14 replies to this topic

[Mr.XXIV]

On Symfony's Friends of Symfony User Bundle, I managed to modify a profile action that allows me to view specific user profiles instead of only seeing my own. I basically took the Group Controller's function, and made some code useable for the User Controller, as the Group Controller allows you to view the group, using the name in the URL; now in the User Controller, where profile/ becomes profile/mrxxiv. I'm trying to keep profile/ as well, but the way I have the function set up, it's almost impossible due to Symfony giving me an error, telling me about the empty value in the function, where I'd need to enter a username in order to find & view the user's data.

This is the error when not entering a username in the URL:


Controller "FOS\UserBundle\Controller\ProfileController::showAction()" requires that you provide a value for the "$username" argument (because there is no default value or because there is a non optional argument after this one).


I don't want to enter a default value, I just want to find a way to pass the parameter when it's empty as when I use only the url profile/, I can view my own profile data on the spot. Plus I can't be specific against all users. Disregard the IF statement by the way.

public function showAction($username) {
	$user = $this->container->get('security.context')->getToken()->getUser();
	
	if (!is_object($user) || !$user instanceof UserInterface) {
			throw new AccessDeniedException('This user does not have access to this section.');
	}

	$user = $this->findUserBy('username', $username);
	return $this->container->get('templating')->renderResponse('FOSUserBundle:Profile:show.html.'.$this->container->getParameter('fos_user.template.engine'), array('user' => $user));
}

[Mr.XXIV]

Also, this modification appears to be querying the profile twice and it all has to do with the "$username" and "findUserBy".

[EddieF]

Mr.XXIV, on 03 January 2013 - 18:54, said:

On Symfony's Friends of Symfony User Bundle, I managed to modify a profile action that allows me to view specific user profiles instead of only seeing my own. I basically took the Group Controller's function, and made some code useable for the User Controller, as the Group Controller allows you to view the group, using the name in the URL; now in the User Controller, where profile/ becomes profile/mrxxiv. I'm trying to keep profile/ as well, but the way I have the function set up, it's almost impossible due to Symfony giving me an error, telling me about the empty value in the function, where I'd need to enter a username in order to find & view the user's data.

This is the error when not entering a username in the URL:


Controller "FOS\UserBundle\Controller\ProfileController::showAction()" requires that you provide a value for the "$username" argument (because there is no default value or because there is a non optional argument after this one).


I don't want to enter a default value, I just want to find a way to pass the parameter when it's empty as when I use only the url profile/, I can view my own profile data on the spot. Plus I can't be specific against all users. Disregard the IF statement by the way.

public function showAction($username) {
	$user = $this->container->get('security.context')->getToken()->getUser();
	
	if (!is_object($user) || !$user instanceof UserInterface) {
			throw new AccessDeniedException('This user does not have access to this section.');
	}

	$user = $this->findUserBy('username', $username);
	return $this->container->get('templating')->renderResponse('FOSUserBundle:Profile:show.html.'.$this->container->getParameter('fos_user.template.engine'), array('user' => $user));
}

I'm not familiar with Symfony, but you should be able to assign a 'default' value (I know you said you didn't want to assign a default but this is sort of different?) when the function is defined:

public function showAction($username='') {

That way, if nothing is passed to the function, it assigns an empty value.

[n_K]

Your question makes no sense, if there's no username provided, don't run the function.
Obviously you can't get a profile for a user that doesn't exist.

EDIT: If what I think you mean is you want to access profiles via /<username> instead of /index.php?user=<username> then you've got 3 methods of doing it.
1) Use apache rewrites to rewrite the URL.
2) Modify the symfony function above which means you've forked symphony - congratulations if you upgrade you'll break it and if you don't upgrade you'll be stuck with all future security flaws
3) Make your own functions to do all the calling... Which as said in the other thread is why it's MUCH easier and better to create your own code from scratch rather than using a framework that you've no clue about, you could be going back and forth between many many functions looking for how things happen like why the function is being called twice.

Edited by n_K, 04 January 2013 - 02:14.

[Mr.XXIV]

n_K, on 04 January 2013 - 02:08, said:

Your question makes no sense, if there's no username provided, don't run the function.
Obviously you can't get a profile for a user that doesn't exist.

There are 2 users in the database. Where I go to both /profile/mrxxiv and /profile/mrsxxiv. Originally, it only set up /profile to where I can just see my profile, but I wanted to extend that user feature to allow users to see each other's profiles.

I'm not sure how to prevent that function, because that is a controller that renders the page. Remember, this is an MVC Framework, I practically have no choice at the moment because this is how all the other controllers run.

I'm basically asking for help on how to keep a variable ignored, if the value is empty. This has nothing to do with existence.

[n_K]

In that case it's passing the argument via another function, as I said you'll need to go through and find how and where the function is being called and rewrite it which means you've forked it *wrong buzzer noise*

Keep a value ignored?
if (!is_null($Username))
{
//Insert all the above function here
}

Edited by n_K, 04 January 2013 - 02:21.

[Mr.XXIV]

n_K, on 04 January 2013 - 02:16, said:

In that case it's passing the argument via another function, as I said you'll need to go through and find how and where the function is being called and rewrite it which means you've forked it *wrong buzzer noise*

I've already done a rewrite to use app.php (the index) as the base of the URL, as the site already uses the Address as subdirectories, not query's and variables.

