Merge branch '2.7' into 2.8

book/doctrine.rst

@@ -534,10 +534,10 @@ Take a look at the previous example in more detail:
   responsible for handling the process of persisting and fetching objects
   to and from the database.
 
-* **line 16** The ``persist()`` method tells Doctrine to "manage" the ``$product``
+* **line 17** The ``persist()`` method tells Doctrine to "manage" the ``$product``
   object. This does not actually cause a query to be made to the database (yet).
 
-* **line 17** When the ``flush()`` method is called, Doctrine looks through
+* **line 18** When the ``flush()`` method is called, Doctrine looks through
   all of the objects that it's managing to see if they need to be persisted
   to the database. In this example, the ``$product`` object has not been
   persisted yet, so the entity manager executes an ``INSERT`` query and a

book/routing.rst

@@ -1473,25 +1473,14 @@ route. With this information, any URL can easily be generated::
 
 .. note::
 
-    In controllers that don't extend Symfony's base
-    :class:`Symfony\\Bundle\\FrameworkBundle\\Controller\\Controller`,
-    you can use the ``router`` service's
-    :method:`Symfony\\Component\\Routing\\Router::generate` method::
+    The ``generateUrl()`` method defined in the base
+    :class:`Symfony\\Bundle\\FrameworkBundle\\Controller\\Controller` class is
+    just a shortcut for this code::
 
-        use Symfony\Component\DependencyInjection\ContainerAware;
-
-        class MainController extends ContainerAware
-        {
-            public function showAction($slug)
-            {
-                // ...
-
-                $url = $this->container->get('router')->generate(
-                    'blog_show',
-                    array('slug' => 'my-blog-post')
-                );
-            }
-        }
+        $url = $this->container->get('router')->generate(
+            'blog_show',
+            array('slug' => 'my-blog-post')
+        );
 
 In an upcoming section, you'll learn how to generate URLs from inside templates.
 

book/service_container.rst

@@ -276,10 +276,10 @@ The service container is built using a single configuration resource
 be imported from inside this file in one way or another. This gives you absolute
 flexibility over the services in your application.
 
-External service configuration can be imported in two different ways. The first 
-method, commonly used to import container configuration from the bundles you've 
-created - is via the ``imports`` directive. The second method, although slightly more 
-complex offers more flexibility and is commonly used to import third-party bundle 
+External service configuration can be imported in two different ways. The first
+method, commonly used to import container configuration from the bundles you've
+created - is via the ``imports`` directive. The second method, although slightly more
+complex offers more flexibility and is commonly used to import third-party bundle
 configuration. Read on to learn more about both methods.
 
 .. index::
@@ -1104,13 +1104,15 @@ to be used for a specific purpose. Take the following example:
             xsi:schemaLocation="http://symfony.com/schema/dic/services
                 http://symfony.com/schema/dic/services/services-1.0.xsd">
 
-            <service
-                id="foo.twig.extension"
-                class="Acme\HelloBundle\Extension\FooExtension"
-                public="false">
+            <services>
+                <service
+                    id="foo.twig.extension"
+                    class="Acme\HelloBundle\Extension\FooExtension"
+                    public="false">
 
-                <tag name="twig.extension" />
-            </service>
+                    <tag name="twig.extension" />
+                </service>
+            </services>
         </container>
 
     .. code-block:: php

book/templating.rst

@@ -1098,7 +1098,7 @@ if you are using Twig (or the third argument if you are using PHP) to ``true``:
 
     .. code-block:: html+jinja
 
-        <img src="{{ asset('images/logo.png', absolute=true) }}" alt="Symfony!" />
+        <img src="{{ absolute_url(asset('images/logo.png')) }}" alt="Symfony!" />
 
     .. code-block:: html+php
 

components/console/helpers/debug_formatter.rst

@@ -117,7 +117,7 @@ Stopping a Program
 ------------------
 
 When a program is stopped, you can use
-:method:`Symfony\\Component\\Console\\Helper\\DebugFormatterHelper::run` to
+:method:`Symfony\\Component\\Console\\Helper\\DebugFormatterHelper::stop` to
 notify this to the users::
 
     // ...

components/console/helpers/table.rst

@@ -143,3 +143,94 @@ Here is a full list of things you can customize:
         $table->setStyle('colorful');
 
