Logs for #cakephp

Page 8 of 36,247, showing 100 records out of 3,624,625 total, starting on record 701, ending on 800

# At Username Text
# Aug 15th, 14:57 neon1024 There was me lookin the Application.php and the Princess was in the other castle :face_palm:
# Aug 15th, 14:57 ndm :upside_down_face:
# Aug 15th, 14:56 neon1024 ..and they say Cake is full of Magic!
# Aug 15th, 14:56 neon1024 Surprise middleware
# Aug 15th, 14:56 neon1024 Ah it’s in routes, and not in Application with the other Middleware!
# Aug 15th, 14:55 ndm It doesn't... it couldn't if it wanted to, as the middleware has already run when the controller layer is reached. Look into your routes.
# Aug 15th, 14:55 neon1024 I’ve cleared my app cache too!
# Aug 15th, 14:55 slackebot <neon1024>
# Aug 15th, 14:55 slackebot <neon1024>
# Aug 15th, 14:54 neon1024 It seems that the SecurityComponent adds the CsrfMiddleware for you
# Aug 15th, 14:54 ndm No, `FormHelper::secure()` generates the security component token `_Token`. The CSRF token is unrelated.
# Aug 15th, 14:53 neon1024 I’ll continue to dig around and see what happens :slightly_smiling_face:
# Aug 15th, 14:53 neon1024 So that’s progress on where I was
# Aug 15th, 14:53 neon1024 Submitting that as the `_Token[fields]` just gives a Csrf mismatch exception
# Aug 15th, 14:53 neon1024 So FormHelper::secure() generates the token into the hidden input `_csrfToken`
# Aug 15th, 14:51 ndm I was more pointing to the `getParam()` example ;)
# Aug 15th, 14:50 neon1024 Which is why I feel so lost
# Aug 15th, 14:50 neon1024 This is all just SecurityComponent
# Aug 15th, 14:50 neon1024 ..and I don’t have that setup either
# Aug 15th, 14:50 martin hmm csrfcompontent had cookies that were readable by javascript I believe :P
# Aug 15th, 14:50 neon1024 Which says to use the Middleware
# Aug 15th, 14:50 ndm @neon1024 https://book.cakephp.org/3.0/en/controllers/components/csrf.html#using-the-csrfcomponent ;)
# Aug 15th, 14:49 neon1024 ..and I don’t have the Csrf middleware
# Aug 15th, 14:49 neon1024 I wasn’t using Javascript to read the cookie
# Aug 15th, 14:49 martin you need to turn it on by the middleware
# Aug 15th, 14:49 martin by default the cookie of crsf is not readable by javascript
# Aug 15th, 14:49 neon1024 ..but that doesn’t work, so yeah, I’ll give it a try, thanks!
# Aug 15th, 14:48 neon1024 @ndm The documentation said to use the cookie
# Aug 15th, 14:48 ndm On the first request there would be no cookie
# Aug 15th, 14:48 ndm @neon1024 Also you should better read the CSRF token from the request parameters, like `$this->getRequest->getParam('_csrfToken')`
# Aug 15th, 14:46 martin @ndm / @ricksaccous problem is that most of tables that I use (old ones) are in Europe/Amsterdam, but this database uses in UTC so wanted to set the single database to utc :P
# Aug 15th, 14:45 ndm `_Token[fields]` still wrong... or copy pasta error
# Aug 15th, 14:45 neon1024 ..because `[]` !== `''` ?
# Aug 15th, 14:44 slackebot <neon1024>
# Aug 15th, 14:44 neon1024 Yep, I’ve done that
# Aug 15th, 14:43 ndm @neon1024 See `\Cake\View\Helper\FormHelper::secure()` also.
# Aug 15th, 14:43 martin @ndm ok, will try that
# Aug 15th, 14:42 ndm @neon1024 You're probably not sending the `X-CSRF-Token` header... and the security token is invalid because a) `fields` is supposed to be a hash (see `\Cake\Utility\Security\SecureFieldTokenTrait::_buildFieldToken()`, and `debug` should be an array where the first element is the current URL, the second element an array of fields, and the third element an array of unlocked fields.
# Aug 15th, 14:39 neon1024 If it takes more than 30 minutes to setup, then it’s not worth using
# Aug 15th, 14:39 neon1024 Although, I’ll be honest, I am close to removing both of them to solve the problem.
# Aug 15th, 14:38 neon1024 I added the CsrfProtectionMiddleware and now I can’t login to my application due to `CSRF token mismatch. Cake\Http\Exception\InvalidCsrfTokenException` so I’m just working to try and find out why that is. Then I can go back to figuring out why my `_Token` used by SecurityComponent is causing a 400 Bad Request on my Ajax :slightly_smiling_face:
# Aug 15th, 14:36 neon1024 I’ve worked myself into a circle here, and totally lost the plot. Sorry @ndm
# Aug 15th, 14:35 ndm @neon1024 The debug token contains for example the fields in plain text, it's used by the security component to figure the cause for a token mismatch, so that it can tell you what exactly the problem is.
