Merge remote-tracking branch 'origin/2.7' into 2.7

weaverryan · weaverryan · commit 7ca213a8d741 · 2015-11-27T15:28:12.000-05:00
* origin/2.7: [#5828] Return early move the getEntityManager, only get it if needed Update front controller Tell about SYMFONY__TEMPLATING__HELPER__CODE__FILE_LINK_FORMAT Added new security advisories to the docs Fixed some wrong line numbers in doctrine.rst [Book][Templating] Update absolute URL asset to match 2.7 Update debug_formatter.rst Removed the use of ContainerAware class Book: Update Service Container Documentation Removed an outdate paragraph minor lang tweak Fixes done automatically by the docbot updated sentence Removed "http_basic" config from the login form cookbook
diff --git a/book/doctrine.rst b/book/doctrine.rst
@@ -534,10 +534,10 @@ Take a look at the previous example in more detail:
   responsible for handling the process of persisting and fetching objects
   to and from the database.
 
-* **line 16** The ``persist()`` method tells Doctrine to "manage" the ``$product``
+* **line 17** The ``persist()`` method tells Doctrine to "manage" the ``$product``
   object. This does not actually cause a query to be made to the database (yet).
 
-* **line 17** When the ``flush()`` method is called, Doctrine looks through
+* **line 18** When the ``flush()`` method is called, Doctrine looks through
   all of the objects that it's managing to see if they need to be persisted
   to the database. In this example, the ``$product`` object has not been
   persisted yet, so the entity manager executes an ``INSERT`` query and a
diff --git a/book/routing.rst b/book/routing.rst
@@ -1473,25 +1473,14 @@ route. With this information, any URL can easily be generated::
 
 .. note::
 
-    In controllers that don't extend Symfony's base
-    :class:`Symfony\\Bundle\\FrameworkBundle\\Controller\\Controller`,
-    you can use the ``router`` service's
-    :method:`Symfony\\Component\\Routing\\Router::generate` method::
+    The ``generateUrl()`` method defined in the base
+    :class:`Symfony\\Bundle\\FrameworkBundle\\Controller\\Controller` class is
+    just a shortcut for this code::
 
-        use Symfony\Component\DependencyInjection\ContainerAware;
-
-        class MainController extends ContainerAware
-        {
-            public function showAction($slug)
-            {
-                // ...
-
-                $url = $this->container->get('router')->generate(
-                    'blog_show',
-                    array('slug' => 'my-blog-post')
-                );
-            }
-        }
+        $url = $this->container->get('router')->generate(
+            'blog_show',
+            array('slug' => 'my-blog-post')
+        );
 
 In an upcoming section, you'll learn how to generate URLs from inside templates.
 
diff --git a/book/service_container.rst b/book/service_container.rst
@@ -276,10 +276,10 @@ The service container is built using a single configuration resource
 be imported from inside this file in one way or another. This gives you absolute
 flexibility over the services in your application.
 
-External service configuration can be imported in two different ways. The first 
-method, commonly used to import container configuration from the bundles you've 
-created - is via the ``imports`` directive. The second method, although slightly more 
-complex offers more flexibility and is commonly used to import third-party bundle 
+External service configuration can be imported in two different ways. The first
+method, commonly used to import container configuration from the bundles you've
+created - is via the ``imports`` directive. The second method, although slightly more
+complex offers more flexibility and is commonly used to import third-party bundle
 configuration. Read on to learn more about both methods.
 
 .. index::
@@ -1104,13 +1104,15 @@ to be used for a specific purpose. Take the following example:
             xsi:schemaLocation="http://symfony.com/schema/dic/services
                 http://symfony.com/schema/dic/services/services-1.0.xsd">
 
-            <service
-                id="foo.twig.extension"
-                class="Acme\HelloBundle\Extension\FooExtension"
-                public="false">
+            <services>
+                <service
+                    id="foo.twig.extension"
+                    class="Acme\HelloBundle\Extension\FooExtension"
+                    public="false">
 
-                <tag name="twig.extension" />
-            </service>
+                    <tag name="twig.extension" />
+                </service>
+            </services>
         </container>
 
     .. code-block:: php
diff --git a/book/templating.rst b/book/templating.rst
@@ -1098,7 +1098,7 @@ if you are using Twig (or the third argument if you are using PHP) to ``true``:
 
     .. code-block:: html+jinja
 
-        <img src="{{ asset('images/logo.png', absolute=true) }}" alt="Symfony!" />
+        <img src="{{ absolute_url(asset('images/logo.png')) }}" alt="Symfony!" />
 
     .. code-block:: html+php
 
diff --git a/components/console/helpers/debug_formatter.rst b/components/console/helpers/debug_formatter.rst
@@ -117,7 +117,7 @@ Stopping a Program
 ------------------
 
