Is there a built-in way to disallow a user to explicitly type in
"index.php" at the application root or re-route them to the application
url without "index.php" specified?
For example, for my given application www.example.com, both
www.example.com and www.example.com/index.php show the same page. I'd
like to either disallow www.example.com/index.php or have the requests
redirect to their non-"index.php" counterparts.
Thanks in advance,
Yi
Ralph Schindler-2 wrote:
>
> This appears that this would be a bug, can you file it at:
>
> framework.zend.com/issues/
>
> Do you have an account?
>
> -ralph
>
> Mamsaac wrote:
>>>From what I saw, it simply takes any ? and introduces another string but
>> quoted with for SQL (using ''), without any specification if the question
>> mark can or not be the first character.
>>
>> The provided code in the documentation shows:
>>
>> * <code>
>> * $text = "WHERE date < ?";
>> * $date = "2005-01-02";
>> * $safe = $sql->quoteInto($text, $date);
>> * // $safe = "WHERE date < '2005-01-02'"
>> * </code>
>>
>> If the text is not "WHERE date < ?", but rather a simple "? > date" which
>> will be inserted into the WHERE section after that, it wouldn't work.
>>
>> Anyway, since I have little experience using ZF, I can't assure of a bug
>> in
>> here, so I will just leave the thread =) If it's a bug, I will be glad to
>> have helped in such a little thing, else, I'm sorry hehehe.
>>
>>
>> Thasmo wrote:
>>> Maybe that's right, in this case I guess,
>>> it won't affect anything, as the '?'-sign won't
>>> ever be at position 1, as long as I understand the quote function.
>>>
>>> Anyone there to test it?
>>>
>>>
>>> Mamsaac schrieb:
>>>> I'm not really looking into trying the code, since I was just reading
>>>> some of
>>>> the Db code for entertaining (hey! it's better than some bad novels =)
>>>> ).
>>>>
>>>> I came up with this part in class Zend_Db_Adapter_Abstract:
>>>>
>>>> public function quoteInto($text, $value, $type = null, $count = null) {
>>>> if ($count === null) {
>>>> return str_replace('?', $this->quote($value, $type), $text);
>>>> } else {
>>>> while ($count > 0) {
>>>> if (strpos($text, '?') != false) {
>>>> $text = substr_replace($text, $this->quote($value),
>>>> strpos($text, '?'), 1);
>>>> }
>>>> --$count;
>>>> }
>>>> return $text;
>>>> }
>>>> }
>>>>
>>>> My issue, and I'm probably wrong, but this shouldn't take long, is that
>>>> I
>>>> believe that strpos($text, '?') != false should be strpos($text, '?')
>>>> !==
>>>> false
>>>>
>>>> If the "?" is the first character, it would just not replace it. (I
>>>> mean,
>>>> ?
>>>> being in position 0).
>>>>
>>>> If I'm wrong, I apologize for taking a quick reaction without
>>>> verifying...
>>>> but I don't have any applications of mine using the ZF (again, I was
>>>> just
>>>> reading :D) and I'm not supposed to waste too much time =)
>>>>
>>>> And if this is not the right place to ask about this, again, sorry =)
>>>>
>>>>
>>>
>>
>
>
--
View this message in context: http://www.nabble.com/Not-sure%2C-but-is-this-a-bug--tp25178000p25226253.html
Sent from the Zend DB mailing list archive at Nabble.com.
Do you have an account?
-ralph
Mamsaac wrote:
>>From what I saw, it simply takes any ? and introduces another string but
> quoted with for SQL (using ''), without any specification if the question
> mark can or not be the first character.
>
> The provided code in the documentation shows:
>
> * <code>
> * $text = "WHERE date < ?";
> * $date = "2005-01-02";
> * $safe = $sql->quoteInto($text, $date);
> * // $safe = "WHERE date < '2005-01-02'"
> * </code>
>
> If the text is not "WHERE date < ?", but rather a simple "? > date" which
> will be inserted into the WHERE section after that, it wouldn't work.
>
> Anyway, since I have little experience using ZF, I can't assure of a bug in
> here, so I will just leave the thread =) If it's a bug, I will be glad to
> have helped in such a little thing, else, I'm sorry hehehe.
>
>
> Thasmo wrote:
>> Maybe that's right, in this case I guess,
>> it won't affect anything, as the '?'-sign won't
>> ever be at position 1, as long as I understand the quote function.
>>
>> Anyone there to test it?
>>
>>
>> Mamsaac schrieb:
>>> I'm not really looking into trying the code, since I was just reading
>>> some of
>>> the Db code for entertaining (hey! it's better than some bad novels =) ).
>>>
>>> I came up with this part in class Zend_Db_Adapter_Abstract:
>>>
>>> public function quoteInto($text, $value, $type = null, $count = null) {
>>> if ($count === null) {
>>> return str_replace('?', $this->quote($value, $type), $text);
>>> } else {
>>> while ($count > 0) {
>>> if (strpos($text, '?') != false) {
>>> $text = substr_replace($text, $this->quote($value),
>>> strpos($text, '?'), 1);
>>> }
>>> --$count;
>>> }
>>> return $text;
>>> }
>>> }
>>>
>>> My issue, and I'm probably wrong, but this shouldn't take long, is that I
>>> believe that strpos($text, '?') != false should be strpos($text, '?') !==
>>> false
>>>
>>> If the "?" is the first character, it would just not replace it. (I mean,
>>> ?
>>> being in position 0).
>>>
>>> If I'm wrong, I apologize for taking a quick reaction without
>>> verifying...
>>> but I don't have any applications of mine using the ZF (again, I was just
>>> reading :D) and I'm not supposed to waste too much time =)
>>>
>>> And if this is not the right place to ask about this, again, sorry =)
>>>
>>>
>>
>
See: http://us3.php.net/manual/en/function.pcntl-fork.php
You will more than likely have to initiate a new db connection in each
child.
-ralph
ablsa_matthieu wrote:
> Version ZF 1.7.1 :
> Class : ZendX_Console_Process_Unix
>
> I create many process unix with the library ZendX_Console_Process_Unix. When
> the first one is running, I loose the database connection.
> Indeed, when I access the DB before running the first thread, there is no
> problem but after I launch the first one this problem occurs :
> SQLSTATE[HY000]: General error: 2006 MySQL server has gone away
>
> Perhaps when the child process is killed, the connection object is also
> destruct.
>
> Do you have any ideas where the problem come from ?
>
> Thank you for you consideration.
>
> Matthieu
I create many process unix with the library ZendX_Console_Process_Unix. When
the first one is running, I loose the database connection.