     This method can also be used to override a built-in style.
+
+Spanning Multiple Columns and Rows
+----------------------------------
+
+.. versionadded:: 2.7
+    Spanning multiple columns and rows was introduced in Symfony 2.7.
+
+To make a table cell that spans multiple columns you can use a :class:`Symfony\\Component\\Console\\Helper\\TableCell`::
+
+    use Symfony\Component\Console\Helper\Table;
+    use Symfony\Component\Console\Helper\TableSeparator;
+    use Symfony\Component\Console\Helper\TableCell;
+
+    $table = new Table($output);
+    $table
+        ->setHeaders(array('ISBN', 'Title', 'Author'))
+        ->setRows(array(
+            array('99921-58-10-7', 'Divine Comedy', 'Dante Alighieri'),
+            new TableSeparator(),
+            array(new TableCell('This value spans 3 columns.', array('colspan' => 3))),
+        ))
+    ;
+    $table->render();
+
+This results in:
+
+.. code-block:: text
+
+    +---------------+---------------+-----------------+
+    | ISBN          | Title         | Author          |
+    +---------------+---------------+-----------------+
+    | 99921-58-10-7 | Divine Comedy | Dante Alighieri |
+    +---------------+---------------+-----------------+
+    | This value spans 3 columns.                     |
+    +---------------+---------------+-----------------+
+
+.. tip::
+
+    You can create a multiple-line page title using a header cell that spans
+    the enire table width::
+
+        $table->setHeaders(array(
+            array(new TableCell('Main table title', array('colspan' => 3))),
+            array('ISBN', 'Title', 'Author'),
+        ))
+        // ...
+
+    This generates:
+
+    .. code-block:: text
+
+        +-------+-------+--------+
+        | Main table title       |
+        +-------+-------+--------+
+        | ISBN  | Title | Author |
+        +-------+-------+--------+
+        | ...                    |
+        +-------+-------+--------+
+
+In a similar way you can span multiple rows::
+
+    use Symfony\Component\Console\Helper\Table;
+    use Symfony\Component\Console\Helper\TableCell;
+
+    $table = new Table($output);
+    $table
+        ->setHeaders(array('ISBN', 'Title', 'Author'))
+        ->setRows(array(
+            array(
+                '978-0521567817',
+                'De Monarchia',
+                new TableCell("Dante Alighieri\nspans multiple rows", array('rowspan' => 2)),
+            ),
+            array('978-0804169127', 'Divine Comedy'),
+        ))
+    ;
+    $table->render();
+
+This outputs:
+
+.. code-block:: text
+
+    +----------------+---------------+---------------------+
+    | ISBN           | Title         | Author              |
+    +----------------+---------------+---------------------+
+    | 978-0521567817 | De Monarchia  | Dante Alighieri     |
+    | 978-0804169127 | Divine Comedy | spans multiple rows |
+    +----------------+---------------+---------------------+
+
+You can use the ``colspan`` and ``rowspan`` options at the same time which allows
+you to create any table layout you may wish.

contributing/code/security.rst

@@ -103,6 +103,8 @@ Security Advisories
 This section indexes security vulnerabilities that were fixed in Symfony
 releases, starting from Symfony 1.0.0:
 
+* November 23, 2015: `CVE-2015-8125: Potential Remote Timing Attack Vulnerability in Security Remember-Me Service <http://symfony.com/blog/cve-2015-8125-potential-remote-timing-attack-vulnerability-in-security-remember-me-service>`_ (2.3.35, 2.6.12 and 2.7.7)
+* November 23, 2015: `CVE-2015-8124: Session Fixation in the "Remember Me" Login Feature <http://symfony.com/blog/cve-2015-8124-session-fixation-in-the-remember-me-login-feature>`_ (2.3.35, 2.6.12 and 2.7.7)
 * May 26, 2015: `CVE-2015-4050: ESI unauthorized access <https://symfony.com/blog/cve-2015-4050-esi-unauthorized-access>`_ (Symfony 2.3.29, 2.5.12 and 2.6.8)
 * April 1, 2015: `CVE-2015-2309: Unsafe methods in the Request class <https://symfony.com/blog/cve-2015-2309-unsafe-methods-in-the-request-class>`_ (Symfony 2.3.27, 2.5.11 and 2.6.6)
 * April 1, 2015: `CVE-2015-2308: Esi Code Injection <https://symfony.com/blog/cve-2015-2308-esi-code-injection>`_ (Symfony 2.3.27, 2.5.11 and 2.6.6)

cookbook/configuration/override_dir_structure.rst

@@ -176,8 +176,7 @@ The change in the ``composer.json`` will look like this:
         ...
     }
 
