2010年3月31日星期三

[fw-mvc] Re: Problem with Zend_Form_Element_Hash

Hi, there is a solution.

Create, besides the form that will contain the data, a form without
elements. From the controller you instantiate the two forms. Also in the
controller, you add the element hash to the empty form. Both forms should be
sent to the vision. Then, in the condition "if ($ request-> isXmlHttpRequest
())" in the controller you render the empty form. Then, you take the hash
value with the method "getValue ()". This value must be sent in response by
Ajax and then use JavaScript to replace the hash value that is already
obsolete. The option to create an empty form for the hash is to avoid
problems with other elements such as, for example, the captcha that would
have its id generated again if the form were rendered, and would also need
to have the new information replaced. The validation will be done separately
because there are two distinct forms. Later you can reuse the hash (empty)
form whenever you want. The following are examples of the code.

//In the controller, after instantiating the empty form you add the Hash
element to it:
$hash = new Zend_Form_Element_Hash('no_csrf_foo');
$hash_form->addElement('hash', 'no_csrf_foo', array('salt' => 'unique'));

//...

//Also in the controller, within the condition "if
($request->isXmlHttpRequest())" you render the form (this will renew the
session for the next attempt to send the form) and get the new id value:
$hash_form->render($this->view);
$hash_value['hash'] =
$hash_form->getElement('no_csrf_foo')->getValue();//The value must be added
to the ajax response in JSON, for example. One can use the methods
Zend_Json::decode($response) and Zend_Json::encode($array) for conversions
between PHP array and JSON.

//---------------------------------------

//In JavaScript, the Ajax response function:
document.getElementById("no_csrf_foo").value = data.hash;//Retrieves the
hash value from the Json response and set it to the hash input.

--
View this message in context: http://n4.nabble.com/Problem-with-Zend-Form-Element-Hash-tp668669p1747689.html
Sent from the Zend MVC mailing list archive at Nabble.com.

[fw-mvc] Problem validating file upload form field

Dear All,

I have spend too long on this and am getting nowhere. Any help is
appreciated.
Thank you in advance.

Problem:
My optional file upload field always fails the isValid() checks, so no file
gets uploaded, however, the system does not throw any error and attaches no
error message to the file upload field.

Details:

I have a form which works perfectly fine and is controlled by this
controller code:
$request = $this->getRequest();

$updateForm = new Admin_Form_UpdateForm(array(
'action' =>
$request->getBaseUrl().'/admin/account/update'));
$updateForm->setMethod( 'POST' );
$updateForm->setAttrib('enctype', 'multipart/form-data');
$updateForm->setDecorators(array(
array('ViewScript', array('viewScript' =>
'forms/updateform.phtml')),
));
$this->view->form = $updateForm;

if ($request->isPost()) {
$parameters = $request->getParams();
if(isset($parameters['cancel']))
$this->_redirect('/admin/account/list');
if ($updateForm->isValid($request->getPost())) {
$values = $updateForm->getValues();
$result = Admin_Model_Account::saveData($values);
if($result) $this->_redirect('/admin/account/list');
}
}
As soon as I add the following file field into the form:

public function addImageField($required, $name, $label, $id = NULL) {

$element = new Zend_Form_Element_File($name);
$element->setLabel($label);
$element->setDestination('/var/www/web1/web/public/images/upload');
$element->setDecorators(array(
'Errors',
'File',
array(array('data' => 'HtmlTag'), array('tag' => 'td',
'class' => 'fileInput element', 'id' => $name)),
array('Label', array('tag' => 'td', 'class' =>
'formlabel')),
));
$this->addElement($element);
}


the form never gets passed the

if ($updateForm->isValid($request->getPost()))
in the controller but throws no errors and shows no error messages next to
the form field.

Additional info:
- Of course I played around with different settings and I found that by
removing the setDestination directive in the form element declaration a form
field related error is thrown: File 'logo' exceeds the defined ini size
- Setting the setValueDisabled(true) directive in the element makes no
difference.

Questions:
Why would the form validation fail my form file element - particularly
without throwing any error messages?
How can I get the validation to pass?
--
View this message in context: http://n4.nabble.com/Problem-validating-file-upload-form-field-tp1747289p1747289.html
Sent from the Zend MVC mailing list archive at Nabble.com.

2010年3月30日星期二

[fw-mvc] Re: Modules bootstrap throws warnings

Hm, no ideas what might be wrong? Does it work for you without problems?
--
View this message in context: http://n4.nabble.com/Modules-bootstrap-throws-warnings-tp1690446p1745138.html
Sent from the Zend MVC mailing list archive at Nabble.com.

2010年3月29日星期一

Re: [fw-mvc] Where do your Models Live (in a modular application)?

Hey Jsuggs,

jsuggs wrote:
> I know this has been discussed a couple of times but maybe not quite in this
> aspect. Where do your models live in a modular application?

It's important to understand a few concepts about modularity. For
various people, it can be said to have one of two, or both goals:

1) to create a reusable set of code that can be used as a springboard
for new applications. For example, like a Blog Module that has all of
the common "blog" functionality, but simply needs to be tailored and
customized to fit into a new site/application

and/or

2) To achieve a hMVC structure where there is more hierarchy in the
code, each level of hierarchy adding some logical separation of
concerns. This allows for more manageable, more maintainable code since
each module/hierarhcy has been group according to some set of common
goals, concerns and responsibility.

> Assumptions for discussion:
> Modules: default, blog, and admin.
> Namespace: App_ (horrible, but makes it easier to follow)
>
> For models that will span responsibilities in all of the modules (ex.
> Users), do they live in the App namespace or in the Default namespace
> (namespace may be used incorrectly in this case)?
> App_Model_User => /application/models/User.php
> Default_Model_User => /application/modules/default/models/User.php
>
> Additionally, what about models specific to a module (ex. BlogPost)? Should
> they "live" in the blog module or does all of the models live in the
> Application namespace and the modules just access what they need when
> appropriate?
>
> I start to get my head wrapped around some concepts then I end up having
> "basic" questions that end up throwing me for a loop. Then again, this
> could be another one of those "whatever works for you" scenarios as well...

Here is a project that demonstrates a basic applicaiton with a top level
MVC, and modules directory. (this was created with Zend_Tool on the
command line):

|- .zfproject.xml
|- application
| |- Bootstrap.php
| |- configs
| | `- application.ini
| |- controllers
| | |- ErrorController.php
| | `- IndexController.php
| |- models
| | `- User.php [Application_Model_User]
| |- modules
| | `- Blog
| | |- controllers
| | |- models
| | | `- BlogPost.php [Blog_Model_BlogPost]
| | `- views
| | |- filters
| | |- helpers
| | `- scripts
| `- views
| |- helpers
| `- scripts
| |- error
| | `- error.phtml
| `- index
| `- index.phtml
|- docs
| `- README.txt
|- library
|- public
| |- .htaccess
| `- index.php
`- tests
|- application
| `- bootstrap.php
|- library
| `- bootstrap.php
`- phpunit.xml

> Sidebar discussion: I would think that this answer [c|w]ould apply to
> service classes as well, but please correct me if I'm wrong.

It depends on what type of service classes you are talking about. If
you are talking about Service Locator/Layer classes, these classes very
much align their responsibilities up with that of a model.

If these are Service API classes, ie: classes that are intended to be
used with an RPC server of some sort, ZF has traditionally had an "apis"
directory at the same layer of models, views, and controllers directories.

Hope this gets you going,
Ralph

[fw-mvc] Where do your Models Live (in a modular application)?

I know this has been discussed a couple of times but maybe not quite in this
aspect. Where do your models live in a modular application?

Assumptions for discussion:
Modules: default, blog, and admin.
Namespace: App_ (horrible, but makes it easier to follow)

For models that will span responsibilities in all of the modules (ex.
Users), do they live in the App namespace or in the Default namespace
(namespace may be used incorrectly in this case)?
App_Model_User => /application/models/User.php
Default_Model_User => /application/modules/default/models/User.php

Additionally, what about models specific to a module (ex. BlogPost)? Should
they "live" in the blog module or does all of the models live in the
Application namespace and the modules just access what they need when
appropriate?

I start to get my head wrapped around some concepts then I end up having
"basic" questions that end up throwing me for a loop. Then again, this
could be another one of those "whatever works for you" scenarios as well...

Sidebar discussion: I would think that this answer [c|w]ould apply to
service classes as well, but please correct me if I'm wrong.
--
View this message in context: http://n4.nabble.com/Where-do-your-Models-Live-in-a-modular-application-tp1712456p1712456.html
Sent from the Zend MVC mailing list archive at Nabble.com.

