advanced symfony techniques

Advanced symfony TechniquesKris Wallsmith

@kriswallsmith

• Release Manager for symfony 1.3 & 1.4

• On Symfony and Doctrine teams

• Senior Software Engineer at

• 10 years experience with PHP and web development

• Open source evangelist and international speaker

• Hopeless plugin developer…

• DbFinderPlugin

• sfControlPanelPlugin

• sfDoctrineDynamicFormRelationsPlugin

• sfDoctrineMasterSlavePlugin

• sfFeed2Plugin

• sfFormYamlEnhancementsPlugin

• sfGoogleAnalyticsPlugin

• sfGoogleWebsiteOptimizerPlugin

• sfModerationPlugin

• sfPagerNavigationPlugin

• sfPropelActAsPolymorphicBehaviorPlugin

• sfSimpleBlogPlugin

• sfSimpleCMSPlugin

• sfSimpleForumPlugin

• sfSpyPlugin

• sfSslRequirementPlugin

• sfStatsPlugin

• sfTaskExtraPlugin

• sfWebBrowserPlugin

Please see me if you want tohelp with or take overa plugin's maintenance.

Lots to choose from!

#phpmatsuriOctober 2-3, 2010

Tokyo

• Around 90 attendees

• CakePHP, Symfony, & Lithiumwere represented

• Most folks were CakePHP users

• CakePHP documentation wastranslated early, so…

• Please help translate Symfony2 & Doctrine2 documentation!

#phpmatsuri

PSEUDO CODE AHEAD

CAUTION

Host Aware Routing

domain.com

foobar.domain.com

barfoo.domain.com

homepage: url: / param: { module: main, action: indexOrDash }


if (preg_match('/.../', $r->getHost(), $m))

• ->matchesUrl(...)Does the supplied URL match this route?

class sfRoute

GET / HTTP/1.0Host: foobar.domain.com


• ->matchesParameters(...)Do the supplied parameters match this route?

class sfRoute

url_for('main/dashboard?username=foobar')

Very slow


• ->matchesParameters(...)Do the supplied parameters match this route?

• ->generate(...)Generate a URL using this route and these parameters.

class sfRoute

url_for('@dashboard?username=foobar')

->matchesUrl(...)

• $urlThe current URI

• $contextAn array of contextual information, including the current host

• Returns false or an array of parameters extracted from the URI

->matchesParameters(...)

• $paramsAn associative array of parameter names and values


• Returns true or false

->generate(...)

• $paramsAn associative array of parameter names and values


• $absoluteWhether to generate an absolute URL

• Returns the generated URL

Process the host string with a second, internal route

public function __construct(...){ list($host, $pattern) = explode('/', $pattern, 2);

$hostRoute = $this->createHostRoute($host, ...);

parent::__construct(...);}

public function matchesUrl($url, $c){ // check parent::matchesUrl() first

$hp = $hostRoute->matchesUrl('/'.$c['host'], $c);

// include host parameters in return}

public function matchesParameters($p, $c){ $hp = $this->extractHostParams($p);

return parent::matchesParameters($p, $c) && $hostRoute->matchesParameters($hp, $c);}

public function generate($p, $c, $abs){ $hp = $this->extractHostParams($p);

// protocol, prefix...

$host = $hostRoute->generate($hp, $c, false); $uri = parent::generate($p, $c, false);

return $protocol.':/'.$host.$prefix.$uri;}

Hardcoded FTL :(homepage: url: domain.com/ class: sfHostAwareRoute param: { module: main, action: index }

dashboard: url: :username.domain.com/ class: sfHostAwareRoute param: { module: main, action: dashboard }

homepage: url: %APP_HOST%/ class: sfHostAwareRoute param: { module: main, action: index }

dashboard: url: :username.%APP_HOST%/ class: sfHostAwareRoute param: { module: main, action: dashboard }

Custom Config Handler

class sfHostAwareRoutingConfigHandler extends sfRoutingConfigHandler{ protected function parse($configFiles) { return array_map( array($this, 'filterRoute'), parent::parse($configFiles) ); }

// ...}

protected function filterRoute($route){ list($class, $args) = $route;

$args[0] = $this->replaceConstants($args[0]);

return array($class, $args);}

Free FTW!

# config_handlers.ymlconfig/routing.yml: class: sfHostAwareRoutingConfigHandler file: %SF_LIB_DIR%/sfHostAwareRout...

sfHostAwareRoutingPluginAdd subdomains to your routing rules.

Graceful POST Authentication

An example…

CENSORED

CENSORED

Where's my blog post!?!