 When a program is stopped, you can use
-:method:`Symfony\\Component\\Console\\Helper\\DebugFormatterHelper::run` to
+:method:`Symfony\\Component\\Console\\Helper\\DebugFormatterHelper::stop` to
 notify this to the users::
 
     // ...
diff --git a/contributing/code/security.rst b/contributing/code/security.rst
@@ -103,6 +103,8 @@ Security Advisories
 This section indexes security vulnerabilities that were fixed in Symfony
 releases, starting from Symfony 1.0.0:
 
+* November 23, 2015: `CVE-2015-8125: Potential Remote Timing Attack Vulnerability in Security Remember-Me Service <http://symfony.com/blog/cve-2015-8125-potential-remote-timing-attack-vulnerability-in-security-remember-me-service>`_ (2.3.35, 2.6.12 and 2.7.7)
+* November 23, 2015: `CVE-2015-8124: Session Fixation in the "Remember Me" Login Feature <http://symfony.com/blog/cve-2015-8124-session-fixation-in-the-remember-me-login-feature>`_ (2.3.35, 2.6.12 and 2.7.7)
 * May 26, 2015: `CVE-2015-4050: ESI unauthorized access <https://symfony.com/blog/cve-2015-4050-esi-unauthorized-access>`_ (Symfony 2.3.29, 2.5.12 and 2.6.8)
 * April 1, 2015: `CVE-2015-2309: Unsafe methods in the Request class <https://symfony.com/blog/cve-2015-2309-unsafe-methods-in-the-request-class>`_ (Symfony 2.3.27, 2.5.11 and 2.6.6)
 * April 1, 2015: `CVE-2015-2308: Esi Code Injection <https://symfony.com/blog/cve-2015-2308-esi-code-injection>`_ (Symfony 2.3.27, 2.5.11 and 2.6.6)
diff --git a/cookbook/configuration/override_dir_structure.rst b/cookbook/configuration/override_dir_structure.rst
@@ -176,8 +176,7 @@ The change in the ``composer.json`` will look like this:
         ...
     }
 
-In ``app/autoload.php``, you need to modify the path leading to the
-``vendor/autoload.php`` file::
+Then, update the path to the ``autoload.php`` file in ``app/autoload.php``::
 
     // app/autoload.php
     // ...
diff --git a/cookbook/doctrine/event_listeners_subscribers.rst b/cookbook/doctrine/event_listeners_subscribers.rst
@@ -135,12 +135,14 @@ a ``postPersist`` method, which will be called when the event is dispatched::
         public function postPersist(LifecycleEventArgs $args)
         {
             $entity = $args->getEntity();
-            $entityManager = $args->getEntityManager();
 
-            // perhaps you only want to act on some "Product" entity
-            if ($entity instanceof Product) {
-                // ... do something with the Product
+            // only act on some "Product" entity
+            if (!$entity instanceof Product) {
+                return;
             }
+
+            $entityManager = $args->getEntityManager();
+            // ... do something with the Product
         }
     }
 
@@ -197,10 +199,10 @@ interface and have an event method for each event it subscribes to::
         public function index(LifecycleEventArgs $args)
         {
             $entity = $args->getEntity();
-            $entityManager = $args->getEntityManager();
 
             // perhaps you only want to act on some "Product" entity
             if ($entity instanceof Product) {
+                $entityManager = $args->getEntityManager();
                 // ... do something with the Product
             }
         }
diff --git a/cookbook/form/dynamic_form_modification.rst b/cookbook/form/dynamic_form_modification.rst
@@ -411,25 +411,26 @@ it with :ref:`dic-tags-form-type`.
             array('security.token_storage')
         );
 
-If you wish to create it from within a controller or any other service that has
-access to the form factory, you then use::
+If you wish to create it from within a service that has access to the form factory,
+you then use::
 
-    use Symfony\Component\DependencyInjection\ContainerAware;
+    $form = $formFactory->create('friend_message');
 
-    class FriendMessageController extends ContainerAware
+In a controller that extends the :class:`Symfony\\Bundle\\FrameworkBundle\\Controller\\Controller`
+class, you can simply call::
+
+    use Symfony\Bundle\FrameworkBundle\Controller\Controller;
+
+    class FriendMessageController extends Controller
     {
         public function newAction(Request $request)
         {
-            $form = $this->get('form.factory')->create('friend_message');
+            $form = $this->createForm('friend_message');
 
             // ...
         }
     }
 
-If you extend the ``Symfony\Bundle\FrameworkBundle\Controller\Controller`` class, you can simply call::
-
-    $form = $this->createForm('friend_message');
-
 You can also easily embed the form type into another form::
 
     // inside some other "form type" class
diff --git a/cookbook/security/form_login_setup.rst b/cookbook/security/form_login_setup.rst
@@ -12,10 +12,6 @@ In this entry, you'll build a traditional login form. Of course, when the
 user logs in, you can load your users from anywhere - like the database.
 See :ref:`security-user-providers` for details.
 
