Phalcon 2.0.4 release
As part of the schedule of our three-weekly minor releases, we are pleased to announce that Phalcon 2.0.4 has been released!
The number of improvements and fixes has increased significantly compared with other releases of 2.0.x:
Prior to this version, only standard placeholders (strings and numbers ) were supported in PHQL . They allowed to bind parameters to avoid SQL injections:
However, some DBMS require additional actions when using placeholders, such as specifying the type:
')
To facilitate this task, Phalcon 2.0.4 introduces typed placeholders that work exactly as before, but with the ability to specify the type:
You can also omit the type indication if you do not need:
Typed placeholders are also more functional, since now we can bind a static array without having to pass each element separately as a placeholder:
The following types are available:
By default, parameters associated with placeholders did not support type indications, but now it is possible to check the types of parameters before starting work with PDO.
The classic situation when a problem arises is to transfer the string to the
This code will throw the following exception:
This is because 100 is a string variable. Easy to fix, you just need to cast the type to int:
However, this solution requires the developer to pay special attention to working with types. To make the task easier and avoid unexpected exceptions, you can get Phalcon to do this work for you:
The following actions are performed according to the binding of the specified type:
The values returned from the system database are always transferred as string values by the PDO, regardless of whether the value belongs to a numeric or logical data type of a column. This is because some column types cannot be represented using native PHP types due to their size limit.
For example, a value of type
However, some developers may find this unexpected and inconvenient. With Phalcon 2.0.4, you can configure ORM to automatically cast types to the appropriate PHP primitives, provided that it is safe:
Thus, you can use strict comparison operators or make assumptions about the type of variables:
With 2.0.4, you can create relationships based on conditional statements. Phalcon will take care of the rest :)
This version can be installed from the master branch. If you have not installed Zephir, run the following commands:
If you already have Zephir installed:
Please note that when you run the installation script will replace the already installed version of Phalcon.
Windows DLLs are available on the download page .
See the upgrade guide if you want to upgrade to Phalcon 2.0.x from 1.3.x.
The number of improvements and fixes has increased significantly compared with other releases of 2.0.x:
Changes
- Fixed a bug in
Phalcon\Mvc\Model::update()erroneouslyPhalcon\Mvc\Model::update()an exception when a record really exists - Now links in
Phalcon\Debugpoint to https://api.phalconphp.com instead of http://docs.phalconphp.com - Implemented a universal way of assigning variables in Volt, allowing you to assign variables and arrays of indices
- Improved macros in Volt through the use of anonymous functions that allow you to bind object adapter and DI services together
- Fixed generation and validation of standard parameters in Volt macros
- Added
Phalcon\Assets\Manager::getCollections()method that returns all registered collections # 2488 - Now
Phalcon\Mvc\Url::getStatic()generates URLs from routing - Added
Phalcon\Mvc\EntityInterfacefor general abstraction overPhalcon\Mvc\ModelandPhalcon\Mvc\Collection. This interface supportsMvc\Model\Validatorsfor use inMvc\Collection - Added
Phalcon\Session\Adapter::setName()method to change session name - Added support for
BIGINTcolumn inPhalcon\Db - Added new types of
Phalcon\Db\Column::BLOBandPhalcon\Db\Column::DOUBLE# 10506 - Automatic binding of Large Object data (LOB) in ORM
- Support for MySQL type
BITwith binding as aboolean - Added method
Phalcon\Flash\Direct::output()allows you to place flash-messages in a specific place of the template # 629 - Added
autoescapeoption that allows you to turn on autoescape at a global level in any Volt template - Added
readAttribute/writeAttributetoPhalcon\Mvc\Collection\Document - Added
toArrayinPhalcon\Mvc\Collection\Document - The global parameter
db.force_castingnow allows you to force the cast of specified types - A new syntax has been introduced in PHQL, allowing you to set the type:
{name:str}or{names:array} - Now you can work with arrays as parameters in PHQL
- The global parameter
orm.cast_on_hydrateallowsorm.cast_on_hydrateto give attributes with original types from the mapped table instead of using strings - Values in
LIMIT/OFFSETnow possible to add via the attached parameters to PHQL - Support for late static linking in Simple / Complex results for redefining
Mvc\Model::cloneResultMap - Added
distinct()method inPhalcon\Mvc\Model\Criteria# 10536 - Added global parameter
orm.ignore_unknown_columnsto ignore unrecorded columns in ORM. This removes the extra auxiliary columns used inDb\Adapter\Pdo\Oracle - Added support for
afterFetchinMvc\Collection - Added the
beforeMatchparameter to the@Routeannotation fromMvc\Router\Annotations - Added
groupBy/getGroupBy/having/getHavingtoMvc\Model\Criteria Phalcon\Mvc\Model::count()now returns a value of type int- Removed
__constructfromPhalcon\Mvc\View\EngineInterface - Added
Phalcon\Debug\Dump::toJson()method to return the value as JSON with variable information - Instances in
Phalcon\Diare built using internal optimizers instead of\ReflectionClass(PHP 5.6) - Added
Phalcon\Mvc\Model\Validator\IPfromphalcon/incubator - Added
defaultValuereturn parameter toPhalcon\Mvc\Model\Validator::getOption() - Now developers can define relationships using conditional statements.
