Archives

by Kévin Dunglas

DunglasTorControlBundle, TorControl Symfony integration

I’ve just released a new Symfony bundle to use easily the PHP TorControl library with the framework. TorControl is a library I’ve wrote designed to control a Tor server using the control socket.

Install the bundle using Composer. Type this command in your Symfony project directory:

composer require dunglas/torcontrol-bundle:dev-master

Enable the bundle, edit your app/config.yml to match your Tor server configuration (look at the README.md file) and get a TorControl instance using the Symfony’s service container. In a controller implementing the ContainerAware interface:

$tc = $this->get('torcontrol');

As usual, you can download the bundle and its documentation on GitHub.

by Kévin Dunglas

Symfony 2, Backbone.js et Chaplin.js : une implémentation de TodoMVC

Je viens de publier une implémentation du célèbre TodoMVC sous forme de  bundle Symfony 2. Cela fait suite à mon précèdent article sur l’utilisation de Symfony avec les bibliothèques JavaScript Chaplin.js et Backbone.js.

Screenshot Symfony Todomvc

TodoMVC est un projet présentant de nombreuses implémentations de la même application de gestion de tâches (todo) à l’aide des frameworks JavaScript MV* les plus populaires (Backbone.js, AngularJS, Ember.js, KnockoutJS…). Il permet ainsi de découvrir ces frameworks et de choisir celui qui nous semble le plus adapté.

L’ implémentation que je propose contient le code du frontend, mais aussi le backend réalisé à l’aide de Symfony.

Le bundle fourni un example d’intégration complète de Backbone, Chaplin et Symfony. Il inclus une API REST JSON réalisée à l’aide de FOSRestBundle et du framework de formulaire de Symfony, l’entité Doctrine représentant un Todo, le code CoffeeScript de l’application cliente, la vue chargeant la SPA et quelques tests fonctionnels.

Essayez la démo et consultez le code sur GitHub.
Version anglaise de cet article.

by Kévin Dunglas

A Symfony 2 TodoMVC implementation using Backbone.js and Chaplin.js

I have just released an implementation of TodoMVC using Symfony 2 (the best PHP framework), Chaplin.js and Backbone.js. It follows my previous article on the use of these technologies (in french).

TodoMVC is a project which offers the same Todo application implemented using MV* concepts in most of the popular JavaScript MV* frameworks of today.

This a backend and frontend implementation of this project. It is a demo of Chaplin and Backbone working with Symfony.
Screenshot Symfony Todomvc

 

My bundle includes a JSON REST API built with FOSRestBundle and the Symfony’s form framework, the Doctrine entitiy, the view to load the SPA, the CoffeeScript code and some functional tests.

Try the demo and download it on GitHub.

French version of this article.

 

by Kévin Dunglas

Une doc (spartiate) pour le support MongoDB de l’admin Sonata pour Symfony 2

Il y’a plus d’un an déjà j’ai contribué le support de MongoDB au générateur d’admintration Sonata pour Symfony2.

Le projet n’était jusque le pas du tout documenté,  j’ai donc mis en ligne une petite documentation inspirée de celle du composant pour l’ORM. Attention, elle s’affiche mal sur GitHub à cause du format RST, il faut télécharger les fichiers.

J’en ai également profité pour corriger le composer.json qui ne fonctionnait plus et je publierais bientôt sous licence libre la démo d’un tout petit moteur de blog qui utilise MongoDB et l’admin Sonata, en espérant que ça puisse servir à quelques-uns.

by Kévin Dunglas

Sécuriser tant bien que mal une application Symfony installée dans un sous-répertoire

Souvent, pour des raisons de coups liées aux certificats SSL, il n’est pas possible d’installer une application Symfony dans son propre virtual host. L’application se retrouve alors dans un sous-répertoire du DocumentRoot, ouverte à tous vents et c’est une catastrophe en terme de sécurité !

Imaginons que notre DocumentRoot soit /home/web et que l’application Symfony soit installée dans le répertoire /home/web/my-sf-app/. Ainsi l’URL de l’application est https://example.com/my-sf-app/web. Si un utilisateur mal intentionné accède à https://example.com/my-sf-app/app/config/config.yml il obtient le fichier de configuration principal de l’application qui contient entre-autre les identifiants d’accès à la base de données… Mauvaise idée.