# Aug 15th, 14:33 neon1024 This is a nightmare!
# Aug 15th, 14:33 neon1024 Turning on the Csrf Middlware means I can’t even login!
# Aug 15th, 14:25 neon1024 I wish the SecurityComponent was easy to use ,:(
# Aug 15th, 14:25 ndm @martin Timezone conversion on read is coming in 4.x, you can backport the code to a custom type if you need it. Personally I'd go full UTC as mentioned by @ricksaccous, that makes avoiding pitfalls a lot easier.
# Aug 15th, 14:17 neon1024 Well at least now I’m getting a 400 Bad Request
# Aug 15th, 14:08 slackebot <neon1024>
# Aug 15th, 14:07 neon1024 Anyone know what the `_Token[debug]` is supposed to be?
# Aug 15th, 14:06 ricksaccous but i know that's the general idea
# Aug 15th, 14:05 ricksaccous I'm actually not sure of the "right" way to do it, heh
# Aug 15th, 14:05 ricksaccous and when you want to display the time to users you do a bit of handling however you see fit to display it in their timezone
# Aug 15th, 14:04 ricksaccous @martin generally you set your default timezone to UTC so it will be set to UTC in db
# Aug 15th, 14:02 neon1024 What a pain in the ass :(
# Aug 15th, 13:57 martin I see in the “toDatabase” function in type something happens with the timezone. But with in the toPhp noting happens?
# Aug 15th, 13:55 martin I’ve my default timezone to Europe/Amsterdam, I’ve added ‘timezone’ => ‘UTC’ to my database config, But when I read am item from database the timezone is of the time is Europe/Amsterdam. so it will not be converted to the Amsterdam time. Do I something wrong?
# Aug 15th, 13:53 neon1024 Perhaps I’ll add it once I learn how to do that
# Aug 15th, 13:53 neon1024 All it needs is a link with ‘Find out how to generate a token to send as a header’
# Aug 15th, 13:52 slackebot <neothermic>
# Aug 15th, 13:51 slackebot <neon1024>
# Aug 15th, 13:51 neothermic (very dry sarcasm)
# Aug 15th, 13:51 neothermic @neon1024 https://github.com/cakephp/docs/blob/3.0/en/controllers/components/csrf.rst ;)
# Aug 15th, 13:44 neon1024 No code examples, links or forward user journey ,:(
# Aug 15th, 13:44 neon1024 Top docs here! https://book.cakephp.org/3.0/en/controllers/components/csrf.html#csrf-protection-and-ajax-requests
# Aug 15th, 13:38 maymeow in pm because its long :)
# Aug 15th, 13:34 ricksaccous can you show me the dump of post before it's saved?
# Aug 15th, 13:34 maymeow ``` public function add() { $user = $this->Users->newEntity(); if ($this->request->is('post')) { $user = $this->Users->patchEntity($user, $this->request->getData()); if ($this->Users->save($user)) { $this->Flash->success(__('The user has been saved.')); return $this->redirect(['controller' => 'addresses', 'action' => 'index']); }
# Aug 15th, 13:34 slackebot $this->Flash->error(__('The user could not be saved. Please, try again.')); } $roles = $this->Users->Roles->find('list', ['limit' => 200]); $this->set(compact('user', 'roles')); } ``` this function is saving model with association. In request data are field for user and address information for it... :slightly_smiling_face: So its standard and there is no problem but for update?....
# Aug 15th, 13:29 ricksaccous interesting
# Aug 15th, 13:26 maymeow @ricksaccous i tried in dd() and field in_folder is dirty
# Aug 15th, 13:21 ricksaccous you should prob make sure that post_metadata is marked as dirty @maymeow
# Aug 15th, 13:20 greenmanspirit Hello, I am trying to find a way to use the table policy in the Authorization plugin to limit all finds, not just a scope on a particular action, is that possible?
# Aug 15th, 13:20 ricksaccous also
# Aug 15th, 13:19 ricksaccous also make sure you are setting the appropriate property values corresponding to the other models in the entity
# Aug 15th, 13:19 ricksaccous save($post, ['associated' => 'PostMetaDatas.InFolders']}) or whatever your models are called
# Aug 15th, 13:18 ricksaccous actually that's prob what you need to do
# Aug 15th, 13:18 ricksaccous you either need to specify associations in the save
# Aug 15th, 13:15 maymeow Ho i can update model with associated data? (when i creating new one its working with save) but when i updating its only save changes to main model not to associated data ``` $post = $this->Posts->find()->contain(['PostMetadata'])->where(['Posts.id' => $id])->first(); $post->done = true; $post->post_metadata->in_folder = PostsActionsFactory::FOLDER_DONE; ```
# Aug 15th, 13:11 spriz @mrfeedback I guess you can still use https://github.com/cakephp/acl :P ?
# Aug 15th, 12:46 mrfeedback are there some best practices on how to make user permission management? I am using authorization and authentication plugin which do exactly what expected. But now I am thinkg about how to manage roles and users. Are there some common ways to do it like in the past with ACL ?
