The first update for the sfReCaptchaPlugin is available, which updates the ReCaptcha php-library from version 1.6 to 1.8.

While there doesn’t seem to be a changelog around, i found the bugs at the mailinglist (here and here):

There was a problem with a variable which holds the url for the SSL authentication server, it was named $recaptcha_api_ssl_server instead of $recaptcha_api_secure_server.
Both, version 1.7 and 1.8 were adressed to fix this problem.

If you have version 1.0.0 of the plugin installed, you can update it by executing this command in your projects root directory:

symfony plugin-upgrade



checkbox_abs.pngIt’s common knowledge to never trust any user input and to validate everything. But is this also true for checkboxes? Shouldn’t Propel handle this properly?

Well, it depends on whether you want to have just zeros and ones in your database field or don’t care – because Propel will write every numeric value in the database and not just zeros and ones.


To check this, i used a small example to test if Propel really does save every value of the checkbox in the database:
I created a test module which had a template with a really simple form and just a checkbox:


<?php echo form_tag('boolean/index') ?>
  <?php echo checkbox_tag('value'); ?>
  <?php echo submit_tag('submit'); ?>

To save the value in the database (Note: The field was specified as a “boolean” in the schema.yml) , a simple action was required:

$checkbox = new Valuetest();

With this, the application saved the value of the checkbox (ideally zero or one) in the “boolean” database field (which Propel translates to unsigned integer(11)).

This is where the real test began. What would’ve happend if the user transformed the checkbox field into a input field? (check out the Webdeveloper firefox extension, it’s really useful for this kind of tests)

Since the database field was of the integer type it wouldn’t save values like “abc” and instead just saved a zero.
But it turned out that Propel would’ve saved every other numeric value that will fit in the unsigned integer(11) field (This is a range from -2147483648 to 2147483647).

Here are a few examples which i entered in the datasbase and what Propel returned on a $foobar->getValue():

The value 0 returned false
The value -9123 returned true
The value 1 returned true
The value 9123 returned true


Your application will not be in danger if you don’t validate a checkbox field, since Propel will only return true or false for a field that is specified as boolean in the schema.yml.
But your database can be messy and have all kind of numeric values saved in it.

If you’re like me and just want to have zeroes or ones in your boolean database field, the best thing is to validate the checkbox field using a simple custom validator like this simple sfCheckboxValidator i wrote.

Please state your opinion on this topic in the comments, thanks!

webned_logo.jpgLast weekend we launched, a real estate portal for Russia and Ukraine – developed with symfony.

One of the interesting parts is the i18n of the website, you can switch between English and Russian (on the top right). Thanks to the XLIFF support in symfony, managing translations has been very easy.

But there’s one feature that, for me, has made a _really_ huge difference – to sync the local directory with the server directory via rsync.
It has made deploying updates so much easier and faster. Honestly, even when writing this blog post i noticed a validation error on the frontpage, 10 seconds and a “symfony sync production go” later this was fixed.

But there’s more to come. There will be a shop which lets you buy more object and yellow page entries. You’ll also be able to buy “top objects days” which basically give you the possibility to make your object a top object for a specific timeframe.

Stay tuned.

plugins.pngTo uninstall a plugin you normally use the “symfony plugin-uninstall” command but not everyone knows that, and just deleting the directory from the plugins directory is a often mistake.

After deleting the directory PEAR still thinks that the plugin is installed (try executing “symfony plugin-list“).

Installing the plugin again to uninstall it properly won’t work either. It will skip the package and say that it is aleady installed.

>> pear      Skipping package "symfony/sfThumbnailPlugin", already
>> pear      installed as version 1.3.0
>> pear      No valid packages found

But there is an easy fix for this problem:

Each plugin stores a .reg file in the PEAR registry, this registry is hidden in the plugins directory – you just need to delete the file from the registry.
For example, if you have accidentally deleted the sfThumbnailPlugin directory, just remove the registry file too:

rm plugins/.registry/

PEAR will not think that the plugin is installed anymore (check with “symfony plugin-list“).

reCAPTCHAI just released a plugin for symfony which integrates the reCAPTCHA php library in symfony.

What’s reCAPTCHA” you ask? Check out this three sites:

Lately reCAPTCHA has been very popular (it even made it to the Digg frontpage and Slashdot).

High time for a reCAPTCHA plugin for symfony. You can read all the installation and usage instructions over at the symfony wiki.

Comments and critiques are always appreciated!

I just released sfSocialBookmarkingPlugin which lets you add this little icons in order to submit your site to a social bookmarking service like

All the instructions are in the wiki-page, however i still have problems with the images. It seems that PEAR doesnt link them properly so that you have to copy them into web/images by hand.

Here’s a little screenshot if you absolutely can’t image what i’m talking about:


Might be useful if you have a blog (e.g. the sfSimpleBlogPlugin).
Also, feel free to add services that aren’t in the Plugin yet and don’t forget to commit a patch. Thanks!

There has quite some time passed since i blogged about how to do a captcha with the JpGraph library.
Since then, two new plugins have shown up in order to ease the captcha integration in symfony projects.

The sfCaptchaPlugin uses the JpGraph library while the sfCryptographpPlugin relies on the cryptographp library.
Both plugins have installation instructions in their wiki-pages, but there are small things that might confuse new users, so i decided to write a howto for both of them.


First, install the plugin:

symfony plugin-install

and enable the module in the settings.yml file (e.g. apps/frontend/config/settings.yml):

    enabled_modules: [default, sfCaptcha]

The sfCaptchaPlugin comes with the digits-only version of the JpGraph library (which is much more readable than the alphanumeric version), but in order to use it you need to open the plugins/sfCaptchaPlugin/lib/Captcha.class.php file and change:

require_once 'jpgraph/jpgraph_antispam.php';


require_once 'jpgraph_antispam-digits.class.php';

Now we need to generate the captcha and save the key in the session. Add the following lines to the function which displays your form:

$g = new Captcha();
$this->getUser()->setAttribute('captcha', $g->generate());

and in the template, add:

<?php use_helper('Validation'); ?>

<img src="<?php echo url_for('sfCaptcha/index'); ?>" alt="captcha" />
<?php echo form_error('captcha'); ?>
<?php echo input_tag('captcha'); ?>

To validate the input, create a validation file in your modules validate folder and add:

      msg: Please enter the numbers in the captcha image
      error: Incorrect code

Finally, clear your cache with symfony cc and the captcha should be ready.


Install the plugin with:

symfony plugin-install

and enable the module in the settings.yml file (e.g. apps/frontend/config/settings.yml):

    enabled_modules: [default, cryptographp]

Open the template file which contains your form, and add:

<?php use_helper('Cryptographp', 'Validation'); ?>

<?php echo cryptographp_picture(); ?>
<?php echo cryptographp_reload(); ?>

<?php echo form_error('captcha'); ?>
<?php echo input_tag('captcha'); ?>

To validate the input, create a validation file in your modules validate folder and add:

      msg: security code required
      code_error: security code incorrect

Finally, clear your cache with symfony cc and you should be ready to go.

Unlike JpGraph, the cryptohraphp lib comes with a variety of config options, you can take a look at the documentation and the plugins/sfCryptographpPlugin/lib/crypt/ file.
For example, if you want to modify the width of the captcha image, open your applications app.yml file and add:

    width: 300