| # |
Dec 12th 2017, 14:46 |
 admad |
to mitigate the issue rename your app's "webroot" to "public_html" and then update the WWW_ROOT constant here https://github.com/cakephp/app/blob/master/config/paths.php#L52 |
| # |
Dec 12th 2017, 14:44 |
admad |
@rafael.junqueira.sant theoretically yes, if your URL rewriting gets borked and php file could be directly executed |
| # |
Dec 12th 2017, 14:43 |
rafael.junqueira.sant |
Greetings. In shared hosting, is it a considerable flaw to put all cakephp files in public_html? Can it be exploited? |
| # |
Dec 12th 2017, 14:41 |
admad |
that automatically gonna happen if they are taken out of webroot :slightly_smiling_face: |
| # |
Dec 12th 2017, 14:40 |
neon1024 |
..and ensure that your web server is passing file requests to PHP |
| # |
Dec 12th 2017, 14:39 |
hughbertd |
Cool, I’ll give that a look, thanks @admad |
| # |
Dec 12th 2017, 14:39 |
admad |
You can then check how the `AssetMiddleware` serves files for example. |
| # |
Dec 12th 2017, 14:38 |
admad |
@hughbertd if you want to control access to some files then first thing to do is move them out of webroot. |
| # |
Dec 12th 2017, 14:34 |
hughbertd |
Hi all Is there a way of using Cake3's middleware to control access to folders files within the webroot? |
| # |
Dec 12th 2017, 14:20 |
hmic |
then display it |
| # |
Dec 12th 2017, 14:20 |
hmic |
yes |
| # |
Dec 12th 2017, 14:16 |
obinoob |
hmic: so I need to contain the data which I'm doing at line https://gist.github.com/obinoob/ceffa14821e7c353f6216fd9b3043539#file-clientscontroller-php-L232 |
| # |
Dec 12th 2017, 14:15 |
hmic |
- which you should *not* do on bulk operations, like an index, but contain the data upfront of course |
| # |
Dec 12th 2017, 14:14 |
hmic |
you could implement a lazyloader in the entity class to load the entity and display field on access |
| # |
Dec 12th 2017, 14:14 |
hmic |
as the data is not stored in the table you are querying |
| # |
Dec 12th 2017, 14:14 |
hmic |
without the entity beeing there, you can't use the displayfield of course |
| # |
Dec 12th 2017, 14:14 |
hmic |
obinoob, you need the data to use the displayfield |
| # |
Dec 12th 2017, 14:11 |
saeideng |
i want to open issue for this |
| # |
Dec 12th 2017, 14:11 |
saeideng |
can we add a method for this into chronos ? @admad |
| # |
Dec 12th 2017, 14:09 |
obinoob |
hmic: any thoughts on setDisplayField() ? |
| # |
Dec 12th 2017, 13:49 |
admad |
try: `$yourTime = \DateTime('now', 'your-tz'); $yourTime->setTimestamp($otherTime->format('U'));` |
| # |
Dec 12th 2017, 13:47 |
saeideng |
? |
| # |
Dec 12th 2017, 13:47 |
saeideng |
by $yourTime = new \Cake\I18n\Time($utcTime->format('Y-m-d H:i:s'), 'your-timezone'); |
| # |
Dec 12th 2017, 13:47 |
saeideng |
but how you parse the date/time by different timezone? / and convert into your default timezone in your codes |
| # |
Dec 12th 2017, 13:45 |
saeideng |
@admad your code works |
| # |
Dec 12th 2017, 13:40 |
saeideng |
there is not a build-in method for it ? |
| # |
Dec 12th 2017, 13:40 |
admad |
@saeideng try `$yourTime = new Time($utcTime->format('Y-m-d H:i:s'), 'your-timezone');` |
| # |
Dec 12th 2017, 13:40 |
saeideng |
`$time->setTimezone(new \DateTimeZone('UTC'));` this not proper for me in this case |
| # |
Dec 12th 2017, 13:39 |
obinoob |
saeideng if you need to work with multiple timezones I would say to go with i18n that's the purpose of it I guess... |
| # |
Dec 12th 2017, 13:38 |
saeideng |
I need it for parsing time |
| # |
Dec 12th 2017, 13:38 |
neon1024 |
As your mutating the state of the instance |
| # |
Dec 12th 2017, 13:37 |
neon1024 |
I wouldn’t do that |
| # |
Dec 12th 2017, 13:37 |
saeideng |
in cakephp/chronos or cakephp/i18n |
| # |
Dec 12th 2017, 13:36 |
saeideng |
2:50 in UTC => 2:50 in other timezone |
| # |
Dec 12th 2017, 13:35 |
saeideng |
for example |
| # |
Dec 12th 2017, 13:35 |
saeideng |
how can i change timezone , without changing time |
| # |
Dec 12th 2017, 13:34 |
obinoob |
hmic: without having to contain('Users') ... |
| # |
Dec 12th 2017, 13:34 |
obinoob |
hmic: see I won't to display the username where user_id https://gist.github.com/obinoob/d0aa6321b650cdc61db67d025f122125#file-proposals-ctp-L67 |
| # |
Dec 12th 2017, 13:32 |
hmic |
obinoob, the view is more interesting |
| # |
Dec 12th 2017, 13:31 |
obinoob |
hmic: refresh the table link please I've gisted the wrong file :( sorry |
| # |
Dec 12th 2017, 13:31 |
jotpe |
@dereuromark yeah, but it's just used this single time, so a method would be a bit overload. |