2010年3月26日星期五

[fw-webservices] Re: .NET SOAP client not working with ZEND_SOAP server

It took a while but I figured it out. As usual, it was a stupid little thing. PHP's soap extension defaults both the server and client to SOAP 1.1, but Zend_Soap_Server sets it to 1.2 unless you specifically set it
Zend_Soap_Server($uri, array('soap_version' => SOAP_1_1));
The difference of the two versions that was causing the problem was in the HTTP header Content-type. SOAP 1.1: text/xml SOAP 1.2: application/soap+xml The .NET client obviously cares about this and did not work because of this. hgg

View this message in context: Re: .NET SOAP client not working with ZEND_SOAP server
Sent from the Zend Web Services mailing list archive at Nabble.com.

2010年3月25日星期四

[fw-mvc] Modules bootstrap throws warnings

Hi,

my modules were working with no problems, but I wanted to make them more
current with Zend_Application_Module_Bootstrap.

I have an empty module bootstrap class:

Admin_Bootstrap extends Zend_Application_Module_Bootstrap { }


I found out that in parent constructor, in code

// ZF-6545: prevent recursive registration of modules
if ($this->hasPluginResource('modules')) {
$this->unregisterPluginResource('modules');
}

warning is thrown for each module

Warning: include_once(FrontController.php) [function.include-once]: failed
to open stream: No such file or directory in C:\...\Zend\Loader.php on line
146

and the exception as the last one:

exception 'Zend_Session_Exception' with message 'You must call
Zend_Session::regenerateId() before any output has been sent to the browser;
output started in C:\...\Zend\Loader.php/146' in C:\...Zend\Session.php:307


If I disable the Zend_Application_Module_Bootstrap constructor, "everything"
works fine!?


Modules part of application.ini is:

resources.modules[] =
resources.frontController.moduleDirectory = APPLICATION_PATH "/modules"
resources.frontController.params.prefixDefaultModule = true
resources.frontController.defaultModule = "default"

Any ideas what's happening?

--
View this message in context: http://n4.nabble.com/Modules-bootstrap-throws-warnings-tp1690446p1690446.html
Sent from the Zend MVC mailing list archive at Nabble.com.

2010年3月24日星期三

[fw-mvc] Question on Zend_Navigation and route bugs

Hi,

I want to know if there are plans on fixing the bugs related to
Zend_Navigation and routes into current 1.x major branch or any problems
like that are postponed for 2.0 (whe i understand there is a plan to
fully rewrite routes side). I am asking this because i saw no progress
on actually fixing the issues, so my question is quite legit i guess.

Some samples of issues

http://framework.zend.com/issues/browse/ZF-7848
http://framework.zend.com/issues/browse/ZF-8579
http://framework.zend.com/issues/browse/ZF-8686

--
Best regards,
Cristian Bichis
www.zftutorials.com | www.zfforums.com | www.zftalk.com | www.zflinks.com

2010年3月23日星期二

[fw-mvc] How to add errors to subForms?

Hi all,
I have a  form with many subForms and these subForms have many subForms too, sometimes.
But now, I need add a custom error on subForm element.

I'm trying:

$form->getSubForm('Person')
                     ->getSubForm('PersonDocument')
                     ->getElement('cpf')
                     ->addError('Como a pessoa é Brasileira, o CPF deve ser obrigatório');

But it dont works...

Someone knows how do it?

Best Regs,
______________________________________
Daniel Lima
Web Developer
Tel.: (33) 3536 1091
Cel.: (33) 9139 5521
Skype: yourwebmaker
Cilens Software
http://www.cilens.info/

Re: [fw-mvc] Conditional links in Zend_Navigation

Hello everyone,

Thanks for the quick reactions. I have done some research on the web and i found some interesting video tutorials on the web (Youtube: http://bit.ly/aqnuwb). There there are a couple of video tutorials about Zend_Navigation and combining it with zend Acl.

The only thing is that I use the whole acl functionallity in a different way. Namely ad described in the book of Keith Pope (Zend Framework 1.8 Web application development). I am using a model based ACL.

Here I use the ACL as an action helper: 

        Zend_Controller_Action_HelperBroker::addHelper(new SF_Controller_Helper_Acl());

The problem I have is that I don't know how to access the ACL from the bootstrap in order to add the acl to zend _navigation in this way:

$navigation = new Zend_Config_Xml(APPLICATION_PATH.'/configs/navigation.xml','nav');
$navContainer = new Zend_Navigation($navigation);
$this->_view->navigation($navContainer)-setAcl($this->_acl)->setRole($this->_auth->getStorage()->read()->role); 


Any Idea's?


On Sun, Mar 21, 2010 at 11:19 PM, Jelle-Jan van Veelen - Zicht <jellejan@zicht.nl> wrote:

The easiest way to do this, is to use Zend_Navigation together with Zend_Acl. It's a pretty easy setup.

First, you build your ACL where you define something like a user (logged in) and a guest (not logged in). You can allow or deny users or guest certain resources, and a Zend_Navigation_Page could be one of those resources. So, when your navigation is rendered, and a certain page is defined as a resource in your ACL, Zend_Navigation will check the ACL if the current user has the rights to view that page.

 

You will have to keep in mind that this ACL checking is only done on the navigation itself, and not on the specific controller/action when it is requested. So, the link to the logout page is hidden when someone is not logged in, but that does not mean a guest cannot visit the logout page.

 

If you do a web search on Zend_Navigation Zend_Acl you will find a lot of examples that will get you started.

 

Jelle-Jan

 

From: Jigal sanders [mailto:jigalroecha@gmail.com]
Sent: zondag 21 maart 2010 21:16
To: fw-general; fw-mvc
Subject: [fw-mvc] Conditional links in Zend_Navigation

 

Hello,

 

I use Zend_Navigation and an xml file to build up my navigation.

Is it possible to show only a link on a certain condition? For example when a user is logged in i want to show the logout link but when no one is logged in i don't want to show the logout link.

 

Any idea's?

 

Thanks.

 

J. Sanders




--
Met vriendelijke groet,

Jigal Sanders
A.J. Ernststraat 739
1082 LK Amsterdam
Mobiel: 06-42111489

2010年3月21日星期日

[fw-db] MSSQL - Zend_Db_Table_Abstract update() not binding params

Hi All,

I have been having some success in getting MSSQL 2008 and ZF 1.11.0dev
working together over PDO_MSSQL but have just hit a snag on my first
update() method.

I have a simple interface for managing countries as a test. The edit form
for this interface calls the following method in a class that extends
Zend_Db_Table_Abstract:

public function addCountry($countrycode, $countryname)
{
$data = array(
'countrycode' => $countrycode,
'countryname' => $countryname
);

$this->insert($data);
}

When this is run, I find the generated SQL is as follows:

UPDATE "eCountry" SET "countrycode" = ?, "countryname" = ? WHERE (countryid
= 0)

Now my first port of call was to step through the code to try to find the
problem. Which I did all the way down to Zend\DB\Adapter\Abstract.php's
query() method (line 467)

// prepare and execute the statement with profiling
$stmt = $this->prepare($sql);
$stmt->execute($bind);

Here I have output both the $sql and $bind vars. $sql is as it is above.
$bind contains the correct numerical array of parameters. So I guess the
problem lies in the execute($bind) method. This array is simply not binding
to the statement.

Insert and selects work just fine. I have not tried delete yet.

Has anyone come across this? I cannot find this execute() method, and the
prepare() method is just an Abstract signature.

I got this version of ZF from trunk, so the thought did cross my mind that I
had an unstable version.

Any suggestions would be appreciated. ZF is my last attempt at getting this
project rolling as MSSQL and PHP before having to go .NET.

Thanks
Aaron


--
View this message in context: http://n4.nabble.com/MSSQL-Zend-Db-Table-Abstract-update-not-binding-params-tp1677187p1677187.html
Sent from the Zend DB mailing list archive at Nabble.com.

RE: [fw-mvc] Conditional links in Zend_Navigation

The easiest way to do this, is to use Zend_Navigation together with Zend_Acl. It’s a pretty easy setup.

First, you build your ACL where you define something like a user (logged in) and a guest (not logged in). You can allow or deny users or guest certain resources, and a Zend_Navigation_Page could be one of those resources. So, when your navigation is rendered, and a certain page is defined as a resource in your ACL, Zend_Navigation will check the ACL if the current user has the rights to view that page.

 

You will have to keep in mind that this ACL checking is only done on the navigation itself, and not on the specific controller/action when it is requested. So, the link to the logout page is hidden when someone is not logged in, but that does not mean a guest cannot visit the logout page.

 

If you do a web search on Zend_Navigation Zend_Acl you will find a lot of examples that will get you started.