Sécurisons tant bien que mal tout ça (en partant du principe que votre serveur est Apache) grâce aux fichiers de configuration .htaccess :

Le premier, à créer, sera /home/web/my-sf-app/.htaccess et servira à interdire l’accès à tous les fichiers de l’application :

Order allow,deny
Deny from all

Le second, /home/web/my-sf-app/web/.htaccess, existe normalement déjà dans notre application Symfony (il est utilisé pour l’URL rewriting), ajoutons-y au début :

Order allow,deny
Allow from all

Ce n’est toujours pas la panacée, il est toujours aisée de reconnaitre quelle est la technologie employée à la structure des répertoires, mais c’est déjà mieux !

by Kévin Dunglas

A new Facebook Connect plugin for symfony 1: kdDoctrineGuardFacebookConnectPlugin

After some tests I realized that the plugin sfFacebookConnectPlugin created by fabriceb was no longer functional or maintained. I tried to correct some bugs but it’s a pain: the plugin is not adapted to the new version of the Facebook SDK.

So I have created new plugin called kdDoctrineGuardFacebookConnectPlugin available on GitHub or in the symfony 1 plugins repository. It provides a simple an easy way to add Facebook Connect support to your symfony 1 app and it works ! The code base is very small, easy to understand and has a voluntary limitation: only with sfDoctrineGuard auth method is supported (no Propel backend).

kdDoctrineGuardFacebookConnectPlugin adds a “Login with Facebook” button to the sfGuard signin form, automatically creates a sfGuard user and populates it with Facebook provided data (first name, last name, gender, location, hometown, Facebook profile link, …), and updates the profile if some data are changed on Facebook and provides a clean logout mechanism (from your app and from Facebook).

Downloads and installation instructions on the plugin GitHub page!

If  you are already using Symfony2, take a look at the noelg’s FacebookBundle.

by Kévin Dunglas

Introducing Publish It Yourself: a self-managed libre CMS

Publish It Yourself
===================
_Publish It Yourself_ is a self-managed CMS.
It is designed to create autonomous communities where users can directly create and manage content.
It is a mix between blogs and blogs platforms, digg-likes and open publishing websites such as (the Indymedia network)[http://www.indymedia.org].
It allows to publish and promote rich text articles and news. It includes many features: tagging with (triple tags)[http://en.wikipedia.org/wiki/Triple_tag#Triple_tags] support, comments, spam protection, themes, interface translation, registration system, peronnal users pages, Atom feeds, microformats,  and more!
Every pages are optimized for search engines, including expressives URLs and uniques titles.
It is wrote in PHP using the (symfony framework)[http://www.symfony-project.org]. It is modular and object oriented.
The Javascript part of the code uses (jQuery)[http://www.jquery.com], the built-in theme is (x)HTML 5 compliant.
This software is still in an early stage of developpement.
_Publish It Yourself_ is a free software covered by the (GNU Affero General Public License version 3)[http://www.fsf.org/licensing/licenses/agpl-3.0.html]. See the “LICENSE.txt“ file for futher informations.
For installation instructions, see the “INSTALL.markdown“ file.

Publish It Yourself is a self-managed CMS. It is designed to create autonomous communities where users can directly create and manage content.

It is a mix between blogs and blogs platforms, digg-likes and open publishing websites such as the Indymedia network.

It allows to publish and promote rich text articles and news. It includes many features: tagging with triple tags support, comments, spam protection, themes, interface translation, registration system, peronnal users pages, Atom feeds, microformats,  and more! Every pages are optimized for search engines, including expressives URLs and uniques titles.

It is written in PHP using the symfony framework. It is modular and object oriented. The Javascript part of the code uses jQuery, the built-in theme is (x)HTML 5 compliant.

This software is still in an early stage of development and probably has many bugs, please report them! It is a free software covered by the GNU Affero General Public License version 3.

You can try it online (database cleared periodically) or download it on GitHub. Contributions are welcome (see the TODO file inside the project root directory) and can be submitted directly on GitHub.

by Kévin Dunglas

Tag Suggestion for symfony

I just have created a patch for sfFormExtraPlugin. It provides a new form widget called sfWidgetFormJqueryTagSuggestion designed to suggest tags. It is based on the Tag Suggestion jQuery plugin of Remy Sharp.