Highlights
Typed placeholders in ORM
Prior to this version, only standard placeholders (strings and numbers ) were supported in PHQL . They allowed to bind parameters to avoid SQL injections:
$phql = "SELECT * FROM Store\Robots WHERE id > :id:"; $robots = $this->modelsManager->executeQuery($phql, ['id' => 100]); However, some DBMS require additional actions when using placeholders, such as specifying the type:
')
use Phalcon\Db\Column; // ... $phql = "SELECT * FROM Store\Robots LIMIT :number:"; $robots = $this->modelsManager->executeQuery( $phql, ['number' => 10], Column::BIND_PARAM_INT ); To facilitate this task, Phalcon 2.0.4 introduces typed placeholders that work exactly as before, but with the ability to specify the type:
$phql = "SELECT * FROM Store\Robots LIMIT {number:int}"; $robots = $this->modelsManager->executeQuery( $phql, ['number' => 10] ); $phql = "SELECT * FROM Store\Robots WHERE name <> {name:str}"; $robots = $this->modelsManager->executeQuery( $phql, ['name' => $name] ); You can also omit the type indication if you do not need:
$phql = "SELECT * FROM Store\Robots WHERE name <> {name}"; $robots = $this->modelsManager->executeQuery( $phql, ['name' => $name] ); Typed placeholders are also more functional, since now we can bind a static array without having to pass each element separately as a placeholder:
$phql = "SELECT * FROM Store\Robots WHERE id IN ({ids:array})"; $robots = $this->modelsManager->executeQuery( $phql, ['ids' => [1, 2, 3, 4]] ); The following types are available:
| Type of | Type constant | Example |
|---|---|---|
| str | Column::BIND_PARAM_STR | {name:str} |
| int | Column::BIND_PARAM_INT | {number:int} |
| double | Column::BIND_PARAM_DECIMAL | {price:double} |
| bool | Column::BIND_PARAM_BOOL | {enabled:bool} |
| blob | Column::BIND_PARAM_BLOB | {image:blob} |
| null | Column::BIND_PARAM_NULL | {exists:null} |
| array | Array of Column::BIND_PARAM_STR | {codes:array} |
| array-str | Array of Column::BIND_PARAM_STR | {names:array} |
| array-int | Array of Column::BIND_PARAM_INT | {flags:array} |
Validation of bound parameters
By default, parameters associated with placeholders did not support type indications, but now it is possible to check the types of parameters before starting work with PDO.
The classic situation when a problem arises is to transfer the string to the
LIMIT / OFFSET placeholder: $number = '100'; $robots = $modelsManager->executeQuery( 'SELECT * FROM Some\Robots LIMIT {number:int}', ['number' => $number] ); This code will throw the following exception:
Fatal error: Uncaught exception 'PDOException' with message 'SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''100'' at line 1' in /Users/scott/demo.php:78 This is because 100 is a string variable. Easy to fix, you just need to cast the type to int:
$number = '100'; $robots = $modelsManager->executeQuery( 'SELECT * FROM Some\Robots LIMIT {number:int}', ['number' => (int) $number] ); However, this solution requires the developer to pay special attention to working with types. To make the task easier and avoid unexpected exceptions, you can get Phalcon to do this work for you:
\Phalcon\Db::setup(['forceCasting' => true]); The following actions are performed according to the binding of the specified type:
| Type of | Act |
|---|---|
Column::BIND_PARAM_STR | Sends the value as a native type PHP string |
Column::BIND_PARAM_INT | Pass value as native php integer type |
Column::BIND_PARAM_BOOL | Pass value as native php type boolean |
Column::BIND_PARAM_DECIMAL | Sends value as native PHP type double |
Type casting from PDO values
The values returned from the system database are always transferred as string values by the PDO, regardless of whether the value belongs to a numeric or logical data type of a column. This is because some column types cannot be represented using native PHP types due to their size limit.
For example, a value of type
BIGINT in MySQL can store large integers that cannot be represented as a 32-bit integer in PHP. Because of this, PDO and ORM defaults to a secure solution and leave all values as strings.However, some developers may find this unexpected and inconvenient. With Phalcon 2.0.4, you can configure ORM to automatically cast types to the appropriate PHP primitives, provided that it is safe:
\Phalcon\Mvc\Model::setup(['castOnHydrate' => true]); Thus, you can use strict comparison operators or make assumptions about the type of variables:
$robot = Robots::findFirst(); if ($robot->id === 11) { echo $robot->name; } Links to conditional operators
With 2.0.4, you can create relationships based on conditional statements. Phalcon will take care of the rest :)
// Companies have invoices issued to them (paid/unpaid) // Invoices model class Invoices extends Phalcon\Mvc\Model { public function getSource() { return 'invoices'; } } // Companies model class Companies extends Phalcon\Mvc\Model { public function getSource() { return 'companies'; } public function initialize() { // All invoices relationship $this->hasMany( 'id', 'Invoices', 'inv_id', [ 'alias' => 'invoices', 'reusable' => true, ] ); // Paid invoices relationship $this->hasMany( 'id', 'Invoices', 'inv_id', [ 'alias' => 'invoicesPaid', 'reusable' => true, 'params' => [ 'conditions' => "inv_status = 'paid'" ] ] ); // Unpaid invoices relationship $this->hasMany( 'id', 'Invoices', 'inv_id', [ 'alias' => 'invoicesUnpaid', 'reusable' => true, 'params' => [ 'conditions' => "inv_status <> 'paid'" ] ] ); } } Update / Install
This version can be installed from the master branch. If you have not installed Zephir, run the following commands:
git clone http://github.com/phalcon/cphalcon git checkout master cd ext sudo ./install If you already have Zephir installed:
git clone http://github.com/phalcon/cphalcon git checkout master zephir fullclean zephir build Please note that when you run the installation script will replace the already installed version of Phalcon.
Windows DLLs are available on the download page .
See the upgrade guide if you want to upgrade to Phalcon 2.0.x from 1.3.x.
- Documentation
- API (Thanks gsouf )
Source: https://habr.com/ru/post/262007/
All Articles