I'm not sure passing another will work because the function right there that renders the page basically works with the router for the GET function.

You've used Symfony before right?

[n_K]

No, I don't bother with frameworks, and I don't need to in order to see that the error is coming from a file that is part of the framework. Modify any of the framework files = fork, the idea of the framework is you use the functions of the framework without modifying the framework itself.

Yes it uses other functions to get and process the username, get out grep and look for what other files call that function, then comment them out one by one until you find the function you need to change.

Edited by n_K, 04 January 2013 - 02:26.

[EddieF]

Mr.XXIV, on 04 January 2013 - 02:13, said:

I'm basically asking for help on how to keep a variable ignored, if the value is empty. This has nothing to do with existence.

Doesn't my way essentially do that? And then do this if need be:

if($username != '')

$user = $this->findUserBy('username', $username);

[n_K]

I don't think he's asking about that, he's saying that it always gets the profile of the logged in user and he wants it to get the profile of the user in the URL.

[Mr.XXIV]

n_K, on 04 January 2013 - 02:28, said:

I don't think he's asking about that, he's saying that it always gets the profile of the logged in user and he wants it to get the profile of the user in the URL.

I already get the other users profiles using the username in the URL, but using this function will pass an error for an empty value when only using /profile. Like so.

Attached Images

• 
• 

[Mr.XXIV]

WAIT!

This is what's throwing the exception.

protected function findUserBy($key, $value)
    {
        if (!empty($value)) {
            $user = $this->container->get('fos_user.user_manager')->{'findUserBy'.ucfirst($key)}($value);
        }

        if (empty($user)) {
            throw new NotFoundHttpException(sprintf('The user with "%s" does not exist for value "%s"', $key, $value));
        }

        return $user;
    }

[EddieF]

Are you using this function to get the profile then?? If so, return out of the function if you aren't using it:

public function showAction($username='') {
if($username == '')
return;
		$user = $this->container->get('security.context')->getToken()->getUser();
		
		if (!is_object($user) || !$user instanceof UserInterface) {
						throw new AccessDeniedException('This user does not have access to this section.');
		}

		$user = $this->findUserBy('username', $username);
		return $this->container->get('templating')->renderResponse('FOSUserBundle:Profile:show.html.'.$this->container->getParameter('fos_user.template.engine'), array('user' => $user));
}

Edit:
If thats throwing the exception, skip it like posted a couple posts above?

[n_K]

So you want it to get the profile of the logged in user when no profile is given?
if (is_null($Username))
{
GLOBAL $x;
$Username = $x;
}

$x being the variable that holds the logged in username, if it's a session variable you can remove the GLOBAL line.

[Mr.XXIV]

EddieF, on 04 January 2013 - 02:44, said:

Are you using this function to get the profile then?? If so, return out of the function if you aren't using it:
Edit:
If thats throwing the exception, skip it like posted a couple posts above?

n_K, on 04 January 2013 - 02:45, said:

So you want it to get the profile of the logged in user when no profile is given?
if (is_null($Username))
{
GLOBAL $x;
$Username = $x;
}

$x being the variable that holds the logged in username, if it's a session variable you can remove the GLOBAL line.

The function "findUserBy" is the function that searches for the user, it's right under the showAction function. There's already if(empty) exception there, but even if I modify it. I can't get the logged in user info as another exception from the showAction will appear, thus into a paradox (ahh hell).

EDIT:
Let me try, using 2 different functions, since this is a controller working with a router. I'll try to render profile/ and profile/{user} from 2 different public functions.

EDIT #2:
Really appreciate your help guys. I used 2 different functions as said by also using the router to modify what function I want to use.

XML Router:

    <route id="fos_user_profile_show" pattern="/">
        <default key="_controller">FOSUserBundle:Profile:main</default>
        <requirement key="_method">GET</requirement>
    </route>

<route id="fos_other_user_profile_show" pattern="/{username}">
        <default key="_controller">FOSUserBundle:Profile:show</default>
        <requirement key="_method">GET</requirement>
    </route>

Controller:

    /**
     * Show the main user
     */
    public function mainAction()
    {
        $user = $this->container->get('security.context')->getToken()->getUser();
  
if (!is_object($user) || !$user instanceof UserInterface) {
            throw new AccessDeniedException('This user does not have access to this section.');
        }

        return $this->container->get('templating')->renderResponse('FOSUserBundle:Profile:show.html.'.$this->container->getParameter('fos_user.template.engine'), array('user' => $user));
    }


    /**
     * Show the user
     */
    public function showAction($username)
    {
        $user = $this->container->get('security.context')->getToken()->getUser();

$user = $this->findUserBy('username', $username);

if (!is_object($user) || !$user instanceof UserInterface) {
            throw new AccessDeniedException('This user does not have access to this section.');
        }

        return $this->container->get('templating')->renderResponse('FOSUserBundle:Profile:show.html.'.$this->container->getParameter('fos_user.template.engine'), array('user' => $user));
    }

Edited by Mr.XXIV, 04 January 2013 - 03:07.