# |
Feb 22nd 2020, 15:22 |
etibor |
How do you prevent such as mysql injection localhost/cakephp-project/users-roles/delete/1 or something similar, unwanted add to users-roles table etc |
# |
Feb 22nd 2020, 15:21 |
etibor |
hopefully it will less painable than the changing to 3.0 |
# |
Feb 22nd 2020, 15:21 |
etibor |
uh Jesus, once again a big upgrade |
# |
Feb 22nd 2020, 03:32 |
ron.rattie |
I'm glad you were able to get help from yourself. |
# |
Feb 22nd 2020, 02:41 |
challgren |
Cake 4.0.4 released https://github.com/cakephp/cakephp/tree/4.0.4 |
# |
Feb 21st 2020, 18:11 |
ricksaccous |
AuthenticationComponent has setIdentity |
# |
Feb 21st 2020, 18:11 |
ricksaccous |
thanks anyways |
# |
Feb 21st 2020, 18:11 |
ricksaccous |
welp i fixed it, nevermind |
# |
Feb 21st 2020, 18:07 |
ricksaccous |
yep, i was right.... |
# |
Feb 21st 2020, 18:02 |
ricksaccous |
i still don't know how the component knows whether to persist it though |
# |
Feb 21st 2020, 17:58 |
ricksaccous |
looking at AuthenticationComponent |
# |
Feb 21st 2020, 17:58 |
ricksaccous |
so this is intended behavior |
# |
Feb 21st 2020, 17:58 |
ricksaccous |
i suppose the token is meant to be passed throughout, rather than persisting |
# |
Feb 21st 2020, 17:50 |
ricksaccous |
but I don't understand why they'd behave differently |
# |
Feb 21st 2020, 17:50 |
ricksaccous |
and that's what's causing it |
# |
Feb 21st 2020, 17:50 |
ricksaccous |
I have a sneaking suspicion token isn't writing to Session for whatever reason |
# |
Feb 21st 2020, 17:48 |
ricksaccous |
hmmmmm |
# |
Feb 21st 2020, 17:47 |
slackebot |
<ricksaccous> |
# |
Feb 21st 2020, 17:46 |
ricksaccous |
I'll also show the authentication set up I have in middleware: |
# |
Feb 21st 2020, 17:45 |
ricksaccous |
Only log in action |
# |
Feb 21st 2020, 17:44 |
ricksaccous |
so |
# |
Feb 21st 2020, 17:44 |
ricksaccous |
I think this is nonsensical without showing some code |
# |
Feb 21st 2020, 17:43 |
ricksaccous |
the token identifier returns valid but it never redirects after "logging in" , the first identifier I have (form one) redirects fine |
# |
Feb 21st 2020, 17:42 |
ricksaccous |
I'm using a custom identifier along with a token identifier |
# |
Feb 21st 2020, 17:42 |
ricksaccous |
with using two identifiers in cakephp3 |
# |
Feb 21st 2020, 17:42 |
ricksaccous |
I'm running into a strange issue |
# |
Feb 21st 2020, 17:41 |
kailas |
that was a good way to waste a morning. |
# |
Feb 21st 2020, 17:40 |
kailas |
oh shit, nevermind, i’m an idiot. i created a custom getter with the same name.. |
# |
Feb 21st 2020, 17:39 |
kailas |
is there something special about the name “claims” in cake? i have a field in my record named claims. for some reason if i debug(a), i see that a->claims has a value. however, if i do debug(a->claims), it’s empty? wtf? |
# |
Feb 21st 2020, 16:56 |
dereuromark |
;) all right |
# |
Feb 21st 2020, 16:56 |
kaliel |
yeah sure, just want to make my plugin ok with cake 5 :) |
# |
Feb 21st 2020, 16:56 |
dereuromark |
ah nevermind, they still normally exist and work in 4.x even still. so all good |
# |
Feb 21st 2020, 16:55 |
dereuromark |
@kaliel You could PR them to the cake4 branch of Shim plugin if you miss them and want to make upgrading of existing projects a bit easier. |
# |
Feb 21st 2020, 16:40 |
ndm |
@kaliel `symfony/finder` and `symfony/filesystem` |
# |
Feb 21st 2020, 16:39 |
ndm |
I mean, technically you don't really _need_ to change anything, keeping things as is won't cause any harm to the Bitbucket repo, but removing the stuff that you don't use surely is advised from a purely organisational point of view. |
# |
Feb 21st 2020, 16:36 |
ricksaccous |
that's somewhat how i operate though it is good to get ideas every now and then |
# |
Feb 21st 2020, 16:36 |
ricksaccous |
@trash.mail.collector you gotta just do stuff, nothing more necessary, don't fret over small things and just try it and see, the more you take action the easier it is to figure things out for yourself |
# |
Feb 21st 2020, 16:35 |
kaliel |
i already asked, but can't remember, what lib do you suggest for replacement of Folder and File API ? (i'll miss them so much) |
# |
Feb 21st 2020, 16:33 |
trash.mail.collector |
do I need to make any other changes before an initial commit (this is my first 4.x project -- I apologize for the dumb questions)? |
# |
Feb 21st 2020, 16:29 |
ndm |
@trash.mail.collector Sure, why not, unless Bitbucket somehow has support for it, it only serves a function for Github based code hosting. |
# |
Feb 21st 2020, 16:26 |
ndm |
Personally I'd also put manual type validation in the method code itself, nothing more annoying then too lax interfaces IMHO :) |