Indeed, when I access the DB before running the first thread, there is no
problem but after I launch the first one this problem occurs :
SQLSTATE[HY000]: General error: 2006 MySQL server has gone away
Perhaps when the child process is killed, the connection object is also
destruct.
Do you have any ideas where the problem come from ?
Thank you for you consideration.
Matthieu
--
View this message in context: http://www.nabble.com/ZendX_Console_Process_Unix%2C-lost-DB-connection-tp25225029p25225029.html
Sent from the Zend DB mailing list archive at Nabble.com.
Hi,
Sorry if this question has already been addressed (actually I've found this
:
http://www.nabble.com/OOP-Design-question-related-to-Zend_Db_Adapter-to21754
135.html, but nobody answered to william0275).
I would like to provide an abstraction layer so that read db queries would
be routed to one server (say A) and write queries to another server (say B),
so that it is completely transparent to developers (they would continue to
use $db->select(), $db->insert(), $db->update() and $db->query() as usual) .
Is there a classical solution for that ?
Jean-Michel
Doing that in the service layer at least prevents from having to choose
between a helper and a plugin! :-)
As you said, when it comes to needs... I find this helper a "simple"
alternative for applications/models not requiring sophisticated acls.
Actually, I hadn't really thought about where to create the acls. Doing it
in the init() method at the controller level makes it easy indeed to add
their own ones.
--
Matthew Weier O'Phinney-3 wrote:
>
> -- Seth Atkins <satkins@nortel.com> wrote
> (on Friday, 28 August 2009, 12:52 PM -0500):
>> Two main comments from my part. The first is a fairly open ended
>> question I can't answer for you. While an action helper may fit your
>> needs very well, IMHO, a successful integration is one which serves many
>> common approaches and is the least limited implementation. For example,
>> some of the comments so far have related to treating actions as
>> resources. Many people see actions as privileges on resources, and one
>> common view of what a resource is is a controller resource. If this is
>> such a person's view on the subject, an action helper seems fairly
>> limited since you are dispatching to a controller before you actually
>> check resource access. I'd rather back things up a few steps and check
>> before any particular resource is called. But that is my opinion, and I
>> do know I'm not alone there. I believe, and correct me if I am wrong
>> here, but the action helper preDispatch() method is called after the
>> controller init(), which is also after any controller preDispatch()
>> method, which is also after any plugin preDispatch methods.
>
> Close, but not quite. Order is:
>
> front controller plugin preDispatch
> action helper init()
> controller init()
> action helper preDispatch()
> controller preDispatch()
>
> The only place you can circumvent is at the plugin preDispatch(); if you
> call _forward() later, it will continue to execute through the
> controller preDispatch(); the only thing skipped will be the actual
> controller action (and postDispatch, of course).
>
>> Seems to me a lot has happened before you ever checked to see if any
>> of that should have happened in the first place.
>>
>> I am less familiar with all the things you can do with an action helper
>> and how one might wrest it to do your will. My understanding of the ZF
>> plugin architecture is more detailed since I have spent some time
>> tracing through the code, how plugins are called, when, etc. Anyway, I
>> know that plugins can do exactly what I want, but I'm less sure that an
>> action helper would fit my needs.
>
> What action helpers provide you is integration with the action
> controller. Basically, you can place metadata or methods in your action
> controllers that the action helpers can then query (or manipulate) to do
> things.
>
> Some examples of such integration:
>
> * ViewRenderer: sets the view object, as well as renders the view
> script postDispatch() based on the action executed
>
> * ContextSwitch/AjaxContext: if certain properties are set in the
> action controller, will query those to determine if a context was
> invoked, and, if so, change the view script rendered (as well as
> potentially inject response headers)
>
> Basically, what action helpers do is make it easier to place the context
> for a decision close to the decision point.
>
> However, as you note, there may be a performance cost associated with
> this.
>
>> The second comment is that plugins are called before ANY dispatching (of
>> any sort) occurs. Not even a controller init() method has been called
>> yet. I can create one plugin, set it up in Zend_Application, and all my
>> ACL code is in one place, once line of code to setup the plugin, and I'm
>> done. The plugin is post routing, so it has the filtered request object
>> to work from. You can load your rules and then feed isAllowed your
>> controller or action name, or whatever criteria you want. If you want
>> actions to be resources, fine. If you want controllers to be resources
>> and actions privileges, fine.
>>
>> And best of all, a plugin can alter the request object before
>> dispatching occurs. So I can actually redirect without "redirecting", if
>> you know what I mean, in response to access being denied.
>>
>> To sum up, I don't think an action helper would be an implementation
>> that I would personally want to use.
>
> You have valid points. The points in the proposal are also valid. They
> are very different approaches, however, and there are different
> ramifications involved with both. In your situation, you get good
> execution speed -- but at the cost of having to update ACLs and
> controllers separately. In the approach proposed, your ACLs are part of
> your application structure, making maintenance easy -- but you lose some
> performance.
>
> As I noted earlier, I personally like to put my ACLs with my service
> layer. This means that I'm actually executing my action before I find
> out if the user has the ability to do something -- probably your worst
> nightmare.
>
> However, what this affords me is the ability to re-use my service layer
> for web services -- I can create a service proxy object that I attach to
> Zend_XmlRpc_Server, Zend_Json_Server, Zend_Amf_Server, etc -- and my
> ACLs continue to work as expected. I don't have to do anything different
> whatsoever.
>
>> I have many modules, many controllers, many actions, and while, yes, I
>> could write one action helper and call it from anywhere, I'd really
>> rather not have to write 50 lines of code to just to call it from each
>> controller I happen to have. And I'd rather not instantiate a
>> controller that a person doesn't have access to in the first place.
>> Just my 2 cents.
>
> Again, as noted above: there are different approaches. Use the one that
> suits your application and/or programming needs.
>
>
>> -----Original Message-----
>> From: jThierry [mailto:thierry@jossermoz.net]
>> Sent: Thursday, August 27, 2009 9:44 PM
>> To: fw-mvc@lists.zend.com
>> Subject: [fw-mvc] MVC integration of Zend_Acl
>>
>>
>> Hi all,
>>
>> I've been working on a component to realise the MVC integration of
>> Zend_Acl which is different from the proposal
>> (http://framework.zend.com/wiki/pages/viewpage.action?pageId=39025) that
>> seems to be on hold.
>>
>> I'm using an action helper the perform the checks at pre dispatch time
>> on controllers implementing Zend_Acl_Resource_Interface instead of a
>> plugin and am wondering if there's any underlying reason that would
>> encourage the use of a plugin.