 

Jelle-Jan

 

From: Jigal sanders [mailto:jigalroecha@gmail.com]
Sent: zondag 21 maart 2010 21:16
To: fw-general; fw-mvc
Subject: [fw-mvc] Conditional links in Zend_Navigation

 

Hello,

 

I use Zend_Navigation and an xml file to build up my navigation.

Is it possible to show only a link on a certain condition? For example when a user is logged in i want to show the logout link but when no one is logged in i don't want to show the logout link.

 

Any idea's?

 

Thanks.

 

J. Sanders

[fw-mvc] Conditional links in Zend_Navigation

Hello,

I use Zend_Navigation and an xml file to build up my navigation.
Is it possible to show only a link on a certain condition? For example when a user is logged in i want to show the logout link but when no one is logged in i don't want to show the logout link.

Any idea's?

Thanks.

J. Sanders

2010年3月19日星期五

warning from fw-all@lists.zend.com

Hi! This is the ezmlm program. I'm managing the
fw-all@lists.zend.com mailing list.

I'm working for my owner, who can be reached
at fw-all-owner@lists.zend.com.


Messages to you from the fw-all mailing list seem to
have been bouncing. I've attached a copy of the first bounce
message I received.

If this message bounces too, I will send you a probe. If the probe bounces,
I will remove your address from the fw-all mailing list,
without further notice.


I've kept a list of which messages from the fw-all mailing list have
bounced from your address.

Copies of these messages may be in the archive.

To retrieve a set of messages 123-145 (a maximum of 100 per request),
send an empty message to:
<fw-all-get.123_145@lists.zend.com>

To receive a subject and author list for the last 100 or so messages,
send an empty message to:
<fw-all-index@lists.zend.com>

Here are the message numbers:

12449

--- Enclosed is a copy of the bounce message I received.

Return-Path: <>
Received: (qmail 12364 invoked for bounce); 8 Mar 2010 10:16:17 -0000
Date: 8 Mar 2010 10:16:17 -0000
From: MAILER-DAEMON@ev1-z1.zend.com
To: fw-all-return-12449-@lists.zend.com
Subject: failure notice

Re: [fw-auth] HTTP response code when not logged in

 
On Fri, Mar 19, 2010 at 7:46 AM, Matthew Weier O'Phinney <matthew@zend.com> wrote:

I've used a 401 error code quite a number of times, and consider it
perfectly valid. While the spec indicates the WWW-Authenticate header is
required, I have yet to see a browser that acts on it, nor can I think
of any apps off hand that actually use it; I certainly haven't seen any
negative side-effects from not supplying it.

So, based on that anecdotal evidence... I'd go ahead and use it.

On Fri, Mar 19, 2010 at 1:16 AM, Marian Meres <marian.meres@gmail.com> wrote:
Thing is, the app I'm working on does not redirect, but internally
_forwards to login controller. It could be refactored, no question,
but would that be the only option?

Thanks.
M.

I don't think a refactor is necessary. Like Matthew said, just throw the 401. The spec is most applicable to working with an HTTP client like curl that anticipates the Auth dialog so that it can respond with credentials.

- pw

[fw-mvc] Directory Structure - Default to Modular Layout

As I get more and more used to working with ZF, I'm wondering why the
directory structure isn't modular by default. I (personally) think it would
end up reducing confusion in the long run since it would be a little more
explicit what is going on (one less "magic" thing that is occurring).

So basically I'm suggesting/proposing that when using Zend_Tool to create a
project it starts off by creating a modules/default directory with the
controllers, models, views, etc inside.

I would think this has been discussed before, so if someone has some links
to previous discussions then I'd love to read the reasoning behind the
decision for the current implementation.
--
View this message in context: http://n4.nabble.com/Directory-Structure-Default-to-Modular-Layout-tp1599549p1599549.html
Sent from the Zend MVC mailing list archive at Nabble.com.

[fw-webservices] .NET SOAP client not working with ZEND_SOAP server

Hello,

 

To get a data feed from a vendor I am required to implement a SOAP server based on a WSDL that the vendor supplies (I know it sounds a bit backwards, but that is how it is and I have no control over that).

The WSDL obviously gets slightly modified with the correct endpoint and soap action.

The vendor uses a .NET client to access my ZEND_SOAP service and I successfully get the clients request document and am able to process it without problems. My service sends back a response based on the type declared in the WSDL.

 

The vendor’s tech support only has access to this error message: “Missing SOAP response payload

I am trying to get them to escalate this to development but it is a slow process.

 

I have seen numerous posts here that have to do with interop problems between .NET and PHP so I am hoping that someone can help.

 

I have built a PHP client that works just fine with the service. I even downloaded a generic C# client and it can at least see the raw response that comes over the wire so I know that a response is being set (obviously does not process the xml document since it is generic and only for testing purposes).

I have even gone as far as partially bypassing the SOAP server response. I let Zend_Soap_Server::handle() set the headers and then return a canned SOAP document that is straight out of the vendors example response (with the proper namespaces set).

 

I realize that this is a wishy-washy question but am hoping that someone might have had issues with getting a #C client to talk to a Zend_SOAP server. Could it be: HTTP heards, character encoding, line feed of Win vs. Linux (grasping at straws here, I know)?

 

Here is the definition of the response type from the <types> section of the WSDL:

 

<s:element name="TheResponse">

  <s:complexType>

    <s:sequence>

      <s:element name="Result" type="s:string"/>

      <s:element name="Message" type="s:string" minOccurs="0"/>

    </s:sequence>

  </s:complexType>

</s:element>

 

And here is the response document my service returns:

 

<?xml version="1.0" encoding="UTF-8"?>

<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">

  <soap:Body>

    <TheResponse xmlns="namespace of the type declaration is here">

      <Result>Success</Result>

      <Message>Message Value</Message>

    </TheResponse>

  </soap:Body>

</soap:Envelope>

 

Note that the above is the canned response that I am sending back just to see if that would work - It does not!! The actual response generated by Zend_SOAP is the one below and I would think that from an XML syntax standpoint they should be the same:

 

<?xml version="1.0" encoding="UTF-8"?>

<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ns1="namespace of the type declaration is here">

  <SOAP-ENV:Body>

    <ns1:TheResponse>

      <ns1:Result>Success</ns1:Result>

      <ns1:Message>Message Value</ns1:Message>

    </ns1:TheResponse>

  </SOAP-ENV:Body>

</SOAP-ENV:Envelope>

 

Thanks,

hgg

Re: [fw-auth] HTTP response code when not logged in

Thing is, the app I'm working on does not redirect, but internally
_forwards to login controller. It could be refactored, no question,
but would that be the only option?

Thanks.
M.

On Fri, Mar 19, 2010 at 8:51 AM, Peter Warnock <petewarnock@gmail.com> wrote:
> Do capture the request uri, do a 301 redirect to the login page,
> authenticate, and redirect back to the request uri.
>
> A 401 is used to present an HTTP Auth dialog.  It's more useful for REST
> APIs and the like that have login credentials sent with the request.
>
> - pw
>
> On Fri, Mar 19, 2010 at 12:45 AM, Marian Meres <marian.meres@gmail.com>
> wrote:
>>
>> Hello everyone,
>>
>> what kind of HTTP response codes would you suggest using when
>> accessing a page which requires user to be logged in and there is no
>> current identity present?
>>
>> Initially I thought about "401 Unauthorized", but the definition says:
>> "The response MUST include a WWW-Authenticate header field containing
>> a challenge applicable to the requested resource" where I'm not sure I
>> know what that means...
>>
>> I also thought about "403 Forbidden", but again from the definition:
>> "Authorization will not help and the request SHOULD NOT be repeated"
>> does not look like a good choice.
>>
>> Or forget it and stick with good old "200 OK"?
>>
>> Thanks,
>> M.
>>
>
>

Re: [fw-auth] HTTP response code when not logged in

Do capture the request uri, do a 301 redirect to the login page, authenticate, and redirect back to the request uri.

A 401 is used to present an HTTP Auth dialog.  It's more useful for REST APIs and the like that have login credentials sent with the request.

- pw

On Fri, Mar 19, 2010 at 12:45 AM, Marian Meres <marian.meres@gmail.com> wrote:
Hello everyone,

what kind of HTTP response codes would you suggest using when
accessing a page which requires user to be logged in and there is no
current identity present?

Initially I thought about "401 Unauthorized", but the definition says:
"The response MUST include a WWW-Authenticate header field containing
a challenge applicable to the requested resource" where I'm not sure I
know what that means...

I also thought about "403 Forbidden", but again from the definition:
"Authorization will not help and the request SHOULD NOT be repeated"
does not look like a good choice.

Or forget it and stick with good old "200 OK"?