-In ``app/autoload.php``, you need to modify the path leading to the
-``vendor/autoload.php`` file::
+Then, update the path to the ``autoload.php`` file in ``app/autoload.php``::
 
     // app/autoload.php
     // ...

cookbook/doctrine/event_listeners_subscribers.rst

@@ -135,12 +135,14 @@ a ``postPersist`` method, which will be called when the event is dispatched::
         public function postPersist(LifecycleEventArgs $args)
         {
             $entity = $args->getEntity();
-            $entityManager = $args->getEntityManager();
 
-            // perhaps you only want to act on some "Product" entity
-            if ($entity instanceof Product) {
-                // ... do something with the Product
+            // only act on some "Product" entity
+            if (!$entity instanceof Product) {
+                return;
             }
+
+            $entityManager = $args->getEntityManager();
+            // ... do something with the Product
         }
     }
 
@@ -197,10 +199,10 @@ interface and have an event method for each event it subscribes to::
         public function index(LifecycleEventArgs $args)
         {
             $entity = $args->getEntity();
-            $entityManager = $args->getEntityManager();
 
             // perhaps you only want to act on some "Product" entity
             if ($entity instanceof Product) {
+                $entityManager = $args->getEntityManager();
                 // ... do something with the Product
             }
         }

cookbook/form/dynamic_form_modification.rst

@@ -411,25 +411,26 @@ it with :ref:`dic-tags-form-type`.
             array('security.token_storage')
         );
 
-If you wish to create it from within a controller or any other service that has
-access to the form factory, you then use::
+If you wish to create it from within a service that has access to the form factory,
+you then use::
 
-    use Symfony\Component\DependencyInjection\ContainerAware;
+    $form = $formFactory->create('friend_message');
 
-    class FriendMessageController extends ContainerAware
+In a controller that extends the :class:`Symfony\\Bundle\\FrameworkBundle\\Controller\\Controller`
+class, you can simply call::
+
+    use Symfony\Bundle\FrameworkBundle\Controller\Controller;
+
+    class FriendMessageController extends Controller
     {
         public function newAction(Request $request)
         {
-            $form = $this->get('form.factory')->create('friend_message');
+            $form = $this->createForm('friend_message');
 
             // ...
         }
     }
 
-If you extend the ``Symfony\Bundle\FrameworkBundle\Controller\Controller`` class, you can simply call::
-
-    $form = $this->createForm('friend_message');
-
 You can also easily embed the form type into another form::
 
     // inside some other "form type" class

cookbook/security/form_login_setup.rst

@@ -12,10 +12,6 @@ In this entry, you'll build a traditional login form. Of course, when the
 user logs in, you can load your users from anywhere - like the database.
 See :ref:`security-user-providers` for details.
 
-This chapter assumes that you've followed the beginning of the
-:doc:`security chapter </book/security>` and have ``http_basic`` authentication
-working properly.
-
 First, enable form login under your firewall:
 
 .. configuration-block::
@@ -29,7 +25,6 @@ First, enable form login under your firewall:
             firewalls:
                 default:
                     anonymous: ~
-                    http_basic: ~
                     form_login:
                         login_path: /login
                         check_path: /login_check
@@ -47,7 +42,6 @@ First, enable form login under your firewall:
             <config>
                 <firewall name="default">
                     <anonymous />
-                    <http-basic />
                     <form-login login-path="/login" check-path="/login_check" />
                 </firewall>
             </config>
@@ -60,7 +54,6 @@ First, enable form login under your firewall:
             'firewalls' => array(
                 'default' => array(
                     'anonymous'  => null,
-                    'http_basic' => null,
                     'form_login' => array(
                         'login_path' => '/login',
                         'check_path' => '/login_check',

create_framework/dependency-injection.rst

@@ -132,7 +132,7 @@ them. Objects will be created on-demand when you access them from the
 container or when the container needs them to create other objects.
 