>>
>> I would really much appreciate your feedback on the action helper
>> approach.
>>
>> The code can be found there: http://code.google.com/p/oolala/
>>
>> Thanks,
>>
>> Thierry
>> --
>> View this message in context:
>> http://www.nabble.com/MVC-integration-of-Zend_Acl-tp25183254p25183254.ht
>> ml
>> Sent from the Zend MVC mailing list archive at Nabble.com.
>>
>>
>
> --
> Matthew Weier O'Phinney
> Project Lead | matthew@zend.com
> Zend Framework | http://framework.zend.com/
>
>
View this message in context: http://www.nabble.com/MVC-integration-of-Zend_Acl-tp25183254p25212360.html
Sent from the Zend MVC mailing list archive at Nabble.com.
As you said, when it comes to needs... I find this helper a "simple"
alternative for applications/models not requiring sophisticated acls.
Actually, I hadn't really thought about where to create the acls. Doing it
in the init() method at the controller level makes it easy indeed to add
their own ones.
Matthew Weier O'Phinney-3 wrote:
>
> -- Seth Atkins <satkins@nortel.com> wrote
> (on Friday, 28 August 2009, 12:52 PM -0500):
>> Two main comments from my part. The first is a fairly open ended
>> question I can't answer for you. While an action helper may fit your
>> needs very well, IMHO, a successful integration is one which serves many
>> common approaches and is the least limited implementation. For example,
>> some of the comments so far have related to treating actions as
>> resources. Many people see actions as privileges on resources, and one
>> common view of what a resource is is a controller resource. If this is
>> such a person's view on the subject, an action helper seems fairly
>> limited since you are dispatching to a controller before you actually
>> check resource access. I'd rather back things up a few steps and check
>> before any particular resource is called. But that is my opinion, and I
>> do know I'm not alone there. I believe, and correct me if I am wrong
>> here, but the action helper preDispatch() method is called after the
>> controller init(), which is also after any controller preDispatch()
>> method, which is also after any plugin preDispatch methods.
>
> Close, but not quite. Order is:
>
> front controller plugin preDispatch
> action helper init()
> controller init()
> action helper preDispatch()
> controller preDispatch()
>
> The only place you can circumvent is at the plugin preDispatch(); if you
> call _forward() later, it will continue to execute through the
> controller preDispatch(); the only thing skipped will be the actual
> controller action (and postDispatch, of course).
>
>> Seems to me a lot has happened before you ever checked to see if any
>> of that should have happened in the first place.
>>
>> I am less familiar with all the things you can do with an action helper
>> and how one might wrest it to do your will. My understanding of the ZF
>> plugin architecture is more detailed since I have spent some time
>> tracing through the code, how plugins are called, when, etc. Anyway, I
>> know that plugins can do exactly what I want, but I'm less sure that an
>> action helper would fit my needs.
>
> What action helpers provide you is integration with the action
> controller. Basically, you can place metadata or methods in your action
> controllers that the action helpers can then query (or manipulate) to do
> things.
>
> Some examples of such integration:
>
> * ViewRenderer: sets the view object, as well as renders the view
> script postDispatch() based on the action executed
>
> * ContextSwitch/AjaxContext: if certain properties are set in the
> action controller, will query those to determine if a context was
> invoked, and, if so, change the view script rendered (as well as
> potentially inject response headers)
>
> Basically, what action helpers do is make it easier to place the context
> for a decision close to the decision point.
>
> However, as you note, there may be a performance cost associated with
> this.
>
>> The second comment is that plugins are called before ANY dispatching (of
>> any sort) occurs. Not even a controller init() method has been called
>> yet. I can create one plugin, set it up in Zend_Application, and all my
>> ACL code is in one place, once line of code to setup the plugin, and I'm
>> done. The plugin is post routing, so it has the filtered request object
>> to work from. You can load your rules and then feed isAllowed your
>> controller or action name, or whatever criteria you want. If you want
>> actions to be resources, fine. If you want controllers to be resources
>> and actions privileges, fine.
>>
>> And best of all, a plugin can alter the request object before
>> dispatching occurs. So I can actually redirect without "redirecting", if
>> you know what I mean, in response to access being denied.
>>
>> To sum up, I don't think an action helper would be an implementation
>> that I would personally want to use.
>
> You have valid points. The points in the proposal are also valid. They
> are very different approaches, however, and there are different
> ramifications involved with both. In your situation, you get good
> execution speed -- but at the cost of having to update ACLs and
> controllers separately. In the approach proposed, your ACLs are part of
> your application structure, making maintenance easy -- but you lose some
> performance.
>
> As I noted earlier, I personally like to put my ACLs with my service
> layer. This means that I'm actually executing my action before I find
> out if the user has the ability to do something -- probably your worst
> nightmare.
>
> However, what this affords me is the ability to re-use my service layer
> for web services -- I can create a service proxy object that I attach to
> Zend_XmlRpc_Server, Zend_Json_Server, Zend_Amf_Server, etc -- and my
> ACLs continue to work as expected. I don't have to do anything different
> whatsoever.
>
>> I have many modules, many controllers, many actions, and while, yes, I
>> could write one action helper and call it from anywhere, I'd really
>> rather not have to write 50 lines of code to just to call it from each
>> controller I happen to have. And I'd rather not instantiate a
>> controller that a person doesn't have access to in the first place.
>> Just my 2 cents.
>
> Again, as noted above: there are different approaches. Use the one that
> suits your application and/or programming needs.
>
>
>> -----Original Message-----
>> From: jThierry [mailto:thierry@jossermoz.net]
>> Sent: Thursday, August 27, 2009 9:44 PM
>> To: fw-mvc@lists.zend.com
>> Subject: [fw-mvc] MVC integration of Zend_Acl
>>
>>
>> Hi all,
>>
>> I've been working on a component to realise the MVC integration of
>> Zend_Acl which is different from the proposal
>> (http://framework.zend.com/wiki/pages/viewpage.action?pageId=39025) that
>> seems to be on hold.
>>
>> I'm using an action helper the perform the checks at pre dispatch time
>> on controllers implementing Zend_Acl_Resource_Interface instead of a
>> plugin and am wondering if there's any underlying reason that would
>> encourage the use of a plugin.
>>
>> I would really much appreciate your feedback on the action helper
>> approach.
>>
>> The code can be found there: http://code.google.com/p/oolala/
>>
>> Thanks,
>>
>> Thierry
>> --
>> View this message in context:
>> http://www.nabble.com/MVC-integration-of-Zend_Acl-tp25183254p25183254.ht
>> ml
>> Sent from the Zend MVC mailing list archive at Nabble.com.