# Aug 15th, 12:33 slackebot object(CakeEventManager) { [protected] _generalManager => object(CakeEventManager) { [protected] _generalManager => object(CakeEventManager) { [protected] _generalManager => object(CakeEventManager) {} [protected] _listeners => array( [maximum depth reached] ) [protected] _isGlobal => true } [protected] _listeners => array( 'Auth.afterIdentify' => array(
# Aug 15th, 12:33 slackebot (int) 10 => array([maximum depth reached]) ) ) [protected] _isGlobal => true } [protected] _listeners => array( 'Auth.afterIdentify' => array( (int) 10 => array() ) ) [protected] _isGlobal => true } [protected] _listeners => array( 'Auth.afterIdentify' => array( (int) 10 => array() ) ) [protected] _isGlobal
# Aug 15th, 12:33 slackebot => true } [protected] _listeners => array( 'Auth.afterIdentify' => array( (int) 10 => array() ) ) [protected] _isGlobal => true } [protected] _listeners => array( 'Auth.afterIdentify' => array( (int) 10 => array() ) ) [protected] _isGlobal => true } [protected] _listeners => array( 'Auth.afterIdentify' => array( (int) 10 => array() ) )
# Aug 15th, 12:33 slackebot [protected] _isGlobal => true } [protected] _listeners => array( 'Auth.afterIdentify' => array( (int) 10 => array() ) ) [protected] _isGlobal => true } [protected] _listeners => array( 'Auth.afterIdentify' => array( (int) 10 => array() ) ) [protected] _isGlobal => true } [protected] _listeners => array( 'Auth.afterIdentify' => array( (int) 10 => array() ) ) [protected] _isGlobal => true }
# Aug 15th, 12:33 val object(CakeEventManager) { [protected] _generalManager => object(CakeEventManager) { [protected] _generalManager => object(CakeEventManager) { [protected] _generalManager => object(CakeEventManager) { [protected] _generalManager => object(CakeEventManager) { [protected] _generalManager => object(CakeEventManager) { [protected] _generalManager => object(CakeEventManager) { [protected] _generalManager =>
# Aug 15th, 12:32 val I noticed something weird. `Debugger::log(CakeEventManager::instance(), 'debug', 20);` just below `CakeEventManager::instance()->detach($this);` outputs this:
# Aug 15th, 12:24 val And in the controller: `$this->GlobalAuth = $this->loadComponent('GlobalAuth');`
# Aug 15th, 12:23 val <?php App::uses('Component', 'Controller'); /** * GlobalAuth component * * @property AuthComponent $Auth */ class GlobalAuthComponent extends Component implements CakeEventListener { public $components = ['Auth']; /** * Constructor. * * @param ComponentCollection $collection A ComponentCollection this component can use to lazy load its components. * @param array $settings Array of configuration settings. */ public function
# Aug 15th, 12:23 slackebot __construct(ComponentCollection $collection, $settings = array()) { parent::__construct($collection, $settings); CakeEventManager::instance()->attach($this); } public function shutdown(Controller $controller) { // This prevents the memory leak. //CakeEventManager::instance()->detach($this); } /** * {@inheritDoc} * @see Component::initialize() */ public function initialize(Controller $controller) { Configure::write('GlobalAuth',
# Aug 15th, 12:23 slackebot $this->Auth->user()); } /** * afterIdentify * * @param Event $event Event. * @return void */ public function afterIdentify(CakeEvent $event) { Configure::write('GlobalAuth', $event->data['user']); } /** * implementedEvents * * @return array */ public function implementedEvents() { return [ 'Auth.afterIdentify' => 'afterIdentify', ]; } }
# Aug 15th, 12:22 val ```
# Aug 15th, 11:31 val @neothermic probably
# Aug 15th, 11:23 neothermic @val in an ironic question, can you make a testcase that shows the leak?
# Aug 15th, 11:21 val Hi, it looks like `CakeEventManager::instance()->attach($this);` in 2.x leads to the memory leak in unit tests. Is it a known problem?
# Aug 15th, 11:21 alexdd55976 my old company was sold...so i switched jobs ... other way i had 250 loc to maintain
# Aug 15th, 11:21 neothermic I somewhat wish when we did our big 1.3 -> 2.x migration, we'd just bitten the bullet and gone to 3.x as well
# Aug 15th, 11:20 spriz We're a simple SaaS with 330k LOC - looking forward to that 4.x migration already :)
# Aug 15th, 11:20 spriz Oh yikes! :)
# Aug 15th, 11:18 neothermic so we have a percentage of that on our platform right now