Capture d'écran

You can download it from GitHub, just copy the files to the corresponding directories of your existing sfFormExtraPlugin installation or wait for upstream inclusion of my patch.

This widget integrates easily with sfPropelActAsTaggableBehaviorPlugin. Here is how to use it with this plugin.

You must have sfFormExtraPlugin with my patch and sfPropelActAsTaggableBehaviorPlugin properly installed and working. We consider that you have a model called Article with the taggable behavior.

Add jQuery to your javascripts

Like many others sfFormExtraPlugin widgets, the sfWidgetFormJqueryTagSuggestion requires jQuery to work. If you already have it installed, you can skip this step. Either, download jQuery to the
web/js/

directory of your project, open the
config/view.yml

file of your application and set it like that:

Of course, change the filename if needed.

Put Javascripts and CSS into your web directory

sfFormExtraPlugin need some CSS and Javascripts to work properly, run the symfony plugin:publish-assets command to put them into corrects directories.

Create a static function to retrieve matching tags

Its time to extend the TagPeer model class to add it a method allowing to retrieve tags corresponding to a query. Creates a new file called MyTagPeer.class.php into the
lib/model/

directory of your project containing the following code:

Do not forget to run symfony cc to clear the cache after that.

Create a controller method to send the result as JSON

We have the model, we need the controller. Create a new module called tag by running symfony generate:module yourapp tag and add the following method to the tagActions class:

Open your
routing.yml

file and add the following line to be able to access this action:

Modify your form to add the new tags suggestion widget

Open the form class you want to add this widget and add the following line to the end of the configure method:

We use the comma as separator instead of the space by default because this is the separator used by sfPropelActAsTaggableBehaviorPlugin.

Next, modify your call to the form in your actions to pass the AJAX URL as form option:

It’s done!

by Kévin Dunglas

Patch to use sfXssSafePlugin with symfony 1.2

HTML Purifier is a awesome PHP filter library designed to secure and add standard compliance to HTML. In websites including user generated content, this library allow to have mutlimedia pages including image, text formating and YouTube videos in a secure and SEO proof way thanks to rich text editors like Tiny MCE or FCK Editor and HTML purifier.

A plugin called sfXssSafePlugin is designed to integrate this library as an escapement strategy in symfony. If you have tried it with symfony 1.2 you can see this message:

HTML Purifier autoloader registrar is not compatible
with non-static object methods due to PHP Bug #44144;
Please do not use HTMLPurifier.autoload.php (or any
file that includes this file); instead, place the code:
spl_autoload_register(array(‘HTMLPurifier_Bootstrap’, ‘autoload’))
after your own autoloaders.

There are also some strict standards and constants compatibility problems. I’ve just wrote a patch to get this plugin working with symfony 1.2.

  1. Install sfXssSafePlugin like described in its README file
  2. Download my patch in the plugin’s folder
  3. Go into the plugin’s folder and run patch lib/helper/XssSafeHelper.php < XssSafeHelper.php.patch
  4. Edit your application configuration file (ie:
    apps/frontend/config/frontendConfiguration.class.php

    ) and add the following code into the configure() method:

It’s done ! I’ve submitted this patch to the plugin’s author. I hope it will be upstream soon :)

by Kévin Dunglas

Add reCAPTCHA widgets to Symfony forms

I’ve wrote a new Symfony plugin to add reCAPTCHA widgets and validation to Symfony new forms. reCAPTCHA is a free CAPTCHA service that helps to digitize books, newspapers and old time radio shows.

To install: checkout it from http://selfpublish.googlecode.com/svn/trunk/plugins/sfAnotherReCaptchaPlugin/ and put it in your Symfony plugins directory.

Next, get a reCAPTCHA key and put the following lines in your app.yml:

Clear the cache with the symfony cc and check that the plugin activated in projectConfiguration.class.php.
You are now able to add reCAPTCHA widgets and validators.

See the plugin’s README file or this register form with reCAPTCHA enabled to learn how to use it.

This plugin is distributed under the MIT license and is based on Arthur Koziel work.