>>
>>
>
> --
> Matthew Weier O'Phinney
> Project Lead | matthew@zend.com
> Zend Framework | http://framework.zend.com/
>
>
--
View this message in context: http://www.nabble.com/MVC-integration-of-Zend_Acl-tp25183254p25212360.html
Sent from the Zend MVC mailing list archive at Nabble.com.
What I found strange with the Plugin approach is that it seems the ACLs are
in charge of defining what is a resource. Let me explain. On each request, a
resource/privilege string is created from the request's properties (module,
controller, action). No matter what the controller where it is going to be
dispatched to is intended to be. Those string are then checked against the
ACLs via isAllowed(). The last throws an exception if the resource is
unknown or returns true or false if it is. In the second case, it's all
fine. But for unknown resources, the plugin has no way to tell whether the
string provided is supposed to be a resource or not. Then comes the choice
to deny them all, or to allow them all. If they're all denied, a resource
must then be created for every single controller in the application (e.g.
default/index), which is hard to maintain. If they're all allowed, if an
important resource is omitted (e.g. blog/article) there's a security issue
quite tricky to spot, but as the ACLs didn't define it as a resource, it
isn't one. The acls are then in charge of defining what a resource is.
With the helper approach, what I liked is that the resources define
themselves as such, providing an easy way to check what the controller is
intended to be. A single condition (is the controller not an instance of
Zend_Acl_Resource_Interface) allows to avoid checking anything, when an
exception would have been thrown in the plugin (or hasResource called) with
the problems I told above. Whenever the controller defines itself as a
resource by implementing the interface, the helper knows that if it is
unknown in the acls, odds are access should be denied. Furthermore, the acls
stay light weight without useless resources.
About adding code into the controllers, there isn't much more to do than
with the plugin approach. The helper knows what action has been called and
the preDispatch() method will check that automatically (as the helper has
been registered in the helper broker). The only code to add is the one
implementing Zend_Acl_Resource_Interface::getResourceId(). I added a
superclass for such controllers that already implement it using the helper
to normalise resource identifiers from the controller's class name.
Plugins' methods (routeStartup, routeShutdown, dispatchLoopStartup,
preDispatch) and Controller's init are a very good point and, I guess, why
I posted my question in the first place.
Seth Atkins wrote:
>
> Two main comments from my part. The first is a fairly open ended
> question I can't answer for you. While an action helper may fit your
> needs very well, IMHO, a successful integration is one which serves many
> common approaches and is the least limited implementation. For example,
> some of the comments so far have related to treating actions as
> resources. Many people see actions as privileges on resources, and one
> common view of what a resource is is a controller resource. If this is
> such a person's view on the subject, an action helper seems fairly
> limited since you are dispatching to a controller before you actually
> check resource access. I'd rather back things up a few steps and check
> before any particular resource is called. But that is my opinion, and I
> do know I'm not alone there. I believe, and correct me if I am wrong
> here, but the action helper preDispatch() method is called after the
> controller init(), which is also after any controller preDispatch()
> method, which is also after any plugin preDispatch methods. Seems to me
> a lot has happened before you ever checked to see if any of that should
> have happened in the first place.
>
> I am less familiar with all the things you can do with an action helper
> and how one might wrest it to do your will. My understanding of the ZF
> plugin architecture is more detailed since I have spent some time
> tracing through the code, how plugins are called, when, etc. Anyway, I
> know that plugins can do exactly what I want, but I'm less sure that an
> action helper would fit my needs.
>
> The second comment is that plugins are called before ANY dispatching (of
> any sort) occurs. Not even a controller init() method has been called
> yet. I can create one plugin, set it up in Zend_Application, and all my
> ACL code is in one place, once line of code to setup the plugin, and I'm
> done. The plugin is post routing, so it has the filtered request object
> to work from. You can load your rules and then feed isAllowed your
> controller or action name, or whatever criteria you want. If you want
> actions to be resources, fine. If you want controllers to be resources
> and actions privileges, fine.
>
> And best of all, a plugin can alter the request object before
> dispatching occurs. So I can actually redirect without "redirecting", if
> you know what I mean, in response to access being denied.
>
> To sum up, I don't think an action helper would be an implementation
> that I would personally want to use. I have many modules, many
> controllers, many actions, and while, yes, I could write one action
> helper and call it from anywhere, I'd really rather not have to write 50
> lines of code to just to call it from each controller I happen to have.
> And I'd rather not instantiate a controller that a person doesn't have
> access to in the first place. Just my 2 cents.
>
>
> --Seth
>
> -----Original Message-----
> From: jThierry [mailto:thierry@jossermoz.net]
> Sent: Thursday, August 27, 2009 9:44 PM
> To: fw-mvc@lists.zend.com
> Subject: [fw-mvc] MVC integration of Zend_Acl
>
>
> Hi all,
>
> I've been working on a component to realise the MVC integration of
> Zend_Acl which is different from the proposal
> (http://framework.zend.com/wiki/pages/viewpage.action?pageId=39025) that
> seems to be on hold.
>
> I'm using an action helper the perform the checks at pre dispatch time
> on controllers implementing Zend_Acl_Resource_Interface instead of a
> plugin and am wondering if there's any underlying reason that would
> encourage the use of a plugin.
>
> I would really much appreciate your feedback on the action helper
> approach.
>
> The code can be found there: http://code.google.com/p/oolala/
>
> Thanks,
>
> Thierry
> --
> View this message in context:
> http://www.nabble.com/MVC-integration-of-Zend_Acl-tp25183254p25183254.ht
> ml
> Sent from the Zend MVC mailing list archive at Nabble.com.
>
>
>
>
--
View this message in context: http://www.nabble.com/MVC-integration-of-Zend_Acl-tp25183254p25210847.html
Sent from the Zend MVC mailing list archive at Nabble.com.
Additionally it would be interesting for anyone who tries to help you to
know which release you are using.
Greetings
Thomas Weidner, I18N Team Leader, Zend Framework
http://www.thomasweidner.com
----- Original Message -----
From: "Erdal YAZICIOGLU" <erdal.yazicioglu@gmail.com>
To: <fw-mvc@lists.zend.com>
Sent: Saturday, August 29, 2009 3:09 PM
Subject: [fw-mvc] Zend File Transfer interesting issue
Hello all
I am creating a from where users can upload their images. All images are to
be uploaded in uploads directory under public. After creation of the form,
in the controller I get the file name with $file = $form->getValues('file').
Up to here everything seems ok.
