Look at Symfony\Component\Templating\Helper\SlotsHelper::output method
...
echo $this->slots[$name];
return true;
...
so, use the
$view['slots']->output('body')
instead
echo $view['slots']->output('body')
2011/4/21 Arief M Utama <arief.ut...@gmail.com>
> Hi all,
>
>
> I'm resending this again to symfony-users, just realized that symfony-devs
> is moderated.
>
> First, I've to say I'm amazed by Symfony2 framework. I'm a symfony
> user/developer since symfony1.0, so I know a little about bits and pieces
> about symfony, but I still think that Symfony2 looks like a better and very
> promising framework.
>
> Now, I'm having this bug in the Symfony2 framework if I choose to use php
> as the templating engine.
>
> I was following the code in the simple "Hello World" introduction using
> PR11 release. I created a new "Study" bundle following the code in the book.
> And replace the templates with ".php" instead of ".twig"
>
> The thing is the final render() calls always add and extra character,
> which is digit "1".
>
> So when I tried to call:
>
> app.php/hello/Arief
>
> What will came up in the page is:
>
> "Hello, Arief! 1"
>
> instead of just:
>
> "Hello, Arief!"
>
> Investigating this issue, I noticed that in file:
>
> Symfony/Component/Templating/PhpEngine.php
>
> The extra "1" char is added when the base template (base.html.php) was
> filled in by the content of the hello template
> (HelloBundle:Default:index.html.php)
>
> At the hello template stage, there is no extra "1" char in the content, but
> when the base template evaluated, the char appeared in the content.
>
> I think this has something to do with the function evaluate() in that
> PhpEngine.php file, there is this "extract($parameters)" code before the
> template is required. I believe, somehow one of the extracted parameters
> generated this digit "1" character, I'm not sure which one, or how it
> happened, yet.
>
> I'd very much appreciate if anyone can help explain why is that happened
> and how to fixed it. If more info is required from me, I'll be happy to
> provide em. I was trying to attch my base.html.php and index.html.php but
> somehow my mail cant get thru with em.
>
> Btw, when I tried to var_dump() the $parameters passed in the evaluate()
> function, I was a bit surprised cause it contains every parameters that
> Symfony has access to. There is also database connection details in that
> variable.
>
> I'm not a security expert, so I could be wrong about this, but I think
> there might be security flaw here, if an attacker could somehow trick the
> application to var_dump the $parameters variable everything will be exposed.
>
> To be a bit paranoid, may I suggest we create 2 parameters variables, one
> that can safely be passed around everywhere, and another with some sort of
> security perimeters. Please CMIIW on this one.
>
> Thank you for the great framework.
>
>
> All the best.
> -arief
>
> --
> If you want to report a vulnerability issue on symfony, please send it to
> security at symfony-project.com
>
> You received this message because you are subscribed to the Google
> Groups "symfony users" group.
> To post to this group, send email to symfony-users@googlegroups.com
> To unsubscribe from this group, send email to
> symfony-users+unsubscr...@googlegroups.com
> For more options, visit this group at
> http://groups.google.com/group/symfony-users?hl=en
>
--
If you want to report a vulnerability issue on symfony, please send it to
security at symfony-project.com
You received this message because you are subscribed to the Google
Groups "symfony users" group.
To post to this group, send email to symfony-users@googlegroups.com
To unsubscribe from this group, send email to
symfony-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/symfony-users?hl=en
