Log message #4115841

# At Username Text
# Feb 9th 2018, 05:34 ricksaccous look up entities, you can use setters or getters there, forgot really which applies since i don't use them often
# Feb 9th 2018, 05:33 kevin I can use the php nl2br() function, but I dont know how I would incorporate it
# Feb 9th 2018, 05:32 kevin how can I tell cakephp to replace \r\n with actual breaklines
# Feb 9th 2018, 05:31 kevin the $widget[‘details’] is a multi-line text input, but in the DB, I save it as line1\r\nline2\r\nline3\r\n. when I Form->create($widget), it loads the text without parsing the \r\n’s properly
# Feb 9th 2018, 05:28 kevin one that I cant find the answer to
# Feb 9th 2018, 05:28 kevin ugh okay now I have a real one
# Feb 9th 2018, 05:14 ricksaccous ;)
# Feb 9th 2018, 05:14 kevin dont answer that. ill never learn if you do
# Feb 9th 2018, 05:14 kevin actually nm. im going to RTFM more
# Feb 9th 2018, 05:13 kevin that should create the whole form, right>
# Feb 9th 2018, 05:13 kevin if I do $widget = $this->Widget->get($id); $this->set(‘widget’, $widget); then in the view, I did $this->Form->create($widget);
# Feb 9th 2018, 05:09 ricksaccous It has something to do with security or something, lol
# Feb 9th 2018, 05:09 ricksaccous be sure to use h() when spitting out entity values
# Feb 9th 2018, 05:09 kevin 3.5, yes
# Feb 9th 2018, 05:08 ricksaccous are you using cake3?
# Feb 9th 2018, 05:08 kevin im a pentester by trade now, so I am a stickler for security :P
# Feb 9th 2018, 05:08 kevin i like using the framework for the added security protections
# Feb 9th 2018, 05:08 kevin lol yeah I guess
# Feb 9th 2018, 05:07 ricksaccous well if there is a plugin I know about that I think will work well I'll use it but if I think it's simple enough I'll probably avoid the plugin
# Feb 9th 2018, 05:06 ricksaccous although I don't really follow my own advice tbh
# Feb 9th 2018, 05:06 ricksaccous best way to see if something is cake correct is just use a plugin for it, heh
# Feb 9th 2018, 05:06 kevin thats what im doing. im just making sure it was cake-correct
# Feb 9th 2018, 05:06 ricksaccous yep
# Feb 9th 2018, 05:06 kevin thank you @ricksaccous
# Feb 9th 2018, 05:05 kevin yeah I got it
# Feb 9th 2018, 05:02 ricksaccous just if the user is authorized for the action?
# Feb 9th 2018, 05:02 ricksaccous @jkarlmen out of curiosity how do you even set a link to be an "authorized link" in that plugin?
# Feb 9th 2018, 05:01 ricksaccous I'm not sure the best way to do it to be honest
# Feb 9th 2018, 05:00 ricksaccous so I'd probably do it in the edit method itself rather than isAuthorized just because it might be easier to check the record there, either that or have all id of widgets the user owns in isAuthorized and work it out there
# Feb 9th 2018, 04:59 ricksaccous but you could probably get the picture
# Feb 9th 2018, 04:59 ricksaccous probably not fully functional, heh
# Feb 9th 2018, 04:59 ricksaccous this is cakephp3 code btw
# Feb 9th 2018, 04:59 ricksaccous like i said i am not really sure what you are suggesting but I would do it like this WidgetsController.php { public function edit($id) { $widget = $this->Widgets->get('id); if ($widget->user_id !== $this->Auth->user('id') { $this->Flash->error(__('Not Authorized buddy'); $this->redirect()}}}
# Feb 9th 2018, 04:57 kevin or is there some cake php magic I should be using?
# Feb 9th 2018, 04:56 kevin so the method im using is the right method?
# Feb 9th 2018, 04:56 kevin yeah
# Feb 9th 2018, 04:56 ricksaccous redirect them to the index with a flash error
# Feb 9th 2018, 04:56 kevin yes thats the goal
# Feb 9th 2018, 04:56 ricksaccous if they are not the owner don't let them pull it up
# Feb 9th 2018, 04:56 ricksaccous well i'm saying in the controller action there
# Feb 9th 2018, 04:55 kevin if I were to just force browse to /Widgets/edit/<any number>, I would be able to pull it up