# |
Apr 24th 2017, 11:46 |
chrisso |
Reason I tested bom was that I couldn't get it encoded as UTF-8, but with bom I did. |
# |
Apr 24th 2017, 11:45 |
chrisso |
Strange thing is that I had this issue several times in different projects and different actions where it has failed. |
# |
Apr 24th 2017, 11:45 |
digitalfotografen |
@chrisso I must admit that I never tested the BOM-parameters. I use the plugin with default setup. |
# |
Apr 24th 2017, 11:43 |
chrisso |
Something has to gone wrong earlier. |
# |
Apr 24th 2017, 11:42 |
chrisso |
@digitalfotografen Strange, now it actually works without bom |
# |
Apr 24th 2017, 11:41 |
aavrug |
How to get the values from query builder previous row of matching condition? |
# |
Apr 24th 2017, 11:40 |
chrisso |
Yes, thats the plugin I'm using. If I set _bom to false, and tests the encoding (checking encoding with sublime console), it's no encoding. With bom, I get UTF-8 with BOM |
# |
Apr 24th 2017, 11:37 |
digitalfotografen |
@chrisso Are You using the FriendsOfCake/cakephp-csvview? Have use this in one project and get utf-8 without bom and no special configuration. |
# |
Apr 24th 2017, 11:17 |
chrisso |
Does anyone have experience with creating Csv and/or CsvView-plugin? I'm unable to create csv file with utf-8 encoding without setting _bom to true. |
# |
Apr 24th 2017, 11:02 |
aavrug |
I need to fetch all the row including one previous row in CakePHP3 so I want to add "BETWEEN parent.idstack-1 AND parent.idstack" Where I can add this in query builder? |
# |
Apr 24th 2017, 10:46 |
NeoThermic|Work |
using UUIDs is simple because no one is going to brute-force a 128-bit int |
# |
Apr 24th 2017, 10:45 |
NeoThermic|Work |
obfuscation strategies fall apart if enough samples are collected or the method of generation is known. |
# |
Apr 24th 2017, 10:34 |
Neon1024 |
There are layers inbetween those things |
# |
Apr 24th 2017, 10:34 |
Neon1024 |
Plus you should not be letting your url structure, and output of your api determine your internal data structure |
# |
Apr 24th 2017, 10:34 |
bravo-kernel |
I might have remember incorrectly though ;) |
# |
Apr 24th 2017, 10:33 |
bravo-kernel |
Obfuscating numeric id using one of the strategies would make it near impossible to harvest using url guesses |
# |
Apr 24th 2017, 10:33 |
bravo-kernel |
I do recall firm statements about not using uuid to not kill performance |
# |
Apr 24th 2017, 10:32 |
bravo-kernel |
Check |
# |
Apr 24th 2017, 10:31 |
dereuromark |
bravo: no its not :slightly_smiling_face: it appears to be - which sometimes can be enough |
# |
Apr 24th 2017, 10:31 |
bravo-kernel |
Imo |
# |
Apr 24th 2017, 10:31 |
bravo-kernel |
Obfuscation is as secure as it gets |
# |
Apr 24th 2017, 10:31 |
dereuromark |
if you do, use uuid16 :slightly_smiling_face: |
# |
Apr 24th 2017, 10:30 |
bravo-kernel |
Ask @dereuromark, do not use uiid for primary ids |
# |
Apr 24th 2017, 10:27 |
spriz |
Sneaky :) |
# |
Apr 24th 2017, 10:24 |
NeoThermic|Work |
e.g (sorry for the function chain, but to get one line): $base36uuid = gmp_strval(gmp_init(str_replace('-', '', CakeText::uuid()), 16) , 36); |
# |
Apr 24th 2017, 10:22 |
NeoThermic|Work |
doubly so since you can express them as base 36 (once you remove the dashes) for shorter strings in URIs |
# |
Apr 24th 2017, 10:21 |
NeoThermic|Work |
UUIDs are a great choice |
# |
Apr 24th 2017, 10:21 |
spriz |
UUID for primary keys <3 |
# |
Apr 24th 2017, 10:20 |
NeoThermic|Work |
I don't suggest muffin/obfuscate if you want any degree of actual secrecy, mind |
# |
Apr 24th 2017, 10:20 |
NeoThermic|Work |
hmm |
# |
Apr 24th 2017, 10:19 |
birdy247 |
ah I read as optimal :slightly_smiling_face: |
# |
Apr 24th 2017, 10:19 |
bravo-kernel |
Gotta go, gl guys and girls |
# |
Apr 24th 2017, 10:18 |
bravo-kernel |
Simply put: a must IMHO |
# |
Apr 24th 2017, 10:18 |
bravo-kernel |
:face_with_rolling_eyes: |
# |
Apr 24th 2017, 10:18 |
bravo-kernel |
Not optional |
# |
Apr 24th 2017, 10:18 |
birdy247 |
Not optimal? |
# |
Apr 24th 2017, 10:17 |
bravo-kernel |
No problem |
# |
Apr 24th 2017, 10:17 |
bravo-kernel |
Using JsonApiListener is not even optional anymore IMO |
# |
Apr 24th 2017, 10:16 |
birdy247 |
big thanks for writing that |
# |
Apr 24th 2017, 10:16 |
birdy247 |
@bravo-kernel great API blog post |
# |
Apr 24th 2017, 10:16 |
birdy247 |
:) |