diff --git a/book/controller.rst b/book/controller.rst index cc4c1943908..e8405f7ab4b 100644 --- a/book/controller.rst +++ b/book/controller.rst @@ -102,7 +102,7 @@ a controller object. Controllers are also called *actions*. { public function indexAction($name) { - return new Response('Hello '.$name.'!'); + return new Response('Hello '.$name.'!'); } } @@ -687,7 +687,7 @@ the ``notice`` message: {% endif %} - .. code-block:: php + .. code-block:: html+php hasFlash('notice')): ?>
diff --git a/book/doctrine.rst b/book/doctrine.rst index 534baad9282..d0ffa520759 100644 --- a/book/doctrine.rst +++ b/book/doctrine.rst @@ -50,11 +50,11 @@ information. By convention, this information is usually configured in an ; app/config/parameters.ini [parameters] - database_driver = pdo_mysql - database_host = localhost - database_name = test_project - database_user = root - database_password = password + database_driver = pdo_mysql + database_host = localhost + database_name = test_project + database_user = root + database_password = password .. note:: diff --git a/book/http_cache.rst b/book/http_cache.rst index ee863bc16cf..4ebf7f7b020 100644 --- a/book/http_cache.rst +++ b/book/http_cache.rst @@ -851,7 +851,7 @@ First, to use ESI, be sure to enable it in your application configuration: // app/config/config.php $container->loadFromExtension('framework', array( - ..., + // ... 'esi' => array('enabled' => true), )); @@ -884,7 +884,7 @@ matter), Symfony2 uses the standard ``render`` helper to configure ESI tags: {% render url('latest_news', { 'max': 5 }) with {}, {'standalone': true} %} - .. code-block:: php + .. code-block:: html+php render( $view['router']->generate('latest_news', array('max' => 5), true), diff --git a/book/page_creation.rst b/book/page_creation.rst index ac68949432d..c094643f92d 100644 --- a/book/page_creation.rst +++ b/book/page_creation.rst @@ -344,7 +344,7 @@ controller, and ``index.html.twig`` the template: Hello {{ name }}! {% endblock %} - .. code-block:: php + .. code-block:: html+php extend('::base.html.php') ?> @@ -385,7 +385,7 @@ and in the ``app`` directory: - .. code-block:: php + .. code-block:: html+php diff --git a/book/propel.rst b/book/propel.rst index 590b510511d..0bcee86a06d 100644 --- a/book/propel.rst +++ b/book/propel.rst @@ -35,12 +35,12 @@ information. By convention, this information is usually configured in an ; app/config/parameters.ini [parameters] - database_driver = mysql - database_host = localhost - database_name = test_project - database_user = root - database_password = password - database_charset = UTF8 + database_driver = mysql + database_host = localhost + database_name = test_project + database_user = root + database_password = password + database_charset = UTF8 .. note:: diff --git a/book/routing.rst b/book/routing.rst index 5b857dc1340..5516dc5fedf 100644 --- a/book/routing.rst +++ b/book/routing.rst @@ -1169,7 +1169,7 @@ a template helper function: Read this blog post. - .. code-block:: php + .. code-block:: html+php Read this blog post. @@ -1185,7 +1185,7 @@ Absolute URLs can also be generated. Read this blog post. - .. code-block:: php + .. code-block:: html+php Read this blog post. diff --git a/book/security.rst b/book/security.rst index e49cb55df52..15be6352f51 100644 --- a/book/security.rst +++ b/book/security.rst @@ -484,7 +484,7 @@ Finally, create the corresponding template: .. code-block:: html+php - +
getMessage() ?>
@@ -723,7 +723,7 @@ You can define as many URL patterns as you need - each is a regular expression. // app/config/security.php $container->loadFromExtension('security', array( - ..., + // ... 'access_control' => array( array('path' => '^/admin/users', 'role' => 'ROLE_SUPER_ADMIN'), array('path' => '^/admin', 'role' => 'ROLE_ADMIN'), @@ -1072,7 +1072,7 @@ In fact, you've seen this already in the example in this chapter. // app/config/security.php $container->loadFromExtension('security', array( - ..., + // ... 'providers' => array( 'default_provider' => array( 'users' => array( @@ -1302,7 +1302,7 @@ configure the encoder for that user: // app/config/security.php $container->loadFromExtension('security', array( - ..., + // ... 'encoders' => array( 'Acme\UserBundle\Entity\User' => 'sha512', ), @@ -1502,10 +1502,10 @@ the first provider is always used: $container->loadFromExtension('security', array( 'firewalls' => array( 'secured_area' => array( - ..., + // ... 'provider' => 'user_db', 'http_basic' => array( - ..., + // ... 'provider' => 'in_memory', ), 'form_login' => array(), @@ -1616,7 +1616,7 @@ the firewall can handle this automatically for you when you activate the $container->loadFromExtension('security', array( 'firewalls' => array( 'secured_area' => array( - ..., + // ... 'logout' => array('path' => 'logout', 'target' => '/'), ), ), @@ -1771,7 +1771,7 @@ done by activating the ``switch_user`` firewall listener: $container->loadFromExtension('security', array( 'firewalls' => array( 'main'=> array( - ..., + // ... 'switch_user' => true ), ), @@ -1799,7 +1799,7 @@ to show a link to exit impersonation: .. code-block:: html+jinja {% if is_granted('ROLE_PREVIOUS_ADMIN') %} - Exit impersonation + Exit impersonation {% endif %} .. code-block:: html+php diff --git a/book/templating.rst b/book/templating.rst index d794ed02f58..e84106eaa5a 100644 --- a/book/templating.rst +++ b/book/templating.rst @@ -1194,7 +1194,7 @@ this classic example: .. configuration-block:: - .. code-block:: jinja + .. code-block:: html+jinja Hello {{ name }} @@ -1202,12 +1202,16 @@ this classic example: Hello -Imagine that the user enters the following code as his/her name:: +Imagine that the user enters the following code as his/her name: + +.. code-block:: text Without any output escaping, the resulting template will cause a JavaScript -alert box to pop up:: +alert box to pop up: + +.. code-block:: html Hello @@ -1217,7 +1221,9 @@ inside the secure area of an unknowing, legitimate user. The answer to the problem is output escaping. With output escaping on, the same template will render harmlessly, and literally print the ``script`` -tag to the screen:: +tag to the screen: + +.. code-block:: html Hello <script>alert('helloe')</script> @@ -1249,7 +1255,9 @@ Output Escaping in PHP Output escaping is not automatic when using PHP templates. This means that unless you explicitly choose to escape a variable, you're not protected. To -use output escaping, use the special ``escape()`` view method:: +use output escaping, use the special ``escape()`` view method: + +.. code-block:: html+php Hello escape($name) ?> @@ -1258,7 +1266,7 @@ within an HTML context (and thus the variable is escaped to be safe for HTML). The second argument lets you change the context. For example, to output something in a JavaScript string, use the ``js`` context: -.. code-block:: js +.. code-block:: html+php var myMsg = 'Hello escape($name, 'js') ?>'; diff --git a/book/testing.rst b/book/testing.rst index c0dfececbef..fc80d99ce7f 100644 --- a/book/testing.rst +++ b/book/testing.rst @@ -157,7 +157,9 @@ for its ``DemoController`` (`DemoControllerTest`_) that reads as follows:: kernel of your application. In most cases, this happens automatically. However, if your kernel is in a non-standard directory, you'll need to modify your ``phpunit.xml.dist`` file to set the ``KERNEL_DIR`` environment - variable to the directory of your kernel:: + variable to the directory of your kernel: + + .. code-block:: xml