Log message #4178904

# At Username Text
# Mar 6th 2019, 07:04 tjkalinowski Do you have experience with scaning tickets qr code via iphone? Record is send to cakephp database.
# Mar 6th 2019, 07:03 tjkalinowski Hello to all cakephp programmers :)
# Mar 6th 2019, 05:23 vipul.onus Hello when i do post rest api at that time facing error like " Error: Missing CSRF token cookie " this.. any solution in cakephp 3.7v
# Mar 5th 2019, 23:22 rightscoreanalysis thanks
# Mar 5th 2019, 23:21 dereuromark see e.g. https://github.com/dereuromark/cakephp-tinyauth/blob/master/src/View/Helper/AuthUserHelper.php#L47
# Mar 5th 2019, 23:21 rightscoreanalysis s
# Mar 5th 2019, 23:21 rightscoreanalysis is that $this->request->param
# Mar 5th 2019, 23:21 dereuromark the new way is >getAttribute('params');
# Mar 5th 2019, 23:20 dereuromark check prefix key the param() array values
# Mar 5th 2019, 23:19 rightscoreanalysis how can i check if the current route has an admin prefix
# Mar 5th 2019, 21:20 spriz Wow, there is literally an example in the book under “SQL injection”….. :) https://book.cakephp.org/3.0/en/orm/query-builder.html#sql-injection-prevention
# Mar 5th 2019, 21:19 spriz What’s the best way to do a `WHERE MATCH (column) AGAINST($foo);` query safely with user-supplied ´$foo` with the Cake ORM? :thinking_face:
# Mar 5th 2019, 21:14 spriz That also really seems like a design pattern to avoid ,:)
# Mar 5th 2019, 19:58 challgren Guess it is https://book.cakephp.org/3.0/en/orm/retrieving-data-and-resultsets.html#dynamic-finders
# Mar 5th 2019, 19:55 challgren So in CakePHP 3.7.* is magic find methods still around?
# Mar 5th 2019, 17:39 jeremyharris I prefer the symfony component I linked you to and using a proper queue system which makes error handling easier than a background process just fired from app code. That seems like it could lead to issues
# Mar 5th 2019, 17:31 daniel.upshaw You might find this neat: https://github.com/cocur/background-process
# Mar 5th 2019, 17:31 daniel.upshaw @jeremyharris
# Mar 5th 2019, 17:21 manthan.budheliya Thanks @jeremyharris It works for me
# Mar 5th 2019, 17:19 daniel.upshaw Lol alright cool :slightly_smiling_face:
# Mar 5th 2019, 17:17 jeremyharris Cake doesn’t need to have one, symfony does :slightly_smiling_face: just add it to your project and you can use it. Cake works well with lots of libraries, and there’s no need to re-write things that exist already
# Mar 5th 2019, 17:17 daniel.upshaw Thanks so much
# Mar 5th 2019, 17:17 daniel.upshaw Just not in Cake yet... I think it would be cool but not a priority for Cake at the moment
# Mar 5th 2019, 17:16 daniel.upshaw Hmmm nice
# Mar 5th 2019, 17:16 jeremyharris cake doesn’t have wrappers for that, but php you can do it with `exec()` symfony has a process component that helps with this: https://symfony.com/doc/current/components/process.html
# Mar 5th 2019, 17:15 daniel.upshaw You'd probably want it to start cropping right away
# Mar 5th 2019, 17:15 daniel.upshaw For example, if you wanted to run imagemagick to crop an image, you might not want to queue it
# Mar 5th 2019, 17:15 jeremyharris I see
# Mar 5th 2019, 17:14 jeremyharris wrap it in a `if ($this->request->getParam('action') === 'edit') {}` for specific actions
# Mar 5th 2019, 17:14 jeremyharris then do it like this: https://book.cakephp.org/3.0/en/controllers/components/csrf.html#disabling-the-csrf-component-for-specific-actions
# Mar 5th 2019, 17:14 daniel.upshaw It seems Cake doesn't really have the wrappers for running processing, and encourages instead queues only
# Mar 5th 2019, 17:14 jeremyharris (if you use jquery, for example, you can use $.ajaxSetup to add that header to each request)
# Mar 5th 2019, 17:14 manthan.budheliya ok.. But what if I want to disable csrf also for the action?
# Mar 5th 2019, 17:14 jeremyharris and https://book.cakephp.org/3.0/en/controllers/components/csrf.html#csrf-protection-and-ajax-requests
# Mar 5th 2019, 17:13 jeremyharris for unlocking a certain action from form tampering (Security), it’s $this->Security->setConfig(‘unlockedActions’. [‘index’]), see: https://book.cakephp.org/3.0/en/controllers/components/security.html#disabling-security-component-for-specific-actions
# Mar 5th 2019, 17:13 daniel.upshaw Kind of neat I think.. for a pure PHP solution
# Mar 5th 2019, 17:12 jeremyharris CSRF and Security are two different things. If you want to use CSRF with ajax within your application, add the token to the headers (see the CSRF docs for this)
# Mar 5th 2019, 17:12 daniel.upshaw https://stackoverflow.com/a/45966
# Mar 5th 2019, 17:12 manthan.budheliya My aim is to off the both component only for the particular action
# Mar 5th 2019, 17:12 daniel.upshaw What I want to do is execute a `ps` to check the status... I feel pretty good about that idea
# Mar 5th 2019, 17:12 manthan.budheliya @jeremyharris I have off the security component and removed csrf from application.php. It works But when I add csrf in application.php and off the component in beforeFilter function of component. it is not working