| # |
Jun 30th 2019, 04:50 |
 wgon0001 |
Can I prevent the evil code from ‘Chinese chopper’ such as `<?php @eval($_POST[value]);?>` by using validator applying the rules to inputs box? |
| # |
Jun 30th 2019, 04:47 |
bgrinter |
I've run through the v3 tutorial and also done a test upgrade of v2 to v3 for the sample blog app, but now looking to do it for real and looking for advice |
| # |
Jun 30th 2019, 04:46 |
bgrinter |
Do I install using composer in a new directory and copy existing controller / model / views over? Do I set up to use composer on v2 first and update instead? |
| # |
Jun 30th 2019, 04:45 |
bgrinter |
I have a CakePHP 2.x app that I'm looking to update to v3. the v2 app doesn't use composer so I'm wondering the best / correct path to take. |
| # |
Jun 30th 2019, 03:00 |
challgren |
CakePHP 4.0.0-beta1 released! https://github.com/cakephp/cakephp/releases/tag/4.0.0-beta1 |
| # |
Jun 30th 2019, 02:42 |
chrisshick |
@savant |
| # |
Jun 30th 2019, 02:36 |
chrisshick |
Now I’m curious, why do you think that? |
| # |
Jun 30th 2019, 02:35 |
savant |
Most anything else in the deployment space is going the wrong way imo |
| # |
Jun 30th 2019, 02:35 |
savant |
Use Kubernetes or something similar @chrisshick |
| # |
Jun 30th 2019, 01:30 |
slackebot |
changes the symlink accordingly. |
| # |
Jun 30th 2019, 01:30 |
chrisshick |
Hosting wise: i am currently using a private cloud provider. Security wise they have everything locked down pretty hardcore. I would like to avoid having to make firewall changes and make ssh accounts. I was envisioning a master server that holds all the builds. An api that the agents use to pull the latest build version. If it is different then it gets the build via the api, places it in the folder labeled for that version, and then |
| # |
Jun 30th 2019, 01:25 |
chrisshick |
@savant I mean it to be a little more secure due to the nature of opening firewall ports and setting up ssh accounts. Albeit those concerns can be addressed pretty simply The scalability concern I feel is well addressed with puppet for the nodes. |
| # |
Jun 29th 2019, 20:43 |
savant |
regardless, is there a specific hosting setup you’re thinking about? |
| # |
Jun 29th 2019, 20:43 |
savant |
@chrisshick pull based isn’t inherently more secure, and at scale, you need to start thinking about how to scale those lovely command and conquer nodes |
| # |
Jun 29th 2019, 18:47 |
ndm |
you're welcome |
| # |
Jun 29th 2019, 18:46 |
st.steinkuehler |
Thank you very much |
| # |
Jun 29th 2019, 18:46 |
slackebot |
->add($authentication); return $middleware;``` |
| # |
Jun 29th 2019, 18:46 |
st.steinkuehler |
``` $middleware // Catch any exceptions in the lower layers, // and make an error page/response ->add(ErrorHandlerMiddleware::class) // Handle plugin/theme assets like CakePHP normally does. ->add(AssetMiddleware::class) // Apply routing ->add(RoutingMiddleware::class) ->add(new LocaleSelectorMiddleware(['de','en'])) |
| # |
Jun 29th 2019, 18:45 |
st.steinkuehler |
the ´add´ is made at the end of the middleware queue before the routing |
| # |
Jun 29th 2019, 18:44 |
st.steinkuehler |
> Currently however your `Router::url()` call happens before the routing middleware is being invoked, |
| # |
Jun 29th 2019, 18:44 |
st.steinkuehler |
@ndm wow! that works immediately without problems |
| # |
Jun 29th 2019, 18:35 |
slackebot |
Router::url('/administrators/login'), 'queryParam' => 'redirect', ]); return $middleware($request, $response, $next); }; $middlewareQueue // ... ->add($authentication); ``` That way you'd also avoid "breaking" the routing middleware's caching functionality. |
| # |
Jun 29th 2019, 18:35 |
slackebot |
generated URLs. What you could for example do, is wrapping the authorization middleware construction into a custom/callback middleware, so that the code is being invoked after the routing middleware, like this: ```php $authentication = function (\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, callable $next) { $middleware = new AuthenticationMiddleware($this, [ 'unauthenticatedRedirect' => |
