Log message #3882997

# At Username Text
# May 30th 2016, 09:21 cakephp595 hi, when i am adding where with contain , i am getting this issue " Unknowun coloum : FaqHeaders.header in where clause" . here is my code.: pastebin.com/ZiNTyGSk
# May 30th 2016, 09:18 conehead Hey guys. Was wondering overall, if it is possible to override / extend single controllers with plugins. I got a project which several people use and some might need extra functions for specific controllers. Is there an easy way?
# May 30th 2016, 09:10 ionas if any of you still wants to grab a bite I am leaving my appartement soon @ amsterdam
# May 30th 2016, 09:09 ionas all the best to you guys
# May 30th 2016, 09:09 ionas client javascript based - application password_hash based - then on the fly salts for the database but still based on password_hash :)
# May 30th 2016, 09:09 ionas you could - I think - still use password hash two times ;)
# May 30th 2016, 09:08 hmic as i said, there might be cases you might think and might want to do better - feel free to.
# May 30th 2016, 09:07 ionas yeah but security may assume bad code ;p
# May 30th 2016, 09:07 hmic *if* thats the case, you have serious problems anyways
# May 30th 2016, 09:07 ionas client salt+hash, application salt + hash, db field salt + hash ;)
# May 30th 2016, 09:07 hmic that helps only if an attacker can overwrite passwords of other users by known (hashed) values
# May 30th 2016, 09:06 hmic ionas, its just not neccessary
# May 30th 2016, 09:06 ionas hmic: the only thing that I kinda miss is double salting
# May 30th 2016, 09:06 hmic you can still provide a custom password hasher to the auth component and use it in your UserEntity to set the password hash too.
# May 30th 2016, 09:05 hmic if you need something else and think you can do better (for your specific usecase, maybe)
# May 30th 2016, 09:04 hmic of course you can copy a hash to another user and the password will work
# May 30th 2016, 09:04 hmic http://php.net/manual/de/function.password-hash.php
# May 30th 2016, 09:04 JohnWayne I have now try to copy hashed pass from one to another user and its working... I was thinking that is always "new" hash for each letter
# May 30th 2016, 09:03 JohnWayne And is it a little bit strange that for instance "a" is always for instance "sadasda%§$$SDA"
# May 30th 2016, 09:03 hmic which is bcrypt under he hood as of now (but might change if thats considered insecure in the future)
# May 30th 2016, 09:02 hmic password_hash()
# May 30th 2016, 09:02 hmic JohnWayne, php default
# May 30th 2016, 09:02 JohnWayne Which hashing system use ckaphp 3 for passwords
# May 30th 2016, 08:56 phpcoder thanks ionas !
# May 30th 2016, 08:56 phpcoder )
# May 30th 2016, 08:55 rubyan nope. Fatal error: Call to undefined method Cake\I18n\Time::week()
# May 30th 2016, 08:54 hmic ->week()
# May 30th 2016, 08:54 rubyan To get the current weeknumber, why cant I do Cake\I18n\Time::now()->week ?
# May 30th 2016, 08:53 ionas or in your Amsterdam branch ;)
# May 30th 2016, 08:53 hmic sure
# May 30th 2016, 08:53 ionas in Germany?
# May 30th 2016, 08:53 hmic ionas, im in the office already
# May 30th 2016, 08:51 ionas anyone of you guys still wants to have a bite or dirnk something? hmic?
# May 30th 2016, 08:51 ionas have a great afternoon, I feel a bit sad that I have to go home from cakefest now
# May 30th 2016, 08:50 ionas phpcoder: if you are using the opt-out feature you may want to consider adding the clause()->traverse() trick to the book as a PR to the docs <3
# May 30th 2016, 08:48 ionas you will be happier later not repeating my mistakes :pö
# May 30th 2016, 08:47 ionas got it?
# May 30th 2016, 08:47 phpcoder yes ok
# May 30th 2016, 08:47 ionas instead of hacking opt-out
# May 30th 2016, 08:47 phpcoder yeah there could be many
# May 30th 2016, 08:47 ionas you might want to consider fixing your query composition