Thanks,
M.


[fw-auth] HTTP response code when not logged in

Hello everyone,

what kind of HTTP response codes would you suggest using when
accessing a page which requires user to be logged in and there is no
current identity present?

Initially I thought about "401 Unauthorized", but the definition says:
"The response MUST include a WWW-Authenticate header field containing
a challenge applicable to the requested resource" where I'm not sure I
know what that means...

I also thought about "403 Forbidden", but again from the definition:
"Authorization will not help and the request SHOULD NOT be repeated"
does not look like a good choice.

Or forget it and stick with good old "200 OK"?

Thanks,
M.

2010年3月18日星期四

[fw-webservices] Zend_Soap_Server SOAP version confusion

Hi,

I'm using ZF 1.10.1 where Zend_Soap_Server has set the SOAP version to SOAP
1.2 as a default.

However when returning Soap Faults the structure of the fault resembles SOAP
1.1

eg.
<SOAP-ENV:Envelope
xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">
<SOAP-ENV:Body>
<SOAP-ENV:Fault>
<faultcode>Sender</faultcode>
<faultstring>Nonce has expired</faultstring>
</SOAP-ENV:Fault>
</SOAP-ENV:Body>
</SOAP-ENV:Envelope>


This would be fine, except that the fault codes that Zend_Soap_Server are
SOAP 1.2 codes not 1.1. In fact Zend_Soap_Server will not allow you to
return "Client" as a fault code (which is a valid SOAP 1.1 fault code)

What am I missing?
--
View this message in context: http://n4.nabble.com/Zend-Soap-Server-SOAP-version-confusion-tp1598704p1598704.html
Sent from the Zend Web Services mailing list archive at Nabble.com.

[fw-mvc] Re: [fw-general] Action gets called twice

Most of the time this is due to a missing stylesheet, javascript, or image. I would take a look at your layout (or login page) for a broken/missing reference.

It could also be a stylesheet that has an invalid background URL. Make sure all background image URLs start with "/" e.g. "/images/background.png" instead of "images/background.png".

I hope this helps.

--
Hector


On Thu, Mar 18, 2010 at 6:29 AM, Patrick Figel <patfigel@gmail.com> wrote:
Hi,

I just found out that all actions in our application get called twice.

There's a related issue on stackoverflow:
http://stackoverflow.com/questions/721205/Zend-Framework-Action-Gets-Called-Twice

Disabling all controller plugins which could force a redirect,
removing all _forwards etc., didn't solve the issue.

Like that guy on stackoverflow, I'm using Zend_Controller_Router_Route:

       $route = new Zend_Controller_Router_Route(
           ':language/:region/:controller/:action/*',
           array(
               'language'   => 'de',
               'region' => 'at',
               'controller' => 'index',
               'action'     => 'index'
           )
       );

I tried to debug this by writing debug_backtrace's output to the log
and found this after _one_ request:

#0  LoginController->indexAction() called at
[*\library\Zend\Controller\Action.php:513]
#1  Zend_Controller_Action->dispatch(indexAction) called at
[*\library\Zend\Controller\Dispatcher\Standard.php:289]
#2  Zend_Controller_Dispatcher_Standard->dispatch(Zend_Controller_Request_Http
Object ([] => Array ([0] => _GET,[1] => _POST),[] =>
*/public/index.php/de/at/login/index/,[] => */public/index.php,[] =>
,[] => /de/at/login/index/,[] => Array ([language] => de,[region] =>
at,[controller] => login,[action] => index),[] => ,[] => Array (),[]
=> 1,[] => default,[] => module,[] => login,[] => controller,[] =>
index,[] => action), Zend_Controller_Response_Http Object ([] => Array
(),[] => Array (),[] => Array (),[] => Array (),[] => 200,[] => ,[] =>
,[headersSentThrowsException] => 1)) called at
[*\library\Zend\Controller\Front.php:954]
#3  Zend_Controller_Front->dispatch() called at
[*\library\Zend\Application\Bootstrap\Bootstrap.php:97]
#4  Zend_Application_Bootstrap_Bootstrap->run() called at
[*\library\Zend\Application.php:366]
#5  Zend_Application->run() called at [*\public\index.php:45]
------
#0  LoginController->indexAction() called at
[*\library\Zend\Controller\Action.php:513]
#1  Zend_Controller_Action->dispatch(indexAction) called at
[*\library\Zend\Controller\Dispatcher\Standard.php:289]
#2  Zend_Controller_Dispatcher_Standard->dispatch(Zend_Controller_Request_Http
Object ([] => Array ([0] => _GET,[1] => _POST),[] =>
*/public/index.php/de/at/login/index/,[] => */public/index.php,[] =>
,[] => /de/at/login/index/,[] => Array ([language] => de,[region] =>
at,[controller] => login,[action] => index),[] => ,[] => Array (),[]
=> 1,[] => default,[] => module,[] => login,[] => controller,[] =>
index,[] => action), Zend_Controller_Response_Http Object ([] => Array
(),[] => Array (),[] => Array (),[] => Array (),[] => 200,[] => ,[] =>
,[headersSentThrowsException] => 1)) called at
[*\library\Zend\Controller\Front.php:954]
#3  Zend_Controller_Front->dispatch() called at
[*\library\Zend\Application\Bootstrap\Bootstrap.php:97]
#4  Zend_Application_Bootstrap_Bootstrap->run() called at
[*\library\Zend\Application.php:366]
#5  Zend_Application->run() called at [*\public\index.php:45]

I added sleep(5) to the action and logged $_SERVER[''REQUEST_TIME']:
array (
 ...
 'REQUEST_TIME' => 1268918186,
 ...
)

array (
 ...
 'REQUEST_TIME' => 1268918191,
 ...
)

The app is running on Win2k3/IIS 6 with Zend Server CE 4.0/PHP 5.3

Any idea?

Thanks,

2010年3月17日星期三

[fw-webservices] Re: zend_soap and .Net

Maxtone,

Did you ever resolve this?

Thanks
hgg
--
View this message in context: http://n4.nabble.com/zend-soap-and-Net-tp675951p1596869.html
Sent from the Zend Web Services mailing list archive at Nabble.com.

2010年3月16日星期二

Re: [fw-mvc] Re: How can I redirect to another controller/action as POST-request?

On 3/17/10, pablofmorales@gmail.com <pablofmorales@gmail.com> wrote:
> I only think in curl. Maybe you can try change post parameters for
> get parameters, and redirect
>
>
>
>
> On 3/17/10, David Muir <davidkmuir+zend@gmail.com> wrote:
>>
>> You generally can't.
>> I think _forward() would be your best bet. It doesn't actually trigger a
>> redirect, but passes the current request on to a different
>> controller/action.
>>
>> Cheers,
>> David
>> --
>> View this message in context:
>> http://n4.nabble.com/How-can-I-redirect-to-another-controller-action-as-POST-request-tp1594684p1595890.html
>> Sent from the Zend MVC mailing list archive at Nabble.com.
>>
>>
>
>
> --
> ----------------------------------------
> Pablo Morales
> blog: http://blog.pablo-morales.com
> linkedln: http://www.linkedin.com/pub/9/528/21
> skype: pablofmorales
> gtalk: pablofmorales@gmail.com
> msn: pfm_mc@hotmail.com
>


--
----------------------------------------
Pablo Morales
blog: http://blog.pablo-morales.com
linkedln: http://www.linkedin.com/pub/9/528/21
skype: pablofmorales
gtalk: pablofmorales@gmail.com
msn: pfm_mc@hotmail.com

Re: [fw-mvc] Re: How can I redirect to another controller/action as POST-request?

I only think in curl. Maybe you can try change post parameters for
get parameters, and redirect


On 3/17/10, David Muir <davidkmuir+zend@gmail.com> wrote:
>
> You generally can't.
> I think _forward() would be your best bet. It doesn't actually trigger a
> redirect, but passes the current request on to a different
> controller/action.
>
> Cheers,
> David
> --
> View this message in context:
> http://n4.nabble.com/How-can-I-redirect-to-another-controller-action-as-POST-request-tp1594684p1595890.html
> Sent from the Zend MVC mailing list archive at Nabble.com.
>
>


--
----------------------------------------
Pablo Morales
blog: http://blog.pablo-morales.com
linkedln: http://www.linkedin.com/pub/9/528/21
skype: pablofmorales
gtalk: pablofmorales@gmail.com
msn: pfm_mc@hotmail.com

[fw-mvc] Re: How can I redirect to another controller/action as POST-request?

You generally can't.
I think _forward() would be your best bet. It doesn't actually trigger a
redirect, but passes the current request on to a different
controller/action.