| # |
Jun 29th 2019, 18:35 |
ndm |
@st.steinkuehler You'd have to use `Router::url()` calls for both URLs. Currently however your `Router::url()` call happens before the routing middleware is being invoked, which is where the router context is fed with the current request object, from which the router can obtain the possible base path value. Without that request context the router falls back to the `App.base` config value, which is empty in your case, hence there's no base in the |
| # |
Jun 29th 2019, 16:57 |
slackebot |
$service->loadAuthenticator('Authentication.Session'); $service->loadAuthenticator('Authentication.Form', [ 'fields' => $fields, 'loginUrl' => '/administrators/login' ]); ``` Adding `/myapp/` to both URLs works, but in production there will be no `/myapp/`. I would expect it works auto detected. Can someone give me a tip on what I'm doing wrong? |
| # |
Jun 29th 2019, 16:57 |
slackebot |
Middleware redirects to the url without the `myapp` and the browser gets an error from the webserver. Changing it to `Router::url('/myapp/administrators/login')` works, but the authentication does not work with the error: `Login URL http://192.168.0.2/administrators/login?redirect=http%3A%2F%2F192.168.0.2%2Fmyapp%2Fdashboards%2F did not match /administrators/login` I guess because of this: ``` // Load the authenticators, you want session first |
| # |
Jun 29th 2019, 16:57 |
st.steinkuehler |
Still trying the "newer" Authentication Plugin: My app runs in the browser under `/myapp/` and the base directory in `config/app.php` is set to `App => base => false` (auto detected). No problems with generating urls by cake so far. But now with this ``` $authentication = new AuthenticationMiddleware($this, [ 'unauthenticatedRedirect' => Router::url('/administrators/login'), 'queryParam' => 'redirect', ]); ``` the Authentication |
| # |
Jun 29th 2019, 16:33 |
martin |
https://github.com/uafrica/oauth-server is sadly outdated :( |
| # |
Jun 29th 2019, 16:33 |
martin |
but should be nice if there was a default thing to do it :P |
| # |
Jun 29th 2019, 16:33 |
martin |
wel it is not authentication |
| # |
Jun 29th 2019, 16:33 |
martin |
why is oauth 2 not a default authentication in cakephp? |
| # |
Jun 29th 2019, 16:01 |
admad |
And sqlite itself installed of course :slightly_smiling_face: |
| # |
Jun 29th 2019, 16:00 |
admad |
You will just need pdo_sqlite extension enabled for PHP which you will have to do in ampp/wampp |
| # |
Jun 29th 2019, 15:59 |
admad |
Of course, cake doesn't care about ampp or wampp |
| # |
Jun 29th 2019, 15:45 |
olanowsubomi |
but can the sqlite database work indepently on cakephp without the integration with ampp |
| # |
Jun 29th 2019, 15:12 |
admad |
@olanowsubomi https://book.cakephp.org/3.0/en/orm/database-basics.html#supported-databases |
| # |
Jun 29th 2019, 15:12 |
st.steinkuehler |
@olanowsubomi I guess you can, see https://book.cakephp.org/3.0/en/installation.html and look at your `config\app.php` or `config\app.default.php` in line 220 where the datasources are set - there was a comment "See vendor\cakephp\cakephp\src\Database\Driver for complete list" and in this folder I see a `sqlite.php` file. Should probably go. try it out. |
| # |
Jun 29th 2019, 15:04 |
olanowsubomi |
please if i use ampp, wamp or any of such php program for local host please, can i use another sql product such as sqlite with the cakephp instead of the mysql. |
| # |
Jun 29th 2019, 14:51 |
st.steinkuehler |
@ndm Thanks a log. I forgot the `use` for the `Psr\Http\Message\....` stuff. |
| # |
Jun 29th 2019, 14:49 |
olanowsubomi |
thanks |
| # |
Jun 29th 2019, 14:46 |
ndm |
@olanowsubomi Composer suggestions are optional, CakePHP will run without them unless you make use of a feature that actually requires them (for example `ext-openssl` is required for anything encryption related). Most suggestions come with a short explanation as to what those packages may be needed for. |