When I select the picture that I want to upload, as soon as I click the
upload button, it uploads the image but also returns a error message.
Here is my picture form
<?php
class Form_Picture extends Zend_Form
{
public function init()
{
$this->setAction('/alumni/change-picture')
->setMethod('post')
->setAttrib('id', 'commentform');
$this->clearDecorators();
$decorators = array(
array('ViewHelper'),
array('Errors'),
array('HtmlTag', array('tag' => 'p')),
array('Label')
,);
$this->addElement('file', 'file',array('label' => 'Lütfen Resim Seçiniz'));
$password = $this->getElement('file')
->addValidator('Extension', false, 'jpg,jpeg,gif,png')
->setAttrib('tabindex','2');
$this->addElement('submit', 'Yükle');
$submit = $this->getElement('Yükle')
->setAttrib('class','button')
->setDecorators(array(array('ViewHelper')));
$this->setDecorators(array('FormElements',array('HtmlTag', array('tag'
=> 'ul')),
array(array('DivTag' => 'HtmlTag'),
),
'Form'
));
And here is my controller
public function changePictureAction()
{
$form = new Form_Picture();
$this->view->form = $form;
if($this->getRequest()->isPost())
{
$formData = $this->getRequest()->getPost();
if($form->isValid($formData))
{
$upload = new Zend_File_Transfer_Adapter_Http();
$upload->setDestination('uploads');
$upload->receive();
$this->view->fileName = $form->getValue('file');
}
}
}
The interesting this is when I change the position of the
$this->view->fileName and put it before $upload->receive(), it gives me the
file name but it does not upload.
I can get the filename with getFileName() method but then it returns the
name with directory name, like uploads/image.jpg. It needs more code :))
If anybody know a solution please let me know..
Thanks
And the error message is : The file 'file' was illegal uploaded, possible
attack
--
Erdal YAZICIOGLU
System & Network Engineer
Page Europa S.R.L - General Dynamics
www.pageuropa.it
Office - Rome : +39 0650395292
Mobile -Rome : +39 3490787196
Mobile -Istanbul: +90 536 3447989
I would like to know where is the recommended place for common queries
and their results' injection into layouts, e.g.: fetching tags from
the database and inserting them into the footer in all actions within
the module. Should I use a plugin or an action helper? Or should I
just query the model right inside the layout?
Thanks,
Ádám
A couple of questions related to the difference between forwarding and redirecting requests. I understand that the main difference is that forward is within the same request process, and redirect issues an http redirect which is a new and different request process. I've typically used redirects in the past when I needed to point a browser to another page, but I have a couple of situations where redirecting won't work, and I'm not sure if forwarding will work better or create different problems for me to solve.
That said, some specific questions about what to expect with a forward.
1) Will the same POST variables be available?
2) If forwarding from a POST (method isPost() returns true) to some new controller/action that as another if ($request->isPost()) in the code, will isPost() still return true (this is after the forward. In other words does forwarding alter the result that isPost() returns?3) Does the client URL reflect the forward? My guess is no. (I can't test this at the moment as I am not in my development environment)
4) Does "refreshing" the client browser allow re-POSTing of the same data? One of the nice things about redirects is that it solves the irritating behavior of allowing a browser to refresh and the popup the message asking if they want to resend the same data. I'm not sure if forwarding also solves this irritating browser behavior or not.
Thanks!
Seth
It has been a while since my last post, (I think that was around 1.5.0ish).
Anyhow, I had stepped away from web projects for a while, and now I am back
to the great new 1.9.x, and am a little lost with the whole
Zend_Application, but I am working hard to catch up. Anyhow Zend_Auth and
Zend_Acl have always been my nemesis, but I think I have them figured out
now to a degree. I am starting a new personal project that will be pretty
similar to a CMS with blogging, forums, and several other features to begin
with. So what got me thinking, (and while reading up on CMS frameworks that
exist, that I could be using but I would rather write my own, it is more fun
that way), is to build the base application without defining any content
types at all, then create the content-types on the fly with the base
framework in place. I probably lost everyone with that pathetic
description, but I have a visual concept in my own mind of what I mean.
Anyhow, getting down to the whole Acl thing what I want to accomplish is
something like this:
- Start with a base user object.
- Each base user has a profile (which *actually* I think the required fields
should be part of the user record, and the profile should be somewhat
generic to be extensible to a UserProfile, WebsiteProfile, AuthorProfile,
etc, not necesarily related to a site user, but more general), for now this
will be a one to one relationship.
- Each user will belong to one or more groups, and each group will contain
one or more users, this will be a many to many relationship.
- Next we have a base resource, be it a module, controller, action, model,
or individual record (article, profile, etc)
- A user can have a role for one or more resources.
- A group can have a role for one or more resources.
-Roles could be either most restrictive (group_roles *OR* user_roles) or
least restrictive (group_roles *AND* user_roles)
Queries would look like (forgive the syntax, its just conceptual right now):
$uid = 11
$gid = 12
$rid = 14 (resource: article)
// Roles may include, Author, Editor, Publisher, etc.
// A user/group may include one or more roles (ie Author and Editor, but not
Publisher)
$rolesByUser = select * from UserRoles where (`uid` = $uid and `rid` =
$rid);
$rolesByGroup = select * from GroupRoles where (`gid` = $gid and `rid` =
$rid);
$roles = array_combine($rolesByUser, $rolesByGroup);
Where $roles would be an array of Zend_Acl_Role objects.
I have attached a `sample`drawing of the database layout, however maybe
think of this layout as more of a model layout, where the `tables` could
actually be xml files / config files, or some other method of storage, the
data does not necessarily have to come from a database, again, this is just
my vision of the whole thing (and likely it will be primarily relational
database tables none the less).
Anyhow, what I am trying to do is come up with a fairly generic, extensible,
flexible, robust, (insert other great buzzwords here), Acl structure. Any
feedback, suggestions on the best way to code this, modifications, or
general criticisms about my logic (including your logic and why its better
than mine) would be most appreciated.
Thanks
Aaron
http://www.nabble.com/file/p25197810/acl_layout.png
--
View this message in context: http://www.nabble.com/Complex-ACL--cross-post--tp25197810p25197810.html
Sent from the Zend Auth mailing list archive at Nabble.com.
A couple of questions related to the difference between forwarding and redirecting requests. I understand that the main difference is that forward is within the same request process, and redirect issues an http redirect which is a new and different request process. I've typically used redirects in the past when I needed to point a browser to another page, but I have a couple of situations where redirecting won't work, and I'm not sure if forwarding will work better or create different problems for me to solve.