Cheers,
David
--
View this message in context: http://n4.nabble.com/How-can-I-redirect-to-another-controller-action-as-POST-request-tp1594684p1595890.html
Sent from the Zend MVC mailing list archive at Nabble.com.

2010年3月15日星期一

Re: [fw-auth] Confusion with Zend_ACL

Hello Ralph,

Thanks a lot for replying, i really appreciate that. Sorry for missing out the bootstrap file; here it is...

----------<<<<<<<<>>>>>>>>>--------------
this is my Bootstrap code:
----------<<<<<<<<>>>>>>>>>--------------

<?php

class Bootstrap extends Zend_Application_Bootstrap_Bootstrap {

    protected function _initAutoload() {
        $moduleLoader = new Zend_Application_Module_Autoloader(array(
            'namespace' => '',
            'basePath' => APPLICATION_PATH));

        $acl = new Model_Authentication_User();
        $auth = Zend_Auth::getInstance();

        $fc = Zend_Controller_Front::getInstance();
        $fc->registerPlugin(new Plugin_AccessCheck($acl, $auth));

        return $moduleLoader;
    }
 
}



----------<<<<<<<<>>>>>>>>>--------------
this is my LoginAction code in authentication controller:
----------<<<<<<<<>>>>>>>>>--------------

<?php

class AuthenticationController extends Zend_Controller_Action {

    public function loginAction() {



        if(Zend_Auth::getInstance()->hasIdentity()) {
           
            $this->_redirect('documents/list');
        }
        $req = $this->getRequest();

        $form = new Form_LoginPage();
       
        if($req->isPost()) {
            if($form->isValid($this->_request->getPost())) {

                $AuthentAdapter = $this->getAuthAdapter();

                $user_name = $form->getValue('username');
                $user_password = $form->getValue('userpassword');

                $AuthentAdapter ->setIdentity($user_name)
                    ->setCredential($user_password);


                $auth=Zend_Auth::getInstance();

                $result = $auth->authenticate($AuthentAdapter);

                if($result->isValid()) {
                    $identity=$AuthentAdapter->getResultRowObject();
                   
                    $authStorage = $auth->getStorage();
                    $authStorage->write($identity);


                    $sess = new Zend_Session_Namespace('usersession');
                    $sess->username = $user_name;


                   
                }
                else
                    $this->view->errorMessage = 'Invalid User name or Password provided, try again';
            }
        }

       // $this->_redirect('Documents/list');
      
        $this->view->form = $form;
    }





----------<<<<<<<<>>>>>>>>>--------------
this is my getAuthAdapter code: this is also in the authentication controller
----------<<<<<<<<>>>>>>>>>--------------

private function getAuthAdapter() {

        $AuthentAdapter = new Zend_Auth_Adapter_DbTable(Zend_Db_Table::getDefaultAdapter());

        $AuthentAdapter->setTableName('user')
            ->setIdentityColumn('user_name')
            ->setCredentialColumn('user_password');
        return $AuthentAdapter;

    }



Also im putting my Model code again as i've modified it and its better to understand now (atleast for me :))

<?php

class Model_Authentication_User extends Zend_Acl {
    protected $_name = 'authent';

    public function __construct() {

    /** Creating Roles */

        $this->addRole(new Zend_Acl_Role('guest'));
        $this->addRole(new Zend_Acl_Role('user'),'guest')
            ->addRole(new Zend_Acl_Role('admin'), 'user');
        //            ->addRole(new Zend_Acl_Role('admin'), 'writer');

        /** Creating resources */
        //require_once 'Zend/Acl/Resource.php';
        $this->add(new Zend_Acl_Resource('index'))
            ->add(new Zend_Acl_Resource('authentication'))
            ->add(new Zend_Acl_Resource('documents'));
       
        // Rules definitions
        $this->allow('guest','authentication')
            ->deny('guest', 'documents')
            ->allow('guest', 'documents','list')
            ->allow('user', 'documents', array('list','detaillist'))
            ->allow('admin', 'documents', array('add', 'addnote', 'edit','delete'));

                }
}



Even when this error shows on the page, when i login...it starts working file...WHEN i change this line;

$role = $auth_all_items_stored->role;

and assign some role that is in the Plugin_AccessCheck;

$role =  'user'; //$auth_all_items_stored->role;

the error goes away but the role stays as user only. The reason as far as i can understand is because it tries to assign a value to the role before the loginaction actually starts as it is in preDispatch() function

<?php
class Plugin_AccessCheck extends Zend_Controller_Plugin_Abstract {

    private $_acl= null;
    private $_auth = null;

    public function __construct(Zend_Acl $acl, Zend_Auth $auth) {
        $this->_acl=$acl;
        $this->_auth=$auth;
    }

public function preDispatch(Zend_Controller_Request_Abstract $request) {

        $resource = $request->getControllerName();
        $action = $request->getActionName();

        $identity = $this->_auth->getStorage()->read();
        $role = $identity->role;

        if(!$this->_acl->isAllowed($role, $resource, $action)) {

            $request->setControllerName('authentication')
                ->setActionName('login');
            echo "Message: You don't have the permission to access the requested page";
        }
    }

}


Waiting for your reply,

Regards,
Yasin


On Mon, Mar 15, 2010 at 6:34 PM, Ralph Schindler <ralph.schindler@zend.com> wrote:
A couple of things to note to perhaps help you out.

In the code below, the Plugin is ALWAYS run for each request (I can only assume this as I cannot see your bootstrap information).  This means you might want to add some conditional logic to the plugin to detect whether or not a user is actually logged in.

When users login, upon a successful login, the loginAction will populate the Auth component (via Zend_Session) with an object, and in this object is a property called 'role'.

If there is no loginAction, there is no object in the Auth Component (in the session), and thus, line 18 of the plugin would fail due to the fact that you're trying to access a property of an object that does not exist.

*<?php

class Plugin_AccessCheck extends Zend_Controller_Plugin_Abstract {

   private $_acl= null;
   private $_auth = null;

   public function __construct(Zend_Acl $acl, Zend_Auth $auth) {
       $this->_acl=$acl;
       $this->_auth=$auth;
   }

   public function preDispatch(Zend_Controller_Request_Abstract $request) {

       $resource = $request->getControllerName();
       $action = $request->getActionName();

Try chainging this:


       $auth_all_items_stored = $this->_auth->getStorage()->read();
       $role = $auth_all_items_stored->role;

       if(!$this->_acl->isAllowed($role, $resource, $action)) {

           $request->setControllerName('authentication')
               ->setActionName('login');
       }


To this:

if (!is_object($auth_all_items_stored)
   || !$this->_acl->isAllowed($auth_all_items_stored->role, $resource, $action) {

...

}


That should redirect to the auth controller / login action if there is either no session information available, or if the current user is not allowed to access this particular rule.

Either way, just ensure you actually have an object in the auth/session first.

-ralph


Re: [fw-auth] Re: ACL... but completely different

I have this exact example on my blog:

http://ralphschindler.com/2009/08/13/dynamic-assertions-for-zend_acl-in-zf

Hopefully that might give you some insight on how-to integration
Zend_Acl into your models.

The other advice in this thread is sound as well (gathering the
information statically from some kind of globally accessible place.)

hope that helps,
-ralph

Laura Dean wrote:
> I must be missing something with the assertions. The example given was just
> testing an IP address which can be determined by a global variable, but if I
> need to test if the user owns the blog post, surely I must pass in the user
> id and the id of the blog post? Is there some way to pass parameters to the
> assertions? I was thinking something like this would be convenient:
>
> $acl->isAllowed('role', 'resource', 'privilege', $params);
>
> Or am I supposed to extend Zend_Acl_Resource so that I can set the id here?

Re: [fw-auth] Confusion with Zend_ACL

A couple of things to note to perhaps help you out.

In the code below, the Plugin is ALWAYS run for each request (I can only
assume this as I cannot see your bootstrap information). This means you
might want to add some conditional logic to the plugin to detect whether
or not a user is actually logged in.

When users login, upon a successful login, the loginAction will populate
the Auth component (via Zend_Session) with an object, and in this object
is a property called 'role'.

If there is no loginAction, there is no object in the Auth Component (in
the session), and thus, line 18 of the plugin would fail due to the fact
that you're trying to access a property of an object that does not exist.