 For instance, to create the router listener, we tell Symfony that its class
-name is ``Symfony\Component\HttpKernel\EventListener\RouterListener``, and
+name is ``Symfony\Component\HttpKernel\EventListener\RouterListener`` and
 that its constructor takes a matcher object (``new Reference('matcher')``). As
 you can see, each object is referenced by a name, a string that uniquely
 identifies each object. The name allows us to get an object and to reference

create_framework/event-dispatcher.rst

@@ -154,7 +154,7 @@ event (``response``); the event name must be the same as the one used in the
 ``dispatch()`` call.
 
 In the listener, we add the Google Analytics code only if the response is not
-a redirection, if the requested format is HTML, and if the response content
+a redirection, if the requested format is HTML and if the response content
 type is HTML (these conditions demonstrate the ease of manipulating the
 Request and Response data from your code).
 

create_framework/front-controller.rst

@@ -57,7 +57,7 @@ And for the "Goodbye" page::
 
 We have indeed moved most of the shared code into a central place, but it does
 not feel like a good abstraction, does it? We still have the ``send()`` method
-for all pages, our pages do not look like templates, and we are still not able
+for all pages, our pages do not look like templates and we are still not able
 to test this code properly.
 
 Moreover, adding a new page means that we need to create a new PHP script,
@@ -159,7 +159,7 @@ web root directory:
 Now, configure your web server root directory to point to ``web/`` and all
 other files won't be accessible from the client anymore.
 
-To test your changes in a browser (``http://localhost:4321/?name=Fabien``), run
+To test your changes in a browser (``http://localhost:4321/hello/?name=Fabien``), run
 the PHP built-in server:
 
 .. code-block:: bash

create_framework/http-foundation.rst

@@ -299,7 +299,7 @@ the wheel.
 I've almost forgot to talk about one added benefit: using the HttpFoundation
 component is the start of better interoperability between all frameworks and
 applications using it (like `Symfony`_, `Drupal 8`_, `phpBB 4`_, `ezPublish
-5`_, `Laravel`_, `Silex`_, and `more`_).
+5`_, `Laravel`_, `Silex`_ and `more`_).
 
 .. _`Twig`: http://twig.sensiolabs.org/
 .. _`HTTP specification`: http://tools.ietf.org/wg/httpbis/

create_framework/http-kernel-httpkernel-class.rst

@@ -11,7 +11,7 @@ There should be an easier way, right?
 
 Enter the ``HttpKernel`` class. Instead of solving the same problem over and
 over again and instead of reinventing the wheel each time, the ``HttpKernel``
-class is a generic, extensible, and flexible implementation of
+class is a generic, extensible and flexible implementation of
 ``HttpKernelInterface``.
 
 This class is very similar to the framework class we have written so far: it

create_framework/routing.rst

@@ -82,7 +82,7 @@ of default values for route attributes (``array('name' => 'World')``).
     :doc:`Routing component documentation </components/routing/introduction>` to
     learn more about its many features like URL generation, attribute
     requirements, HTTP method enforcements, loaders for YAML or XML files,
-    dumpers to PHP or Apache rewrite rules for enhanced performance, and much
+    dumpers to PHP or Apache rewrite rules for enhanced performance and much
     more.
 
 Based on the information stored in the ``RouteCollection`` instance, a

create_framework/separation-of-concerns.rst

@@ -8,7 +8,7 @@ class. It would bring us better *reusability* and easier testing to name just
 a few benefits.
 
 If you have a closer look at the code, ``front.php`` has one input, the
-Request, and one output, the Response. Our framework class will follow this
+Request and one output, the Response. Our framework class will follow this
 simple principle: the logic is about creating the Response associated with a
 Request.
 

create_framework/templating.rst

@@ -50,7 +50,7 @@ rendered::
 
 As ``render_template`` is used as an argument to the PHP ``call_user_func()``
 function, we can replace it with any valid PHP `callbacks`_. This allows us to
-use a function, an anonymous function, or a method of a class as a
+use a function, an anonymous function or a method of a class as a
 controller... your choice.
 
 As a convention, for each route, the associated controller is configured via