That said, some specific questions about what to expect with a forward.
1) Will the same POST variables be available?
2) If forwarding from a POST (method isPost() returns true) to some new controller/action that as another if ($request->isPost()) in the code, will isPost() still return true (this is after the forward. In other words does forwarding alter the result that isPost() returns?
3) Does the client URL reflect the forward? My guess is no. (I can't test this at the moment as I am not in my development environment)
4) Does "refreshing" the client browser allow re-POSTing of the same data? One of the nice things about redirects is that it solves the irritating behavior of allowing a browser to refresh and the popup the message asking if they want to resend the same data. I'm not sure if forwarding also solves this irritating browser behavior or not.
Thanks!
Seth
Close, but not quite. Order is:
front controller plugin preDispatch
action helper init()
controller init()
action helper preDispatch()
controller preDispatch()
The only place you can circumvent is at the plugin preDispatch(); if you
call _forward() later, it will continue to execute through the
controller preDispatch(); the only thing skipped will be the actual
controller action (and postDispatch, of course).
> Seems to me a lot has happened before you ever checked to see if any
> of that should have happened in the first place.
>
> I am less familiar with all the things you can do with an action helper
> and how one might wrest it to do your will. My understanding of the ZF
> plugin architecture is more detailed since I have spent some time
> tracing through the code, how plugins are called, when, etc. Anyway, I
> know that plugins can do exactly what I want, but I'm less sure that an
> action helper would fit my needs.
What action helpers provide you is integration with the action
controller. Basically, you can place metadata or methods in your action
controllers that the action helpers can then query (or manipulate) to do
things.
Some examples of such integration:
* ViewRenderer: sets the view object, as well as renders the view
script postDispatch() based on the action executed
* ContextSwitch/AjaxContext: if certain properties are set in the
action controller, will query those to determine if a context was
invoked, and, if so, change the view script rendered (as well as
potentially inject response headers)
Basically, what action helpers do is make it easier to place the context
for a decision close to the decision point.
However, as you note, there may be a performance cost associated with
this.
> The second comment is that plugins are called before ANY dispatching (of
> any sort) occurs. Not even a controller init() method has been called
> yet. I can create one plugin, set it up in Zend_Application, and all my
> ACL code is in one place, once line of code to setup the plugin, and I'm
> done. The plugin is post routing, so it has the filtered request object
> to work from. You can load your rules and then feed isAllowed your
> controller or action name, or whatever criteria you want. If you want
> actions to be resources, fine. If you want controllers to be resources
> and actions privileges, fine.
>
> And best of all, a plugin can alter the request object before
> dispatching occurs. So I can actually redirect without "redirecting", if
> you know what I mean, in response to access being denied.
>
> To sum up, I don't think an action helper would be an implementation
> that I would personally want to use.
You have valid points. The points in the proposal are also valid. They
are very different approaches, however, and there are different
ramifications involved with both. In your situation, you get good
execution speed -- but at the cost of having to update ACLs and
controllers separately. In the approach proposed, your ACLs are part of
your application structure, making maintenance easy -- but you lose some
performance.
As I noted earlier, I personally like to put my ACLs with my service
layer. This means that I'm actually executing my action before I find
out if the user has the ability to do something -- probably your worst
nightmare.
However, what this affords me is the ability to re-use my service layer
for web services -- I can create a service proxy object that I attach to
Zend_XmlRpc_Server, Zend_Json_Server, Zend_Amf_Server, etc -- and my
ACLs continue to work as expected. I don't have to do anything different
whatsoever.
> I have many modules, many controllers, many actions, and while, yes, I
> could write one action helper and call it from anywhere, I'd really
> rather not have to write 50 lines of code to just to call it from each
> controller I happen to have. And I'd rather not instantiate a
> controller that a person doesn't have access to in the first place.
> Just my 2 cents.
Again, as noted above: there are different approaches. Use the one that
suits your application and/or programming needs.
> -----Original Message-----
> From: jThierry [mailto:thierry@jossermoz.net]
> Sent: Thursday, August 27, 2009 9:44 PM
> To: fw-mvc@lists.zend.com
> Subject: [fw-mvc] MVC integration of Zend_Acl
>
>
> Hi all,
>
> I've been working on a component to realise the MVC integration of
> Zend_Acl which is different from the proposal
> (http://framework.zend.com/wiki/pages/viewpage.action?pageId=39025) that
> seems to be on hold.
>
> I'm using an action helper the perform the checks at pre dispatch time
> on controllers implementing Zend_Acl_Resource_Interface instead of a
> plugin and am wondering if there's any underlying reason that would
> encourage the use of a plugin.
>
> I would really much appreciate your feedback on the action helper
> approach.
>
> The code can be found there: http://code.google.com/p/oolala/
>
> Thanks,
>
> Thierry
> --
> View this message in context:
> http://www.nabble.com/MVC-integration-of-Zend_Acl-tp25183254p25183254.ht
> ml
> Sent from the Zend MVC mailing list archive at Nabble.com.
>
>
--
Matthew Weier O'Phinney
Project Lead | matthew@zend.com
Zend Framework | http://framework.zend.com/
I am less familiar with all the things you can do with an action helper
and how one might wrest it to do your will. My understanding of the ZF
plugin architecture is more detailed since I have spent some time
tracing through the code, how plugins are called, when, etc. Anyway, I
know that plugins can do exactly what I want, but I'm less sure that an
action helper would fit my needs.
The second comment is that plugins are called before ANY dispatching (of
any sort) occurs. Not even a controller init() method has been called
yet. I can create one plugin, set it up in Zend_Application, and all my
ACL code is in one place, once line of code to setup the plugin, and I'm
done. The plugin is post routing, so it has the filtered request object
to work from. You can load your rules and then feed isAllowed your
controller or action name, or whatever criteria you want. If you want
actions to be resources, fine. If you want controllers to be resources
and actions privileges, fine.
And best of all, a plugin can alter the request object before
dispatching occurs. So I can actually redirect without "redirecting", if
you know what I mean, in response to access being denied.
To sum up, I don't think an action helper would be an implementation
that I would personally want to use. I have many modules, many
controllers, many actions, and while, yes, I could write one action
helper and call it from anywhere, I'd really rather not have to write 50
lines of code to just to call it from each controller I happen to have.
And I'd rather not instantiate a controller that a person doesn't have
access to in the first place. Just my 2 cents.