> *<?php
> class Plugin_AccessCheck extends Zend_Controller_Plugin_Abstract {
>
> private $_acl= null;
> private $_auth = null;
>
> public function __construct(Zend_Acl $acl, Zend_Auth $auth) {
> $this->_acl=$acl;
> $this->_auth=$auth;
> }
>
> public function preDispatch(Zend_Controller_Request_Abstract $request) {
>
> $resource = $request->getControllerName();
> $action = $request->getActionName();
>
Try chainging this:

> $auth_all_items_stored = $this->_auth->getStorage()->read();
> $role = $auth_all_items_stored->role;
>
> if(!$this->_acl->isAllowed($role, $resource, $action)) {
>
> $request->setControllerName('authentication')
> ->setActionName('login');
> }


To this:

if (!is_object($auth_all_items_stored)
|| !$this->_acl->isAllowed($auth_all_items_stored->role, $resource,
$action) {

...

}


That should redirect to the auth controller / login action if there is
either no session information available, or if the current user is not
allowed to access this particular rule.

Either way, just ensure you actually have an object in the auth/session
first.

-ralph

Re: [fw-mvc] Re: Changing get parameters to controller/action/param/value/param/value

The thing is that GET form sends parameters as part of query, thing after question mark, and page must be redirected in order to get nice "/param/value" URL. In musicbackingtracks.com example, form sends POST parameters, application rewrites them to target url, and then whole page is redirected via 302 redirect.
Having form that create nice URL is not important to SEO at all , since search engines should not use forms. Important thing is not to have non-SEO URLs available in rendered content that can be indexed by google. If you still need the very form to shoot on this kind of URL, without back-end processing of parameters, you must use some  javascript on submit callback.

Andreja

On Thu, Mar 11, 2010 at 4:20 PM, Andy Daykin <daykinandy@gmail.com> wrote:
Take for example this site http://www.musicbackingtracks.co.uk/tracks/search/artist/creed, I just picked a site build with codeigniter, that has a search form. The parameter is artist, with a value of creed. They are able to get nice looking url's with search forms, that's what I am really looking for. SEO is the main concern that I have, it's not really about looking good in a browser.
 
-Andy

Sent: Tuesday, March 09, 2010 5:08 AM
Subject: Re: [fw-mvc] Re: Changing get parameters to controller/action/param/value/param/value

in your view script, where you use the helper.

The url in the browser will only look like this after you click the link generated by the view helper.

Is it only about a good looking url in the browser? The get request from a search form for example will still have the question mark. But I cannot see the problem with that.

Bart


Op 8-3-2010 19:24, Andy Daykin schreef:
So where in my code would I put:
 
$url = $view->url($_GET)
 
Is that something that should be added in the bootstrap. Will the actual url in the browser look like
http://example.com/controller/action/param/value
?
 
Thanks,
 
-Andy

Sent: Monday, March 08, 2010 6:18 AM
Subject: Re: [fw-mvc] Re: Changing get parameters to controller/action/param/value/param/value

Hi Andy,

I probably posted to the wrong list, so you may have missed it. I set out to fix a couple of issues with the Zend_View_Helper_Url.

No one objected to that, so I also filed your issue in the issue tracker and assigned it to myself.

I did not yet look into it much, but it seems that how the url is assembled in the view helper  depends on which type of router is in use at that moment.

There a quite a few router types, so I must first choose if all routers can be made to preserve get parameters in the new form and if this will brake people's applications if they rely on the helper not preserving the get params.

In the meanwhile, while trying to write up a testcase for Zend_View_Helper_Url, I found that what you are trying to achieve can be simply accomplished by writing:

$url = $view->url($_GET);

This will put all of your $_GET parameters in the form you desire.

I accidentally stumbled upon this and I now realize that I must update the issue and resolve it with this tip.

Regards,

Bart McLeod

Andy Daykin schreef:
My intent was to find a way to change the part of the code where the get variables are picked up, so I can do:
 
$this->getRequest()->getParam('param');
 
 
 
using something like $request_uri = preg_replace("|/(.*)|", "\\1", str_replace("\\", "/", $_SERVER['REQUEST_URI']));
 
So I would be manipulating the url that comes in and the variable from where the getParam method takes in the get parameters.
 
What variables would I need to change if I wrote a function in the bootstrap?
 
-Andy

Sent: Wednesday, March 03, 2010 3:34 AM
Subject: Re: [fw-mvc] Re: Changing get parameters to controller/action/param/value/param/value

Guys, it's not just for better looking urls.

There is another problem with  /controller/action?param=value, url helper don't see get parameters, it only see parametersif they are zf style, so param will not be handled by url helper if it is not in zf param style.

People coming up with their own implementations for url helper which handles this, example http://robertbasic.com/blog/myurl-view-helper-for-zend-framework/


Regards,
Saša Stamenković


On Wed, Mar 3, 2010 at 10:03 AM, Bart McLeod <mcleod@spaceweb.nl> wrote:


David Muir schreef:
That would only be necessary if the desired form were actually required.  Zend's default router sees them as being equivalent: /controller/action/param/value /controller/action?param=value  so in both cases $this->getRequest()->getParam('param'); //returns 'value'  However, if you're wanting something like: /search/value   
For this, you only need a custom route. No extra rewrite.
The point in the original post is that for some unknown reason the get url should be consistent with the other urls in the application.
So the question is how can we make /controller/action?param=value appear as /controller/action/param/value
But the more important question, as pointed out by Andreas is "Why?"

then yes, you'll need to do the rewrite server-side.      

--
Bart McLeod
Space Web
Middenlaan 47
6865 VN Heveadorp
The Netherlands
t +31(0)26 3392952
m 06 51 51 89 71
@ info@spaceweb.nl
www.spaceweb.nl
zce logozce PHP 5 logo zce Zend Framework logo

Bart McLeod is a Zend Certified Engineer.

Click to verify!



--
Bart McLeod
Space Web
Middenlaan 47
6865 VN Heveadorp
The Netherlands
t +31(0)26 3392952
m 06 51 51 89 71
@ info@spaceweb.nl
www.spaceweb.nl
zce logozce PHP 5 logo zce Zend Framework logo

Bart McLeod is a Zend Certified Engineer.

Click to verify!


--
Bart McLeod
Space Web
Middenlaan 47
6865 VN Heveadorp
The Netherlands
t +31(0)26 3392952
m 06 51 51 89 71
@ info@spaceweb.nl
www.spaceweb.nl
zce logozce PHP 5 logo zce Zend Framework logo

Bart McLeod is a Zend Certified Engineer.

Click to verify!


2010年3月14日星期日

[fw-auth] Confusion with Zend_ACL

Hi,

I am totally new with Zend Framework, Php and also stepping new in the professional life, so don't mind if my questions seems silly to you.

I am following the Zend Tutorials on youtube by alexander;

http://www.youtube.com/watch?v=6vhxo2oL70E


This is the error i'm getting on my page for the ROLE variable when i'm running my code:

Notice: Trying to get property of non-object in C:\wamp\www\ZCF_Documents\application\plugins\AccessCheck.php  on line 18

As far as I know, this error is when Zend doesn't find the mentioned variable in the code or it is not transferred to the calling code properly. But what I want to inquire is that why are you not getting this error and I am. I have followed your tutorial, still the ROLE in my code doesn't seem to transfer at all. I inquire the reason and want to know what is it that I am missing??? may be my concepts with Zend variables in ACL coding are not clear enough...Help needed please.


----------<<<<<<<<>>>>>>>>>---
-----------
this is my AccessCheck.php code:
----------<<<<<<<<>>>>>>>>>--------------

<?php
class Plugin_AccessCheck extends Zend_Controller_Plugin_Abstract {

    private $_acl= null;
    private $_auth = null;

    public function __construct(Zend_Acl $acl, Zend_Auth $auth) {
        $this->_acl=$acl;
        $this->_auth=$auth;
    }

    public function preDispatch(Zend_Controller_Request_Abstract $request) {

        $resource = $request->getControllerName();
        $action = $request->getActionName();

        $auth_all_items_stored = $this->_auth->getStorage()->read();
        $role = $auth_all_items_stored->role;

        if(!$this->_acl->isAllowed($role, $resource, $action)) {

            $request->setControllerName('authentication')
                ->setActionName('login');
        }
    }
}



----------<<<<<<<<>>>>>>>>>--------------
My Model code:
----------<<<<<<<<>>>>>>>>>--------------

<?php

class Model_Authentication_User extends Zend_Acl {
    protected $_name = 'user';

    public function __construct() {
        $this->add(new Zend_Acl_Resource('index'));
        $this->add(new Zend_Acl_Resource('authentication'));

        $this->add(new Zend_Acl_Resource('documents'));
        $this->add(new Zend_Acl_Resource('edit'),'documents');
        $this->add(new Zend_Acl_Resource('add'),'documents');
        $this->add(new Zend_Acl_Resource('list'),'documents');

//        $this->add(new Zend_Acl_Resource('docs'));
//        $this->add(new Zend_Acl_Resource('list'),'docs');

        $this->addRole(new Zend_Acl_Role('user'));
        $this->addRole(new Zend_Acl_Role('admin'),'user');

