| # |
Mar 5th 2019, 23:21 |
 dereuromark |
the new way is >getAttribute('params'); |
| # |
Mar 5th 2019, 23:20 |
dereuromark |
check prefix key the param() array values |
| # |
Mar 5th 2019, 23:19 |
rightscoreanalysis |
how can i check if the current route has an admin prefix |
| # |
Mar 5th 2019, 21:20 |
spriz |
Wow, there is literally an example in the book under “SQL injection”….. :) https://book.cakephp.org/3.0/en/orm/query-builder.html#sql-injection-prevention |
| # |
Mar 5th 2019, 21:19 |
spriz |
What’s the best way to do a `WHERE MATCH (column) AGAINST($foo);` query safely with user-supplied ´$foo` with the Cake ORM? :thinking_face: |
| # |
Mar 5th 2019, 21:14 |
spriz |
That also really seems like a design pattern to avoid ,:) |
| # |
Mar 5th 2019, 19:58 |
challgren |
Guess it is https://book.cakephp.org/3.0/en/orm/retrieving-data-and-resultsets.html#dynamic-finders |
| # |
Mar 5th 2019, 19:55 |
challgren |
So in CakePHP 3.7.* is magic find methods still around? |
| # |
Mar 5th 2019, 17:39 |
jeremyharris |
I prefer the symfony component I linked you to and using a proper queue system which makes error handling easier than a background process just fired from app code. That seems like it could lead to issues |
| # |
Mar 5th 2019, 17:31 |
daniel.upshaw |
You might find this neat: https://github.com/cocur/background-process |
| # |
Mar 5th 2019, 17:31 |
daniel.upshaw |
@jeremyharris |
| # |
Mar 5th 2019, 17:21 |
manthan.budheliya |
Thanks @jeremyharris It works for me |
| # |
Mar 5th 2019, 17:19 |
daniel.upshaw |
Lol alright cool :slightly_smiling_face: |
| # |
Mar 5th 2019, 17:17 |
jeremyharris |
Cake doesn’t need to have one, symfony does :slightly_smiling_face: just add it to your project and you can use it. Cake works well with lots of libraries, and there’s no need to re-write things that exist already |
| # |
Mar 5th 2019, 17:17 |
daniel.upshaw |
Thanks so much |
| # |
Mar 5th 2019, 17:17 |
daniel.upshaw |
Just not in Cake yet... I think it would be cool but not a priority for Cake at the moment |
| # |
Mar 5th 2019, 17:16 |
daniel.upshaw |
Hmmm nice |
| # |
Mar 5th 2019, 17:16 |
jeremyharris |
cake doesn’t have wrappers for that, but php you can do it with `exec()` symfony has a process component that helps with this: https://symfony.com/doc/current/components/process.html |
| # |
Mar 5th 2019, 17:15 |
daniel.upshaw |
You'd probably want it to start cropping right away |
| # |
Mar 5th 2019, 17:15 |
daniel.upshaw |
For example, if you wanted to run imagemagick to crop an image, you might not want to queue it |
| # |
Mar 5th 2019, 17:15 |
jeremyharris |
I see |
| # |
Mar 5th 2019, 17:14 |
jeremyharris |
wrap it in a `if ($this->request->getParam('action') === 'edit') {}` for specific actions |
| # |
Mar 5th 2019, 17:14 |
jeremyharris |
then do it like this: https://book.cakephp.org/3.0/en/controllers/components/csrf.html#disabling-the-csrf-component-for-specific-actions |
| # |
Mar 5th 2019, 17:14 |
daniel.upshaw |
It seems Cake doesn't really have the wrappers for running processing, and encourages instead queues only |
| # |
Mar 5th 2019, 17:14 |
jeremyharris |
(if you use jquery, for example, you can use $.ajaxSetup to add that header to each request) |
| # |
Mar 5th 2019, 17:14 |
manthan.budheliya |
ok.. But what if I want to disable csrf also for the action? |
| # |
Mar 5th 2019, 17:14 |
jeremyharris |
and https://book.cakephp.org/3.0/en/controllers/components/csrf.html#csrf-protection-and-ajax-requests |
| # |
Mar 5th 2019, 17:13 |
jeremyharris |
for unlocking a certain action from form tampering (Security), it’s $this->Security->setConfig(‘unlockedActions’. [‘index’]), see: https://book.cakephp.org/3.0/en/controllers/components/security.html#disabling-security-component-for-specific-actions |
| # |
Mar 5th 2019, 17:13 |
daniel.upshaw |
Kind of neat I think.. for a pure PHP solution |
| # |
Mar 5th 2019, 17:12 |
jeremyharris |
CSRF and Security are two different things. If you want to use CSRF with ajax within your application, add the token to the headers (see the CSRF docs for this) |
| # |
Mar 5th 2019, 17:12 |
daniel.upshaw |
https://stackoverflow.com/a/45966 |
| # |
Mar 5th 2019, 17:12 |
manthan.budheliya |
My aim is to off the both component only for the particular action |
| # |
Mar 5th 2019, 17:12 |
daniel.upshaw |
What I want to do is execute a `ps` to check the status... I feel pretty good about that idea |
| # |
Mar 5th 2019, 17:12 |
manthan.budheliya |
@jeremyharris I have off the security component and removed csrf from application.php. It works But when I add csrf in application.php and off the component in beforeFilter function of component. it is not working |
| # |
Mar 5th 2019, 17:11 |
jeremyharris |
It’s possible, but depends on your queue system. My queue system, for example, executes events within the application. However I have commands that are used by cron in the background as well, such as bin/cake backup |
| # |
Mar 5th 2019, 17:09 |
daniel.upshaw |
It's kind of a hot topic sometimes |
| # |
Mar 5th 2019, 17:09 |
daniel.upshaw |
In PHP, it's possible to run background processes using CLI syntax |
| # |
Mar 5th 2019, 17:09 |
birdy247 |
but both together and it brings back records with hello OR world in the title |
| # |
Mar 5th 2019, 17:09 |
manthan.budheliya |
ok let me check |
| # |
Mar 5th 2019, 17:09 |
birdy247 |
or "world" |
| # |
Mar 5th 2019, 17:09 |
jeremyharris |
you can unlock the action @manthan.budheliya, see the SecurityComponent docs |