--Seth
-----Original Message-----
From: jThierry [mailto:thierry@jossermoz.net]
Sent: Thursday, August 27, 2009 9:44 PM
To: fw-mvc@lists.zend.com
Subject: [fw-mvc] MVC integration of Zend_Acl
Hi all,
I've been working on a component to realise the MVC integration of
Zend_Acl which is different from the proposal
(http://framework.zend.com/wiki/pages/viewpage.action?pageId=39025) that
seems to be on hold.
I'm using an action helper the perform the checks at pre dispatch time
on controllers implementing Zend_Acl_Resource_Interface instead of a
plugin and am wondering if there's any underlying reason that would
encourage the use of a plugin.
I would really much appreciate your feedback on the action helper
approach.
The code can be found there: http://code.google.com/p/oolala/
Thanks,
Thierry
--
View this message in context:
http://www.nabble.com/MVC-integration-of-Zend_Acl-tp25183254p25183254.ht
ml
Sent from the Zend MVC mailing list archive at Nabble.com.
What I notice is the following: the constructor of Zend_Db_Statement calls
for "$this->_prepare($sql)", which is never declared in that class.
Zend_Db_Statement doesn't inherit from anyone and only implements the
interface Zend_Db_Statement_Interface, which does no mention of a _prepare
method. So, the call in the constructor is always there, meaning that the
method MUST be implemented, but there's no enforcing of it. I can see that
extending classes (the one that I checked the most was
Zend_Db_Statement_Pdo) do implement the method.
So, I wonder why _prepare is not declared in Zend_Db_Statement as "abstract
protected function _prepare($sql);".
Reading all the code from the framework has been a very productive activity
so far =) I'm really thankful for the developers (I've no idea where they
are hehehe), not only for the good quality code, but also for the great
documentation.
Now, off to finish Zend_Db and moving to Zend_View, Zend_Controller and
Zend_Validate.
And this is just a guy that wants to learn more about programming in PHP.
I'm not trying to point out mistakes or to feel smart, but to learn about
decisions made by professional developers. Sometimes people that questions
things or makes critics do it for the wrong reasons, I just don't want to
look like someone like that.
Thanks in advance for responses.
--
View this message in context: http://www.nabble.com/A-question-on-coding-design-used-for-DB-Statements.-tp25193487p25193487.html
Sent from the Zend DB mailing list archive at Nabble.com.
-- jThierry <thierry@jossermoz.net> wrote
(on Thursday, 27 August 2009, 07:43 PM -0700):
> I've been working on a component to realise the MVC integration of Zend_Acl
> which is different from the proposal
> (http://framework.zend.com/wiki/pages/viewpage.action?pageId=39025) that
> seems to be on hold.
>
> I'm using an action helper the perform the checks at pre dispatch time on
> controllers implementing Zend_Acl_Resource_Interface instead of a plugin and
> am wondering if there's any underlying reason that would encourage the use
> of a plugin.
>
> I would really much appreciate your feedback on the action helper approach.
>
> The code can be found there: http://code.google.com/p/oolala/
While I tend to implement my ACLs in my service layer, I've also
implemented them at the controller layer before as well. Your approach
seems to me to be a natural fit with this latter approach, as it allows
you to explicitly define your controllers as resources, and perform the
checks at the point closest to the actual action.
--
Matthew Weier O'Phinney
Project Lead | matthew@zend.com
Zend Framework | http://framework.zend.com/
While I tend to implement my ACLs in my service layer, I've also
implemented them at the controller layer before as well. Your approach
seems to me to be a natural fit with this latter approach, as it allows
you to explicitly define your controllers as resources, and perform the
checks at the point closest to the actual action.
--
Matthew Weier O'Phinney
Project Lead | matthew@zend.com
Zend Framework | http://framework.zend.com/
Hi Neo,If you use resources, you don't need to initialize your db that way. See following url:You add in your app.ini following lines:resources.db.adapter = "PDO_MYSQL"resources.db.params.host = "localhost"resources.db.params.username = "root"resources.db.params.password = ""resources.db.params.dbname = "mydb"You don't have to put anything in your bootstrap.If you want to use the init as specified, you need to make your your boatstrap knows it needs to be loaded.Add something like this to your app.ini :resources.db[] =Specifying this, will make the _initDb to be loaded. However, I would advice using the method explained above if you don't need to do anything special with the db.WkrJeroenOn 28 Aug 2009, at 09:48, neobeacon wrote:
Can anyone help me to set the database adapter form Bootstrap class.
This is my Bootstrap class.
http://www.nabble.com/file/p25185540/Bootstrap.php Bootstrap.php
I used
http://blog.keppens.biz/2009/06/create-modular-application-with-zend.html
keppens's create modular application Tutorial.
I add this code to boot
protected function _initDb(){
$params=array('host'=>'localhost',
'username'=>'root',
'password'=>'',
'dbname'=>'mydb');
$db=Zend_Db::factory('PDO_MYSQL',$params);
Zend_Db_Table::setDefaultAdapter($db);
}
Is this wrong ? What do I want to do?
--
View this message in context: http://www.nabble.com/Setting-Database-Adapter-form-Bootsrap-class-tp25185540p25185540.html
Sent from the Zend MVC mailing list archive at Nabble.com.
resources.db.adapter = "PDO_MYSQL"
resources.db.params.host = "localhost"
resources.db.params.username = "root"
resources.db.params.password = ""
resources.db.params.dbname = "mydb"
Can anyone help me to set the database adapter form Bootstrap class.
This is my Bootstrap class.
http://www.nabble.com/file/p25185540/Bootstrap.php Bootstrap.php
I used
http://blog.keppens.biz/2009/06/create-modular-application-with-zend.html
keppens's create modular application Tutorial.
I add this code to boot
protected function _initDb(){
$params=array('host'=>'localhost',
'username'=>'root',
'password'=>'',
'dbname'=>'mydb');
$db=Zend_Db::factory('PDO_MYSQL',$params);
Zend_Db_Table::setDefaultAdapter($db);
}
Is this wrong ? What do I want to do?
--
View this message in context: http://www.nabble.com/Setting-Database-Adapter-form-Bootsrap-class-tp25185540p25185540.html
Sent from the Zend MVC mailing list archive at Nabble.com.
This is my Bootstrap class.
http://www.nabble.com/file/p25185540/Bootstrap.php Bootstrap.php
I used
http://blog.keppens.biz/2009/06/create-modular-application-with-zend.html
keppens's create modular application Tutorial.
I add this code to boot
protected function _initDb(){
$params=array('host'=>'localhost',
'username'=>'root',
'password'=>'',
'dbname'=>'mydb');
$db=Zend_Db::factory('PDO_MYSQL',$params);
Zend_Db_Table::setDefaultAdapter($db);
}
Is this wrong ? What do I want to do?
