Log message #4220388

# At Username Text
# Dec 29th 2019, 23:45 brandon @dereuromark That database logger is perfect. Thanks!
# Dec 29th 2019, 18:05 birdy247 [Sun Dec 29 17:57:43.005730 2019] [core:notice] [pid 10874] AH00051: child pid 5205 exit signal Segmentation fault (11), possible coredump in /etc/apache2
# Dec 29th 2019, 18:04 birdy247 very strange!
# Dec 29th 2019, 18:04 birdy247 i restarted apache and it worked
# Dec 29th 2019, 17:58 dereuromark then it must be sth in the apache or nginx logs
# Dec 29th 2019, 17:56 birdy247 Nothing in the cake logs
# Dec 29th 2019, 17:54 birdy247 cake logs?
# Dec 29th 2019, 17:53 dereuromark check the logs.
# Dec 29th 2019, 17:52 birdy247 Nothing has changed recently
# Dec 29th 2019, 17:52 birdy247 This is when posting a form
# Dec 29th 2019, 17:52 slackebot <birdy247>
# Dec 29th 2019, 17:52 birdy247 Really weird issue with a cake site
# Dec 29th 2019, 17:52 birdy247 Hi Guys
# Dec 29th 2019, 13:33 dereuromark @brandon https://github.com/dereuromark/CakePHP-DatabaseLog has some functionality to send emails after x min with an excerpt of fails. You dont want to send emails syncronous, and you dont want them all per single item, you might end up with millions of mails per hour^^
# Dec 29th 2019, 09:54 challgren https://book.cakephp.org/3/en/core-libraries/form.html
# Dec 29th 2019, 09:52 challgren You can always create an entity without a table class
# Dec 29th 2019, 09:52 challgren Like for a modelless form?
# Dec 29th 2019, 09:48 jotpe Morning. Is it somehow possible to create a Table/Entities from array without any db connection?
# Dec 29th 2019, 08:30 dsar Yes, that is a better idea (or just use a logger)
# Dec 29th 2019, 03:42 brandon Alternatively, I was thinking of just having a custom error handler that emails the errors instead of displaying them to the admins.
# Dec 29th 2019, 03:42 slackebot just give out 404s instead of redirecting to login. Anyone have experience with this?
# Dec 29th 2019, 03:42 brandon I am having a bit of difficulty configuring custom error pages on 3.8. I want the error pages to be generic for end users but if the logged in user is an admin, I want the error to be more detailed so it can be reported, if needed. I learned that I need to add the AuthenticationMiddleware before the ErrorHandlingMiddleware so I could access authentication from the template. This, however, has a side effect - it causes unauthorized requests to
# Dec 28th 2019, 23:32 challgren Ok cool then its on cloudflare, I guess Im stuck til my dns clears
# Dec 28th 2019, 23:32 dsar 104.18.56.26
# Dec 28th 2019, 23:31 challgren Bah stupid DNS cache
# Dec 28th 2019, 23:30 challgren can anyone tell me what the ip address for truepedigree.com comes back as for them?
# Dec 28th 2019, 22:13 dsar I would make it optional for mission critical forms such as payment ones, for example 'extraSecurity' => true
# Dec 28th 2019, 22:12 dsar As markstory said, it is not easy to support this since we need a persistent place to store all the action urls for the hash later
# Dec 28th 2019, 22:07 admad Like I said you have 2 options: either implement your own form tampering mechanism or submit a patch to address the issue.
# Dec 28th 2019, 22:06 dsar Also I didn't want to compare, just to share an issue while porting an application
# Dec 28th 2019, 22:04 dsar I didn't mean that, however I don't think other are so naive
# Dec 28th 2019, 22:02 admad "X" doesn't do this so CakePHP shouldn't either isn't a very good argument
# Dec 28th 2019, 22:01 dsar However, I bumped into this problem while porting a Symfony application where a big complex form was splitted in multiple actions for multiple submits, also Symfony has form security stuff, but it doesn't include the url of the form in the hash (and neither Zend, but I don't use it since long time)
# Dec 28th 2019, 21:59 dsar Well, not many people are aware of new html5 features :)
# Dec 28th 2019, 21:58 admad and no one did anything about it for 2 years. Are you willing to submit a patch to address it?
# Dec 28th 2019, 21:57 dsar It is about the new formaction attribute
# Dec 28th 2019, 21:57 dsar The issue is already here: https://github.com/cakephp/cakephp/issues/11427
# Dec 28th 2019, 21:57 admad or you can open an issue to see if making the inclusion of form url in the hash optional is acceptable and if so provide a patch to implement it
# Dec 28th 2019, 21:54 admad if a feature doesn't suit your needs supplant it with your own implementation. Just because you don't consider something a class of abuse doesn't mean other dont
# Dec 28th 2019, 21:52 dsar @admad I don't understand, a sort of provocation?
# Dec 28th 2019, 21:48 admad so implement your own form tampering prevention :)