-This chapter assumes that you've followed the beginning of the
-:doc:`security chapter </book/security>` and have ``http_basic`` authentication
-working properly.
-
 First, enable form login under your firewall:
 
 .. configuration-block::
@@ -29,7 +25,6 @@ First, enable form login under your firewall:
             firewalls:
                 default:
                     anonymous: ~
-                    http_basic: ~
                     form_login:
                         login_path: /login
                         check_path: /login_check
@@ -47,7 +42,6 @@ First, enable form login under your firewall:
             <config>
                 <firewall name="default">
                     <anonymous />
-                    <http-basic />
                     <form-login login-path="/login" check-path="/login_check" />
                 </firewall>
             </config>
@@ -60,7 +54,6 @@ First, enable form login under your firewall:
             'firewalls' => array(
                 'default' => array(
                     'anonymous'  => null,
-                    'http_basic' => null,
                     'form_login' => array(
                         'login_path' => '/login',
                         'check_path' => '/login_check',
diff --git a/create_framework/dependency-injection.rst b/create_framework/dependency-injection.rst
@@ -132,7 +132,7 @@ them. Objects will be created on-demand when you access them from the
 container or when the container needs them to create other objects.
 
 For instance, to create the router listener, we tell Symfony that its class
-name is ``Symfony\Component\HttpKernel\EventListener\RouterListener``, and
+name is ``Symfony\Component\HttpKernel\EventListener\RouterListener`` and
 that its constructor takes a matcher object (``new Reference('matcher')``). As
 you can see, each object is referenced by a name, a string that uniquely
 identifies each object. The name allows us to get an object and to reference
diff --git a/create_framework/event-dispatcher.rst b/create_framework/event-dispatcher.rst
@@ -154,7 +154,7 @@ event (``response``); the event name must be the same as the one used in the
 ``dispatch()`` call.
 
 In the listener, we add the Google Analytics code only if the response is not
-a redirection, if the requested format is HTML, and if the response content
+a redirection, if the requested format is HTML and if the response content
 type is HTML (these conditions demonstrate the ease of manipulating the
 Request and Response data from your code).
 
diff --git a/create_framework/front-controller.rst b/create_framework/front-controller.rst
@@ -57,7 +57,7 @@ And for the "Goodbye" page::
 
 We have indeed moved most of the shared code into a central place, but it does
 not feel like a good abstraction, does it? We still have the ``send()`` method
-for all pages, our pages do not look like templates, and we are still not able
+for all pages, our pages do not look like templates and we are still not able
 to test this code properly.
 
 Moreover, adding a new page means that we need to create a new PHP script,
@@ -159,7 +159,7 @@ web root directory:
 Now, configure your web server root directory to point to ``web/`` and all
 other files won't be accessible from the client anymore.
 
-To test your changes in a browser (``http://localhost:4321/?name=Fabien``), run
+To test your changes in a browser (``http://localhost:4321/hello/?name=Fabien``), run
 the PHP built-in server:
 
 .. code-block:: bash
diff --git a/create_framework/http-foundation.rst b/create_framework/http-foundation.rst
@@ -299,7 +299,7 @@ the wheel.
 I've almost forgot to talk about one added benefit: using the HttpFoundation
 component is the start of better interoperability between all frameworks and
 applications using it (like `Symfony`_, `Drupal 8`_, `phpBB 4`_, `ezPublish
-5`_, `Laravel`_, `Silex`_, and `more`_).
+5`_, `Laravel`_, `Silex`_ and `more`_).
 
 .. _`Twig`: http://twig.sensiolabs.org/
 .. _`HTTP specification`: http://tools.ietf.org/wg/httpbis/
diff --git a/create_framework/http-kernel-httpkernel-class.rst b/create_framework/http-kernel-httpkernel-class.rst
@@ -11,7 +11,7 @@ There should be an easier way, right?
 
 Enter the ``HttpKernel`` class. Instead of solving the same problem over and
 over again and instead of reinventing the wheel each time, the ``HttpKernel``
-class is a generic, extensible, and flexible implementation of
+class is a generic, extensible and flexible implementation of
 ``HttpKernelInterface``.
 
 This class is very similar to the framework class we have written so far: it
diff --git a/create_framework/routing.rst b/create_framework/routing.rst
@@ -82,7 +82,7 @@ of default values for route attributes (``array('name' => 'World')``).
     :doc:`Routing component documentation </components/routing/introduction>` to
     learn more about its many features like URL generation, attribute
     requirements, HTTP method enforcements, loaders for YAML or XML files,
-    dumpers to PHP or Apache rewrite rules for enhanced performance, and much
+    dumpers to PHP or Apache rewrite rules for enhanced performance and much
     more.
 
