# |
Apr 12th 2021, 17:00 |
kevin.pfeifer |
well how does it check if its a replay attack then :thinking_face: |
# |
Apr 12th 2021, 16:52 |
greg138 |
There's also a timeout in there, to avoid replay attacks. Not sure where that's covered in the docs. |
# |
Apr 12th 2021, 16:49 |
kevin.pfeifer |
seems like your form falls into one of these conditions • Unknown fields cannot be added to the form. • Fields cannot be removed from the form. • Values in hidden inputs cannot be modified. https://book.cakephp.org/4/en/controllers/components/security.html#form-tampering-prevention |
# |
Apr 12th 2021, 16:12 |
greg138 |
This isn't CSRF, it's the form security component. |
# |
Apr 12th 2021, 14:01 |
kevin.pfeifer |
either `mysqldump` via SSH or export the database via e.g. PHPMyAdmin |
# |
Apr 12th 2021, 12:42 |
nayakvradhit |
Now my concern is It possible to copy db from old server to new server for this db? |
# |
Apr 12th 2021, 12:41 |
nayakvradhit |
I have resolved it by granting privileges to the user and after that i got unknown db called dbname and I have created db and now that issue also gine |
# |
Apr 12th 2021, 12:40 |
nayakvradhit |
Hi Kevin, |
# |
Apr 12th 2021, 11:56 |
neon1024 |
I can work with that for now |
# |
Apr 12th 2021, 11:56 |
neon1024 |
Hehe, now I get a file `LOGSerror.log` :) |
# |
Apr 12th 2021, 11:42 |
neon1024 |
Oh it’s the same, I shall go look |
# |
Apr 12th 2021, 11:42 |
neon1024 |
Sorry that didn’t work. You linked `master` perhaps it’s different for 3.x :) |
# |
Apr 12th 2021, 11:20 |
neon1024 |
Ahh, nice, thanks @admad |
# |
Apr 12th 2021, 11:19 |
admad |
https://github.com/cakephp/cakephp/blob/master/src/Core/StaticConfigTrait.php#L191 |
# |
Apr 12th 2021, 10:57 |
neon1024 |
Just whilst I am on a roll. I would like to log to file for my local env. I used `export LOG_ERROR_URL="file://logs?levels[]=warningandlevels[]=errorandlevels[]=criticalandlevels[]=alertandlevels[]=emergencyandfile=error"` but for some reason the log files are written to the root of my project instead of to `/logs` what have I missed from my DSN? |
# |
Apr 12th 2021, 10:47 |
neon1024 |
Seems it does! Must be some secret __call in the entity trait :thinking_face: |
# |
Apr 12th 2021, 10:45 |
neon1024 |
Just wondering if there is some secret magic in the background |
# |
Apr 12th 2021, 10:45 |
neon1024 |
Just a quick question. In Cake 3 accessing an entity property directly such as. `$example->thing` does that still use the `_getThing()` accessor method, or do I have to use `$example->get('thing')` ? |
# |
Apr 12th 2021, 09:56 |
me1367 |
That'll make it executable so that you don't have to run `php bin/cake` |
# |
Apr 12th 2021, 09:55 |
me1367 |
`chmod +x bin/cake.php` |
# |
Apr 12th 2021, 02:48 |
hmic |
@noel |
# |
Apr 12th 2021, 02:48 |
hmic |
try "php bin/cake.php" |
# |
Apr 12th 2021, 00:00 |
noel |
yes: zsh: permission denied |
# |
Apr 11th 2021, 23:31 |
khalil |
No I get request has been blackholed |
# |
Apr 11th 2021, 23:26 |
kevin.pfeifer |
does `bin/cake.php` show something? |
# |
Apr 11th 2021, 23:02 |
noel |
I’m getting no terminal output nor errors when I run `bin/cake` and nothing in the CLI logs. Any ideas? |
# |
Apr 11th 2021, 17:00 |
noel |
@admad it’s not stateless no. It’s a stateful REST, so we can handle things like permissions by knowing who the session user is. |
# |
Apr 11th 2021, 16:56 |
cnizzardini |
Store JWT in session and pass JWT to API. CakePHP supports this. |
# |
Apr 11th 2021, 16:46 |
cnizzardini |
Should consider JWT, but I replied to the original message. Set request accepts header. |
# |
Apr 11th 2021, 16:36 |
admad |
There are stateless authenticators :) |
# |
Apr 11th 2021, 16:32 |
kevin.pfeifer |
i guess his api has some endpoints which require authentication |
# |
Apr 11th 2021, 16:27 |
admad |
And why does your API need sessions? It's not stateless REST? |
# |
Apr 11th 2021, 16:24 |
cnizzardini |
@noel |
# |
Apr 11th 2021, 16:23 |
cnizzardini |
e.g. ```curl -X 'GET' \ 'https://cakephpswaggerbake.cnizz.com/actors' \ -H 'accept: application/json'``` |
# |
Apr 11th 2021, 16:21 |
cnizzardini |
```-H 'accept: application/json'``` |
# |
Apr 11th 2021, 16:07 |
cnizzardini |
What is the specific problem/error though and someone might be able to better assist based off of that. |
# |
Apr 11th 2021, 16:06 |
cnizzardini |
I've done this (sorta), but I didn't have my API handling cookies since it was stateless. Cookies were handled in the Client which was SlimPHP + VueJS and then the API was an entirely separate CakePHP application. |
# |
Apr 11th 2021, 16:03 |
noel |
No. It’s working on another dev’s machine but not on mine. Can’t for the life of me figure out why. |
# |
Apr 11th 2021, 15:50 |
ndm |
Do you have any reason for doubting that VueJS would work with cookies out of the box? |
# |
Apr 11th 2021, 15:42 |
noel |
Has anyone here used VueJS as a front-end with Cake delivering an API on the back-end? If so how to get VueJS working with PHP Sessions? |
# |
Apr 11th 2021, 15:06 |
kevin.pfeifer |
or is there something specific in the log/error.log? |