#FAIL

Extend the security filter

class GracefulSecurityFilter extends sfBasicSecurityFilter{ protected function forwardToLoginAction() { // stash the interrupted request $attr->add(array( 'module' => $context->getActionName(), 'action' => $context->getModuleName(), 'method' => $request->getMethod(), 'params' => $requestParams->getAll(), ), 'stash');

parent::forwardToLoginAction(); }}

# filters.ymlsecurity: class: GracefulSecurityFilter

Replay the stashed requestafter login

// called after authenticationprotected function replayStashedRequest(){ if ($s = $attr->removeNamespace('stash')) { $request->setMethod($s['method']);

$params->clear(); $params->add($s['params']);

$this->forward($s['module'], $s['action']); }}

Extra Security

An example…

# security.ymlacceptInvitation: is_secure: true extra_credentials: account: { lifetime: 300 }

Events to the rescue!

controller.change_action

// connect to the event$ed->connect('controller.change_action', $cb)

// check security.yml$action->getSecurityValue('extra_credentials')

// check current user$u->getAttribute('extra_credentials', array())

// remove any expired credentials$now = time();foreach ($creds as $name => $attr){ if ($now > $attr['expires_at']) { unset($creds[$name]); }}

// stash credentials and referer$u->setAttribute('challenge_credentials', ...)$u->setAttribute('challenge_referer', ...)

// forward to challenge form$controller->forward('security', 'challenge')throw new sfStopException();

// add the granted credentials$now = time();foreach ($new as $name => $attr){ $creds[$name] = array( 'expires_at' => $now + $attr['lifetime'], );}$u->setAttribute('extra_credentials', $creds);

// send them on their way$this->redirect($referer);

sfExtraSecurityPluginRe-prompt your users for authentication.

Javascript Compression

class jsActions extends sfActions{ public function executeWidget(sfWebRequest $req) { $this->lightbox = $req->hasParameter('lb'); $this->debug = $req->hasParameter('debug'); }}

<?php if ($debug): ?>console.log("embedding mootools");<?php endif; ?>

var e = document.createElement("script");e.src = "<?php echo public_path('js/moo.js', true) ?>";e.async = true;document.body.appendChild(e);

// etc...

Custom View Class

# module.ymlall: view_class: Javascript

JavascriptView

class JavascriptView extends sfPHPView{ public function render() { return $this->compress(parent::render()); }

protected function compress() { // ... }}

$i = tempnam(sys_get_temp_dir(), __CLASS__);$o = tempnam(sys_get_temp_dir(), __CLASS__);

file_put_contents($i, $content);

shell_exec(vsprintf( 'java -jar %s --type js -o %s %s', array_map('escapeshellarg', array($yui, $o, $i))));

return file_get_contents($o);

Standard Caching

# cache.ymlwidget: enabled: true with_layout: true

developer.yahoo.com/yui/compressor/

A Few Apache Tricks

rm web/.htaccess

AllowOverride None

<Directory /path/to/web> Include /path/to/.htaccess</Directory>

Core Assets

Missing Assets #FAIL :(

AliasMatch /sf/(.*) /path/to/symfony/data/web/sf/$1

AliasMatch /sfDoctrinePlugin/(.*) /path/to/sfDoctrinePlugin/web/$1

NameVirtualHost *:80<VirtualHost _default_:80> # ...

Assets Found FTW!

The Dreaded Trailing Slash…

RewriteEngine OnRewriteRule ^(.*)/$ /$1 [R=301,L]

GET /about/ HTTP/1.1Host: domain.com

HTTP/1.1 301 Moved PermanentlyLocation: http://domain.com/about

Embedded Forms

Person

One book has many authors,one author has many books.

Book

Authors

Book: columns: title: string(255) relations: authors: { class: Person, refClass: BookAuthor }BookAuthor: columns: book_id: integer author_id: integer relations: book: { local: book_id } author: { class: Person, local: author_id }Person: columns: name: string(255)

// embed related forms$this->embedRelation('authors');unset($this['authors_list']);

// embed related forms dynamically!$this->embedDynamicRelation('authors');

form.method_not_found

form.filter_values

// called when a form is configuredpublic function embedDynamicRelation($name){ $rel = $table->getRelation($name); $this->rels[] = $rel;

$this->doEmbed($name, $obj->get($rel->getAlias()));}

// called when a form is boundpublic function filterValues(sfEvent $event, $values){ foreach ($this->rels as $rel) { $name = $rel->getName(); $this->doEmbed($name, $values[$name]); }

$obj->addListener(new DeleteListener($form));}

$parent = new BaseForm();foreach ($values as $i => $value) { if (is_object($value)) { // create form with object } elseif ($value['id']) { // find previously embedded form } else { // create a new form }

$parent->embedForm($i, $child);}

$form->embedForm($rel->getName(), $parent);

// extract existing objects from embedded forms// and compare to the current object collectionpublic function preSave(Doctrine_Event $event){ foreach ($coll as $i => $obj) { $pos = array_search($obj, $existing, true); if (false === $pos) $coll->remove($i);

if ($column['notnull']) $obj->delete(); }}

sfDoctrineDynamicFormRelationsPluginCommon sense embedded forms.

Questions?

• Host aware routing

• Graceful POST authentication

• Extra security

• Javascript compression

• Apache tricks

• Embedded forms

OpenSky is Hiring!http://engineering.shopopensky.com

Please contact me if you're interested.

Thank you!

advanced symfony techniques

Technology

supplied url

absolute url

generated url

host parameters

current host

class gracefulsecurityfilter

class sfroute matchesurl

array of parameters