 Based on the information stored in the ``RouteCollection`` instance, a
diff --git a/create_framework/separation-of-concerns.rst b/create_framework/separation-of-concerns.rst
@@ -8,7 +8,7 @@ class. It would bring us better *reusability* and easier testing to name just
 a few benefits.
 
 If you have a closer look at the code, ``front.php`` has one input, the
-Request, and one output, the Response. Our framework class will follow this
+Request and one output, the Response. Our framework class will follow this
 simple principle: the logic is about creating the Response associated with a
 Request.
 
diff --git a/create_framework/templating.rst b/create_framework/templating.rst
@@ -50,7 +50,7 @@ rendered::
 
 As ``render_template`` is used as an argument to the PHP ``call_user_func()``
 function, we can replace it with any valid PHP `callbacks`_. This allows us to
-use a function, an anonymous function, or a method of a class as a
+use a function, an anonymous function or a method of a class as a
 controller... your choice.
 
 As a convention, for each route, the associated controller is configured via
diff --git a/reference/configuration/framework.rst b/reference/configuration/framework.rst
@@ -219,7 +219,7 @@ If you're using an IDE like TextMate or Mac Vim, then Symfony can turn all
 of the file paths in an exception message into a link, which will open that
 file in your IDE.
 
-Symfony contains preconfigured urls for some popular IDEs, you can set them
+Symfony contains preconfigured URLs for some popular IDEs, you can set them
 using the following keys:
 
 * ``textmate``
@@ -230,7 +230,7 @@ using the following keys:
 .. versionadded:: 2.3.14
     The ``emacs`` and ``sublime`` editors were introduced in Symfony 2.3.14.
 
-You can also specify a custom url string. If you do this, all percentage
+You can also specify a custom URL string. If you do this, all percentage
 signs (``%``) must be doubled to escape that character. For example, if
 you use PHPstorm on the Mac OS platform, you will do something like:
 
@@ -269,8 +269,11 @@ you use PHPstorm on the Mac OS platform, you will do something like:
 
 Of course, since every developer uses a different IDE, it's better to set
 this on a system level. This can be done by setting the ``xdebug.file_link_format``
-in the ``php.ini`` configuration to the url string. If this configuration
-value is set, then the ``ide`` option will be ignored.
+in the ``php.ini`` configuration to the URL string.
+
+If you don't use Xdebug, another way is to set this URL string in the
+``SYMFONY__TEMPLATING__HELPER__CODE__FILE_LINK_FORMAT`` environment variable.
+If any of these configurations values are set, the ``ide`` option will be ignored.
 
 .. _reference-framework-test:
 

Original file line number	Diff line number	Diff line change
@@ -176,8 +176,7 @@ The change in the ``composer.json`` will look like this:
`176`	`176`	`...`
`177`	`177`	`}`
`178`	`178`
`179`		-In ``app/autoload.php``, you need to modify the path leading to the
`180`		-``vendor/autoload.php`` file::
	`179`	+Then, update the path to the ``autoload.php`` file in ``app/autoload.php``::
`181`	`180`
`182`	`181`	`// app/autoload.php`
`183`	`182`	`// ...`
Original file line number	Diff line number	Diff line change
@@ -135,12 +135,14 @@ a ``postPersist`` method, which will be called when the event is dispatched::
`135`	`135`	`public function postPersist(LifecycleEventArgs $args)`
`136`	`136`	`{`
`137`	`137`	`$entity = $args->getEntity();`
`138`		`- $entityManager = $args->getEntityManager();`
`139`	`138`
`140`		`- // perhaps you only want to act on some "Product" entity`
`141`		`- if ($entity instanceof Product) {`
`142`		`- // ... do something with the Product`
	`139`	`+ // only act on some "Product" entity`
	`140`	`+ if (!$entity instanceof Product) {`
	`141`	`+ return;`
`143`	`142`	`}`
	`143`	`+`
	`144`	`+ $entityManager = $args->getEntityManager();`
	`145`	`+ // ... do something with the Product`
`144`	`146`	`}`
`145`	`147`	`}`
`146`	`148`
`@@ -197,10 +199,10 @@ interface and have an event method for each event it subscribes to::`
`197`	`199`	`public function index(LifecycleEventArgs $args)`
`198`	`200`	`{`
`199`	`201`	`$entity = $args->getEntity();`
`200`		`- $entityManager = $args->getEntityManager();`
`201`	`202`
`202`	`203`	`// perhaps you only want to act on some "Product" entity`
`203`	`204`	`if ($entity instanceof Product) {`
	`205`	`+ $entityManager = $args->getEntityManager();`
`204`	`206`	`// ... do something with the Product`
`205`	`207`	`}`
`206`	`208`	`}`