| # |
Dec 15th 2017, 15:49 |
obinoob |
I've noticed that Router::parse is deprecated in cakephp 3.5 cakephp documentation points that parseRequest should be used instead! However, it only accept requests, so now this code gets invalid, is there another new way of parsing a referer? $referer_params = Router::parse($this->referer('/', true)); |
| # |
Dec 15th 2017, 15:42 |
 neon1024 |
https://book.cakephp.org/3.0/en/core-libraries/events.html#getting-event-data-as-function-parameters |
| # |
Dec 15th 2017, 15:39 |
meder_ |
seems like it |
| # |
Dec 15th 2017, 15:38 |
meder_ |
does it just pass them by order in the array directly? |
| # |
Dec 15th 2017, 15:38 |
meder_ |
$options becomes the entity itself |
| # |
Dec 15th 2017, 15:38 |
meder_ |
if i pass ['entity' => $myEntity, 'poop' => 4] in the dispatcher itself, event $event, $options |
| # |
Dec 15th 2017, 15:38 |
hmic |
so pass the entity inside an array |
| # |
Dec 15th 2017, 15:38 |
hmic |
you are supposed to pass an array, or arrayobject?! |
| # |
Dec 15th 2017, 15:38 |
meder_ |
weird, that's confusing. it converts the array weirdly |
| # |
Dec 15th 2017, 15:35 |
meder_ |
ok |
| # |
Dec 15th 2017, 15:34 |
dereuromark |
dont pass it directly, use k=>v |
| # |
Dec 15th 2017, 15:32 |
neon1024 |
..in the array I mean |
| # |
Dec 15th 2017, 15:31 |
neon1024 |
https://book.cakephp.org/3.0/en/core-libraries/events.html#dispatching-events |
| # |
Dec 15th 2017, 15:31 |
neon1024 |
I believe you can pass whatever you want in the third options param |
| # |
Dec 15th 2017, 15:29 |
meder_ |
it seems like it converts the entity to an array |
| # |
Dec 15th 2017, 15:29 |
meder_ |
can you pass an entity to a cake event dispatch as an argument? |
| # |
Dec 15th 2017, 15:12 |
admad |
so getting path with base is hardly gonna be missed and if someone still needs it then you can still do `$request->getAttribute('base') . $request->getRequestTarget()`. |
| # |
Dec 15th 2017, 15:11 |
admad |
yes, the actual request was with sub folder path, but inside the app you usually only care about the app relative path and the Router adds the base itself when generating urls |
| # |
Dec 15th 2017, 15:09 |
hmic |
so here() as well as the target should have it |
| # |
Dec 15th 2017, 15:09 |
hmic |
the request does to the uri including the sub folder, of course |
| # |
Dec 15th 2017, 15:09 |
hmic |
which is wrong all the time, isnt it? |
| # |
Dec 15th 2017, 15:05 |
admad |
but that only matters if you app is in a sub folder |
| # |
Dec 15th 2017, 15:04 |
admad |
only different is here() had the option to return path with or without "base" while the latter only returns without base. |
| # |
Dec 15th 2017, 15:03 |
admad |
here() included query string and so does getRequestTarget() |
| # |
Dec 15th 2017, 15:01 |
inoas |
it always returned the full path (without the query string I believe) |
| # |
Dec 15th 2017, 15:01 |
neon1024 |
I don’t think the functionality exists in the framework |
| # |
Dec 15th 2017, 15:01 |
inoas |
admad well a big red box should be okay, I am just not certain that I really know how to implement the feature (in Cakephp3/Middleware/Formhelper Code Stack) |
| # |
Dec 15th 2017, 15:01 |
neon1024 |
Indeed not |
| # |
Dec 15th 2017, 15:00 |
admad |
@neon1024 $request->here() never returned domain name either |
| # |
Dec 15th 2017, 14:16 |
inoas |
yes I understand |
| # |
Dec 15th 2017, 14:16 |
admad |
we used to get lot of tickets because of it |
| # |
Dec 15th 2017, 14:15 |
admad |
inoas: they were removed on purpose as they caused lot of problem. for e.g you load a page with form in one page, then load another page in another tab then the token in 1st become invalid |
| # |
Dec 15th 2017, 12:56 |
inoas |
it worked for the most part to stop bots from spamming contact forms |
| # |
Dec 15th 2017, 12:55 |
inoas |
before I open a ticket about it... sorry for highlighting... admad did it get removed on purpose or just not reimplemented @ https://book.cakephp.org/2.0/en/core-libraries/components/security-component.html#SecurityComponent::$csrfUseOnce ? |
| # |
Dec 15th 2017, 12:53 |
inoas |
aka csrfUseOnce = true |
| # |
Dec 15th 2017, 12:51 |
inoas |
There is no way to do one-time tokens with CSRF Middleware, right? |
| # |
Dec 15th 2017, 12:47 |
inoas |
hmic yeah one thing is complying with some PSR, the other thing is removing really useful stuff ... bad |
| # |
Dec 15th 2017, 12:47 |
inoas |
so kudos |
| # |
Dec 15th 2017, 12:47 |
inoas |
it works with both: cells and with view extending... whereas CsrFComponent has issues |
| # |
Dec 15th 2017, 12:46 |
inoas |
whoever did the new CsrfMiddleware... |
| # |
Dec 15th 2017, 12:41 |
hmic |
if not, i'd rather resort to the _SERVER global to get the info, instead of using this combersome thing :( |