        $this->allow('user','index');
        $this->allow('user','documents');
        $this->allow('user','authentication');
        $this->allow('user','documents','list');
        $this->allow('admin','documents','list');
        $this->allow('admin','documents','edit');
        $this->allow('admin','documents','add');
    }
}

----------<<<<<<<<>>>>>>>>>--------------
this is my Controller code:
----------<<<<<<<<>>>>>>>>>--------------

class AuthenticationController extends Zend_Controller_Action {

public function loginAction() {

        if(Zend_Auth::getInstance()->hasIdentity()) {
            echo 'asg';
            $this->_redirect('authentication/index');
        }
        $req = $this->getRequest();

        $form = new Form_LoginPage();
       
        if($req->isPost()) {
            if($form->isValid($this->_request->getPost())) {

                $AuthentAdapter = $this->getAuthAdapter();

                $user_name = $form->getValue('username');
                $user_password = $form->getValue('userpassword');

                $AuthentAdapter ->setIdentity($user_name)
                    ->setCredential($user_password);

                $auth=Zend_Auth::getInstance();

                $result = $auth->authenticate($AuthentAdapter);

                if($result->isValid()) {
                    $identity=$AuthentAdapter->getResultRowObject();
                    $authStorage = $auth->getStorage();
                    $authStorage->write($identity);

                    $this->_redirect('Documents/list');
                }
                else
                    $this->view->errorMessage = 'Invalid User name or Password provided, try again';
            }
        }
        $this->view->form = $form;
}



   private function getAuthAdapter() {


        $AuthentAdapter = new Zend_Auth_Adapter_DbTable(Zend_Db_Table::getDefaultAdapter());

        $AuthentAdapter->setTableName('user')
            ->setIdentityColumn('user_name')
            ->setCredentialColumn('user_password');
        return $AuthentAdapter;
      }
}

2010年3月13日星期六

[fw-webservices] Re: [PHP-DEV] RFC - "class underloading" -or- "ancestor overloading"

On 13 March 2010 01:50, Chris Trahey <christrahey@gmail.com> wrote:
> Perhaps a new concept in class-based OO programming, I'm not sure.
>
> Depending on your perspective you could call it ancestor overloading (or
> upstream overloading) or class underloading.
>
>
> We are increasingly developing with the aid of frameworks & libraries. In
> fact, this idea came from my current project using the Zend Framework.
>
> These libraries, while greatly extensible, are also fairly self-extending.
> That is, they include many classes that extend many classes, which is great.
>
> As consumers of these libraries, we can extend the classes and consume the
> API however we please, but there is one sticking point.
>
> We cannot change classes that many other classes extend without extending or
> changing each child class and then making sure that our code uses the new
> class.
>
>
> For a concrete example, I was working with the Zend_Form_Element subclasses,
> and I realized that I wanted to change some of the default behavior (in
> Zend_Form_Element).
>
> - at this point I will assume the reader understands why I wouldn't want to
> just start changing the Zend library files -
>
> There are many subclasses of Zend_Form_Element. If you want to change the
> default behavior for all of them, you have 3 choices currently:
>
> 1. Directly edit the Zend_Form_Element file in the library, -bad for updates
> & other projects that use the library
>
> 2. subclass Zend_Form_Element and change declaration of the descendants to
> extend new class - same problems
>
> 3. extend each child class and implement those subclasses in your app code
> -very tedious and TONS of repeated code, breaks consistency of API for
> developers.
>
>
> There could be a better way, if we could insert a class into the family
> tree.
>
> And that's the heart of this idea, so I'll repeat it:
>
> * insert a class into the family tree *
>
>
> Image we do it using an alternative keyword to "extends", such as
> "overloads".
>
>
> Example:
>
>
> class Library_Class { }
>
> class Library_Subclass extends Library_Class {}
>
> and then:
>
> class My_LibClass_Overload overloads Library_Class{}
>
>
> Now new instances of Library_Subclass actually extend My_LibClass_Overload,
> which "extends" Library_Class. The developer would then code
> My_LibClass_Overload as if it were declared like this:
>
> class Library_Class {}
>
> class My_LibClass_Overload extends Library_Class {}
>
> class Library_Subclass extends My_LibClass_Overload {}
>
>
> But indeed the declaration of Library_Subclass would *not* have to change.
>
>
> This way developers could "extend" default functionality and have *existing*
> library classes pick up the new functionality without redeclaring anything
> in the library.
>
> Downstream classes would still override any methods that they redeclare. If
> you wanted to have end-point classes in the library have different behavior,
> you would overload them instead, such as
>
> class My_LibSubclass_Overload overloads Lib_Subclass {}
>
>
> The benefit is that the application code can still consume "standard"
> classes, such as Library_Subclass and not need to know or care about the
> extended functionality.
>
>
> Going back to my concrete example, my code could then still use
> Zend_Form_Element_Text, but benefit from the modifications I added, without
> me having to touch the library code.
>
>
> I hope I've explained clearly what this could look like. I'm a younger
> developer, so forgive me if I'm rough on the terminology -perhaps
> overload/underload is not the best word for this functionality. Also, I'm
> not sure if there are other class-based OO languages that allow this kind of
> behavior... Prototypal languages perhaps, as is the case with javascript and
> the Obj.prototype which (combined with anonymous functions) allows you to
> extend the "base" functionality of other objects that "extend" it.
>
>
> Thank you for your comments and thoughts!
>
>
> Chris Trahey

I had exactly the same issue with Zend_Soap_AutoDiscover. This class
uses Zend_Soap_Wsdl to create the WSDL file for a SOAP service.

The class was hard coded. The AutoDiscover class allowed you to supply
a class name to handle complex types, but not in conjunction with xsd
scalar types. The Zend_Soap_Wsdl class handled php -> xsd types and
read docblocks for that.

But if the docblock had an xsd type (xsd:datetime, xsd:token, etc.)
which are used to tell the consumer what the type is, then there was
no way to get these in.

So, I created this patch
http://framework.zend.com/code/changelog/Zend_Framework?cs=21379 (diff
http://framework.zend.com/code/browse/Zend_Framework/standard/trunk/library/Zend/Soap/AutoDiscover.php?r1=20096&r2=21379)
which allows me to supply an alternative class name in a similar
fashion to being able to supply a complex type handler class name.

This was the easiest route I could find and the least impacting (full
BC exists).

The amendment I made to allow a subclass to be used as an alternative
is a one off hit, so maybe this technique could be used for Zend_Form
(I assume this is the class you are needing to amend).

Regards,

Richard.

--
-----
Richard Quadling
"Standing on the shoulders of some very clever giants!"
EE : http://www.experts-exchange.com/M_248814.html
EE4Free : http://www.experts-exchange.com/becomeAnExpert.jsp
Zend Certified Engineer : http://zend.com/zce.php?c=ZEND002498&r=213474731
ZOPA : http://uk.zopa.com/member/RQuadling

[fw-gdata] Re: Problems with: $client = Zend_Gdata_ClientLogin::getHttpClient($user,$pass,$service);

Hi there,

Thanks for your reply.

>You need to load Zend_Uri_Http, too.

Kindly refer to the code below. I managed to get this running after my
original post to the list and as you can see, I didn't specifically load
Zend_Uri_Http. The code below is pretty much lifted straight from the
documentation and it didn't specifically suggest the need to load
Zend_Uri_Http, otherwise, I would have done this.

The problem seems to arise when I run the code in the context of my
preferred framework and so after getting the Zend code to run as shown
below, I did escalate the problem to my framework vendor to see whether they
could see a reason as to why the code failed in its initial form.

However, I will certainly try your suggestion in the context of my framework
and see whether it helps in any way.

Again, thanks for your help.

<?php

require_once('../ZendGdata/library/Zend/Loader.php');

Zend_Loader::loadClass('Zend_Gdata');
Zend_Loader::loadClass('Zend_Gdata_AuthSub');
Zend_Loader::loadClass('Zend_Gdata_ClientLogin');
Zend_Loader::loadClass('Zend_Gdata_Calendar');

$user = '*******';
$pass = '*******';
$service = Zend_Gdata_Calendar::AUTH_SERVICE_NAME;
$client = Zend_Gdata_ClientLogin::getHttpClient($user,$pass, $service);

$gdataCal = new Zend_Gdata_Calendar($client);
$calFeed = $gdataCal->getCalendarListFeed();
echo '<h1>' . $calFeed->title->text . '</h1>';
echo '<ul>';
foreach ($calFeed as $calendar) {
echo '<li>' . $calendar->title->text . '</li>';
}

echo '</ul>';

?>
--
View this message in context: http://n4.nabble.com/Problems-with-client-Zend-Gdata-ClientLogin-getHttpClient-user-pass-service-tp1590852p1591613.html
Sent from the Zend gdata mailing list archive at Nabble.com.

