.1] added a view.cache.filter_content event to decouple the sfViewCacheManager and the sfWebDebug class
  • r8988: [1.1] removed syck support
  • Updated dwhittle branch: added log option to sfFilesystem::sh to control verbosity, updated branch notes
  • ...and many other changes

Development digest: 132 changesets, 58 defects created, 52 defects closed, 10 enhancements created, 7 enhancements closed, 1 documentation defect created, 2 documentation defects closed and 4 documentation edits.

Book and documentation



  • New plugins
  • Updated plugins
    • sfExtjsThemePlugin: activated new list/grid implementation, implemented dynamic loading of (related)edit-panels from grid, changed implementation of even-handler to open grid-links, improved make-up of edit-panel, removed javascript config-variables, moved functionality to formpanel, added events/eventhandlers
    • sfDoctrineSimpleCMSPlugin: miscellaneous fixes
    • sfPropelTextOutputBehaviorPlugin: released 0.0.4 version (reflection logic replaced by call_user_func, hydrate logic for joined tables implemented)
    • sfLucenePlugin: tweaked config handler loading
    • sfDoctrinePlugin: tens of fixes related to Doctrine, fixed rebuild-db task to call symfony tasks, fix to ensure all paths are created, removed 1.0-sf1.1 branch and moved all sfDoctrinePlugin 1.1 development to the trunk, added new attribute to merge main fixtures and plugin fixtures together
    • sfBreadNavPlugin: released 1.1.1 version
    • sfDynamicCMSPlugin: fixed some bugs (regeneration of routing.yml and clear cache when moving node, '<?' markup replacement, routes_register really facultative, sfDynamicCMSNode::getAbsoluteUrl method ), released 0.2.4 version
    • sfGuardDoctrinePlugin: fixed admin generators, fixed credentials/permissions/groups for security
    • sfPropelImpersonatorPlugin: bug fix to call callables (behaviors) in doSelectRS
    • sfOpenSocialPlugin: released 1.0.1 version (fixed tabs issue)
    • sfN1IterationPlugin: released 0.1.4 version (minor changes, and fixed a little bug)
    • sfYUIPlugin: created "jtodd" branch to add new functionality (upgraded YUI to 2.5.1, ability to use Yahoo hosted library instead of local copy, addStylesheet replaced by addComponentStylesheet, addStylesheet added which adds stylesheet which aren't tied to a component, added YUICssHelper which provides functionality to add stylesheets not tied to components, added YUIDatatableHelper, added function to include skin stylesheets, updated README)
    • sfPropelParanoidBehaviorPlugin: added hooks for all Peer select methods, released 1.0.3 version
    • sfPluginManagerPlugin: fix for mistakes in dependencies, branching on 1.0 & 1.1 versions, fixed bug that made generated packages dependent on itself, released 1.0.1 version
    • sfSearchPlugin: refactored tokens
    • sfHighlightPlugin: added support for sfSearch, added new readers (xfHighlightReaderXML, xfHighlightReaderXHTML), introduced reader aggregates useful for creating convenience layers, added highlighting filter (filter taps into filter chain and looks for sf_highlight querystring, fully customizable and extensible), bundled XML catalog tarball
    • sfSimpleForumPlugin: updated to search I18N in sfSimpleForum.XX.xml files, added initial german translation
    • sfTextReplacementPlugin: fixed bug in js_replace_text, added multiple selectors, added log messages, fixed some smaller bugs, released 0.1.2 version
    • sfContactFormPlugin: added spanish translation
    • sfSyncClusterPlugin: released 0.0.3 version (added support for Logical Server Groups and CDNs)
    • sfFLVPlayerPlugin: released 0.1.2 version (bug with package installer, wrong dependency)

Some new symfony powered websites

  • LectureTools.org: (english) web-based Student Response System that includes in-class note taking, real-time student questions, draw-on lecture slides and metacognition tools
  • skyswan.com.au: (english) online travel agency targeted at the Australian market
  • Chic Outlet Shopping: information in 14 languages about Europe's nine Chic Outlet Shopping® Villages near Europe's favourite cities
  • Affordable Resume Services: (english) ARS specializes in helping career professionals achieve success starting with the critical first impression
  • ZenBudget: (english) a free & mobile alternative to the commercial finances management applications, such as Quicken & Microsoft Money

They talked about us

Help the Symfony project!

As with any Open-Source project, contributing code or documentation is the most common way to help, but we also have a wide range of sponsoring opportunities.


Comments are closed.

To ensure that comments stay relevant, they are closed for old posts.