--
View this message in context: http://www.nabble.com/Setting-Database-Adapter-form-Bootsrap-class-tp25185540p25185540.html
Sent from the Zend MVC mailing list archive at Nabble.com.
Sorry if this question has already been addressed (actually I've found this
:
http://www.nabble.com/OOP-Design-question-related-to-Zend_Db_Adapter-to21754
135.html, but nobody answered to william0275).
I would like to provide an abstraction layer so that read db queries would
be routed to one server (say A) and write queries to another server (say B),
so that it is completely transparent to developers (they would continue to
use $db->select(), $db->insert(), $db->update() and $db->query() as usual) .
Is there a classical solution for that ?
Jean-Michel
Hi all,
I've been working on a component to realise the MVC integration of Zend_Acl
which is different from the proposal
(http://framework.zend.com/wiki/pages/viewpage.action?pageId=39025) that
seems to be on hold.
I'm using an action helper the perform the checks at pre dispatch time on
controllers implementing Zend_Acl_Resource_Interface instead of a plugin and
am wondering if there's any underlying reason that would encourage the use
of a plugin.
I would really much appreciate your feedback on the action helper approach.
The code can be found there: http://code.google.com/p/oolala/
Thanks,
Thierry
--
View this message in context: http://www.nabble.com/MVC-integration-of-Zend_Acl-tp25183254p25183254.html
Sent from the Zend MVC mailing list archive at Nabble.com.
Hi all,
I've been working on a component to realise the MVC integration of Zend_Acl
which is different from the proposal
(http://framework.zend.com/wiki/pages/viewpage.action?pageId=39025) that
seems to be on hold.
I'm using an action helper the perform the checks at pre dispatch time on
controllers implementing Zend_Acl_Resource_Interface instead of a plugin and
am wondering if there's any underlying reason that would encourage the use
of a plugin.
I would really much appreciate your feedback on the action helper approach.
The code can be found there: http://code.google.com/p/oolala/
Thanks,
Thierry
--
View this message in context: http://www.nabble.com/MVC-integration-of-Zend_Acl-tp25183254p25183254.html
Sent from the Zend MVC mailing list archive at Nabble.com.
I've been working on a component to realise the MVC integration of Zend_Acl
which is different from the proposal
(http://framework.zend.com/wiki/pages/viewpage.action?pageId=39025) that
seems to be on hold.
I'm using an action helper the perform the checks at pre dispatch time on
controllers implementing Zend_Acl_Resource_Interface instead of a plugin and
am wondering if there's any underlying reason that would encourage the use
of a plugin.
I would really much appreciate your feedback on the action helper approach.
The code can be found there: http://code.google.com/p/oolala/
Thanks,
Thierry
--
View this message in context: http://www.nabble.com/MVC-integration-of-Zend_Acl-tp25183254p25183254.html
Sent from the Zend MVC mailing list archive at Nabble.com.
It's possible for the ? to be at position 1 (or, 0):$table->select()->where('? = id', 123); // <-- valid SQL
--
Hector
On Thu, Aug 27, 2009 at 2:38 PM, Thasmo <thasmo@gmail.com> wrote:Maybe that's right, in this case I guess,
it won't affect anything, as the '?'-sign won't
ever be at position 1, as long as I understand the quote function.
Anyone there to test it?
Mamsaac schrieb:
I'm not really looking into trying the code, since I was just reading some of
the Db code for entertaining (hey! it's better than some bad novels =) ).
I came up with this part in class Zend_Db_Adapter_Abstract:
public function quoteInto($text, $value, $type = null, $count = null) {
if ($count === null) {
return str_replace('?', $this->quote($value, $type), $text);
} else {
while ($count > 0) {
if (strpos($text, '?') != false) {
$text = substr_replace($text, $this->quote($value),
strpos($text, '?'), 1);
}
--$count;
}
return $text;
}
}
My issue, and I'm probably wrong, but this shouldn't take long, is that I
believe that strpos($text, '?') != false should be strpos($text, '?') !==
false
If the "?" is the first character, it would just not replace it. (I mean, ?
being in position 0).
If I'm wrong, I apologize for taking a quick reaction without verifying...
but I don't have any applications of mine using the ZF (again, I was just
reading :D) and I'm not supposed to waste too much time =)
And if this is not the right place to ask about this, again, sorry =)
The provided code in the documentation shows:
* <code>
* $text = "WHERE date < ?";
* $date = "2005-01-02";
* $safe = $sql->quoteInto($text, $date);
* // $safe = "WHERE date < '2005-01-02'"
* </code>
If the text is not "WHERE date < ?", but rather a simple "? > date" which
will be inserted into the WHERE section after that, it wouldn't work.
Anyway, since I have little experience using ZF, I can't assure of a bug in
here, so I will just leave the thread =) If it's a bug, I will be glad to
have helped in such a little thing, else, I'm sorry hehehe.
Thasmo wrote:
>
> Maybe that's right, in this case I guess,
> it won't affect anything, as the '?'-sign won't
> ever be at position 1, as long as I understand the quote function.
>
> Anyone there to test it?
>
>
> Mamsaac schrieb:
>> I'm not really looking into trying the code, since I was just reading
>> some of
>> the Db code for entertaining (hey! it's better than some bad novels =) ).
>>
>> I came up with this part in class Zend_Db_Adapter_Abstract:
>>
>> public function quoteInto($text, $value, $type = null, $count = null) {
>> if ($count === null) {
>> return str_replace('?', $this->quote($value, $type), $text);
>> } else {
>> while ($count > 0) {
>> if (strpos($text, '?') != false) {
>> $text = substr_replace($text, $this->quote($value),
>> strpos($text, '?'), 1);
>> }
>> --$count;
>> }
>> return $text;
>> }
>> }
>>
>> My issue, and I'm probably wrong, but this shouldn't take long, is that I
>> believe that strpos($text, '?') != false should be strpos($text, '?') !==
>> false
>>
>> If the "?" is the first character, it would just not replace it. (I mean,
>> ?
>> being in position 0).
>>
>> If I'm wrong, I apologize for taking a quick reaction without
>> verifying...
>> but I don't have any applications of mine using the ZF (again, I was just
>> reading :D) and I'm not supposed to waste too much time =)
>>
>> And if this is not the right place to ask about this, again, sorry =)
>>
>>
>
>
--
View this message in context: http://www.nabble.com/Not-sure%2C-but-is-this-a-bug--tp25178000p25180965.html
Sent from the Zend DB mailing list archive at Nabble.com.