2010年3月12日星期五

Re: [fw-gdata] Problems with: $client = Zend_Gdata_ClientLogin::getHttpClient($user,$pass,$service);

You need to load Zend_Uri_Http, too.

On Fri, Mar 12, 2010 at 9:37 AM, geester <garycwynne@googlemail.com> wrote:

Hi,

Total Newbie to this.

In my code below, I am getting the following error:

"A server error has occurred:

require(Zend_Uri_Http.php): failed to open stream: No such file or directory
in /Applications/MAMP/htdocs/ZendGdata/library/Zend/Uri.php
on line 126"

I downloaded and installed the latest build of the Zend Google library code.
Any ideas what may be wrong? Any help would be greatly appreciated.

Thanks.



<?php

require_once('../NOLOH/NOLOH.php');
require_once('Zend/Loader.php');

Zend_Loader::loadClass('Zend_Gdata');
Zend_Loader::loadClass('Zend_Gdata_AuthSub');
Zend_Loader::loadClass('Zend_Gdata_ClientLogin');
Zend_Loader::loadClass('Zend_Gdata_Calendar');

class GCal extends WebPage {

   function GCal() {
       parent::WebPage();

       $user = 'xxxxxxxxx';
       $pass = 'xxxxx';
       $service = Zend_Gdata_Calendar::AUTH_SERVICE_NAME; // predefined
service name for calendar
       $client =
Zend_Gdata_ClientLogin::getHttpClient($user,$pass,$service);
   }
}
?>
--
View this message in context: http://n4.nabble.com/Problems-with-client-Zend-Gdata-ClientLogin-getHttpClient-user-pass-service-tp1590852p1590852.html
Sent from the Zend gdata mailing list archive at Nabble.com.


[fw-gdata] Problems with: $client = Zend_Gdata_ClientLogin::getHttpClient($user,$pass,$service);

Hi,

Total Newbie to this.

In my code below, I am getting the following error:

"A server error has occurred:

require(Zend_Uri_Http.php): failed to open stream: No such file or directory
in /Applications/MAMP/htdocs/ZendGdata/library/Zend/Uri.php
on line 126"

I downloaded and installed the latest build of the Zend Google library code.
Any ideas what may be wrong? Any help would be greatly appreciated.

Thanks.

<?php

require_once('../NOLOH/NOLOH.php');
require_once('Zend/Loader.php');

Zend_Loader::loadClass('Zend_Gdata');
Zend_Loader::loadClass('Zend_Gdata_AuthSub');
Zend_Loader::loadClass('Zend_Gdata_ClientLogin');
Zend_Loader::loadClass('Zend_Gdata_Calendar');

class GCal extends WebPage {

function GCal() {
parent::WebPage();

$user = 'xxxxxxxxx';
$pass = 'xxxxx';
$service = Zend_Gdata_Calendar::AUTH_SERVICE_NAME; // predefined
service name for calendar
$client =
Zend_Gdata_ClientLogin::getHttpClient($user,$pass,$service);
}
}
?>
--
View this message in context: http://n4.nabble.com/Problems-with-client-Zend-Gdata-ClientLogin-getHttpClient-user-pass-service-tp1590852p1590852.html
Sent from the Zend gdata mailing list archive at Nabble.com.

Re: [fw-mvc] Re: Changing get parameters to controller/action/param/value/param/value

How do you get any SEO benefit out of a form that requires text input? Is Google going to crawl your site and submit your form with various keywords in the text field?

What I'd do (for SEO) is create links to popular searches. It shouldn't matter if it's in the form of /param/value or ?param=value. As long as it's a link (and doesn't have rel="nofollow" attribute), crawlers should follow it.

--
Hector


On Thu, Mar 11, 2010 at 7:20 AM, Andy Daykin <daykinandy@gmail.com> wrote:
Take for example this site http://www.musicbackingtracks.co.uk/tracks/search/artist/creed, I just picked a site build with codeigniter, that has a search form. The parameter is artist, with a value of creed. They are able to get nice looking url's with search forms, that's what I am really looking for. SEO is the main concern that I have, it's not really about looking good in a browser.
 
-Andy

Sent: Tuesday, March 09, 2010 5:08 AM
Subject: Re: [fw-mvc] Re: Changing get parameters to controller/action/param/value/param/value

in your view script, where you use the helper.

The url in the browser will only look like this after you click the link generated by the view helper.

Is it only about a good looking url in the browser? The get request from a search form for example will still have the question mark. But I cannot see the problem with that.

Bart


Op 8-3-2010 19:24, Andy Daykin schreef:
So where in my code would I put:
 
$url = $view->url($_GET)
 
Is that something that should be added in the bootstrap. Will the actual url in the browser look like
http://example.com/controller/action/param/value
?
 
Thanks,
 
-Andy

Sent: Monday, March 08, 2010 6:18 AM
Subject: Re: [fw-mvc] Re: Changing get parameters to controller/action/param/value/param/value

Hi Andy,

I probably posted to the wrong list, so you may have missed it. I set out to fix a couple of issues with the Zend_View_Helper_Url.

No one objected to that, so I also filed your issue in the issue tracker and assigned it to myself.

I did not yet look into it much, but it seems that how the url is assembled in the view helper  depends on which type of router is in use at that moment.

There a quite a few router types, so I must first choose if all routers can be made to preserve get parameters in the new form and if this will brake people's applications if they rely on the helper not preserving the get params.

In the meanwhile, while trying to write up a testcase for Zend_View_Helper_Url, I found that what you are trying to achieve can be simply accomplished by writing:

$url = $view->url($_GET);

This will put all of your $_GET parameters in the form you desire.

I accidentally stumbled upon this and I now realize that I must update the issue and resolve it with this tip.

Regards,

Bart McLeod

Andy Daykin schreef:
My intent was to find a way to change the part of the code where the get variables are picked up, so I can do:
 
$this->getRequest()->getParam('param');
 
 
 
using something like $request_uri = preg_replace("|/(.*)|", "\\1", str_replace("\\", "/", $_SERVER['REQUEST_URI']));
 
So I would be manipulating the url that comes in and the variable from where the getParam method takes in the get parameters.
 
What variables would I need to change if I wrote a function in the bootstrap?
 
-Andy

Sent: Wednesday, March 03, 2010 3:34 AM
Subject: Re: [fw-mvc] Re: Changing get parameters to controller/action/param/value/param/value

Guys, it's not just for better looking urls.

There is another problem with  /controller/action?param=value, url helper don't see get parameters, it only see parametersif they are zf style, so param will not be handled by url helper if it is not in zf param style.

People coming up with their own implementations for url helper which handles this, example http://robertbasic.com/blog/myurl-view-helper-for-zend-framework/


Regards,
Saša Stamenković


On Wed, Mar 3, 2010 at 10:03 AM, Bart McLeod <mcleod@spaceweb.nl> wrote:


David Muir schreef:
That would only be necessary if the desired form were actually required.  Zend's default router sees them as being equivalent: /controller/action/param/value /controller/action?param=value  so in both cases $this->getRequest()->getParam('param'); //returns 'value'  However, if you're wanting something like: /search/value   
For this, you only need a custom route. No extra rewrite.
The point in the original post is that for some unknown reason the get url should be consistent with the other urls in the application.
So the question is how can we make /controller/action?param=value appear as /controller/action/param/value
But the more important question, as pointed out by Andreas is "Why?"

then yes, you'll need to do the rewrite server-side.      

--
Bart McLeod
Space Web
Middenlaan 47
6865 VN Heveadorp
The Netherlands
t +31(0)26 3392952
m 06 51 51 89 71
@ info@spaceweb.nl
www.spaceweb.nl
zce logozce PHP 5 logo zce Zend Framework logo

Bart McLeod is a Zend Certified Engineer.

Click to verify!



--
Bart McLeod
Space Web
Middenlaan 47
6865 VN Heveadorp
The Netherlands
t +31(0)26 3392952
m 06 51 51 89 71
@ info@spaceweb.nl
www.spaceweb.nl
zce logozce PHP 5 logo zce Zend Framework logo

Bart McLeod is a Zend Certified Engineer.

Click to verify!


--
Bart McLeod
Space Web
Middenlaan 47
6865 VN Heveadorp
The Netherlands
t +31(0)26 3392952
m 06 51 51 89 71
@ info@spaceweb.nl
www.spaceweb.nl
zce logozce PHP 5 logo zce Zend Framework logo

Bart McLeod is a Zend Certified Engineer.

Click to verify!