| # |
Apr 13th 2021, 09:12 |
 nayakvradhit |
Ok thanks |
| # |
Apr 13th 2021, 09:11 |
nayakvradhit |
Yes @kevin.pfeifer I have set the document root to var/www/html/appname And calling ipaddress/appname If I set like this does it miss cakephp styles what I gave? |
| # |
Apr 13th 2021, 09:03 |
conehead |
@neon1024 Yes, do it in batches. Get 1k rows, calculate the new field, save those 1k rows with one save and grab the next 1k rows and repeat |
| # |
Apr 13th 2021, 08:53 |
kevin.pfeifer |
theoretically if your webroot is in the “root” of the cakephp/app folder (and without any special .htaccess/webserver rules) all your src files, config files including database user and password would be accessible via a URL which isn’t that great, right? ;) |
| # |
Apr 13th 2021, 08:50 |
nayakvradhit |
Can anyone please tell me why we need to point the cakephp app into webroot in the document root of apache config? |
| # |
Apr 13th 2021, 08:41 |
neon1024 |
Does anyone have any suggestions on how I can update 80k rows in my database, I need to transform the data using PHP and save it into a new field. I have written a command which processes each record but working out the timings, the total run would be 37 minutes! |
| # |
Apr 13th 2021, 08:22 |
masa19951009 |
ok I'll check again thanks! |
| # |
Apr 13th 2021, 08:21 |
kevin.pfeifer |
The https://github.com/cakephp/authentication plugin in the current version (2.6) is cake4 compatible, yes |
| # |
Apr 13th 2021, 08:12 |
masa19951009 |
Thank ! Sorry I'm using CakePHP 4 and this way not work :,(. Does it work in cake4? Maybe another problem. |
| # |
Apr 13th 2021, 08:10 |
kevin.pfeifer |
i was going to point that out admad :) ylj |
| # |
Apr 13th 2021, 08:09 |
admad |
@masa19951009 helps to read the manual :) https://book.cakephp.org/authentication/2/en/identifiers.html#password |
| # |
Apr 13th 2021, 08:07 |
masa19951009 |
Excuse me. I have a question. Does anyone know how to create multi column in authentication plugin? Like both name and email can login. |
| # |
Apr 13th 2021, 05:40 |
nayakvradhit |
Thanks |
| # |
Apr 12th 2021, 20:58 |
greg138 |
That's right. But there's *something* in the session that gets regenerated every page load now... |
| # |
Apr 12th 2021, 20:58 |
kevin.pfeifer |
thats why you get a ID to tell PHP which data you already have |
| # |
Apr 12th 2021, 20:58 |
kevin.pfeifer |
aren’t sessions the PHP native way to actually save data between requests? HTTP per se is stateless. |
| # |
Apr 12th 2021, 20:54 |
greg138 |
I only have about 120 more important things than that to do right now... ;) |
| # |
Apr 12th 2021, 20:54 |
greg138 |
I'm going to have to dig into this more at some point. Isn't the session ID regenerated on basically every page load now? If the session ID is included in the form tamper protection somehow, that would seem to mean you couldn't load a form in one tab, visit a different page, then come back to the form, but that works fine. |
| # |
Apr 12th 2021, 20:52 |
kevin.pfeifer |
https://book.cakephp.org/4/en/controllers/components/security.html#disabling-form-tampering-for-specific-actions |
| # |
Apr 12th 2021, 20:52 |
kevin.pfeifer |
you can do that with this line |
| # |
Apr 12th 2021, 20:51 |
kevin.pfeifer |
if your OK with having a form thats dedicated to not have these security features enabled then sure, that can be configured |
| # |
Apr 12th 2021, 20:50 |
greg138 |
If you have a form you don't want *any* security on, I think that's easily configured. |
| # |
Apr 12th 2021, 20:50 |
kevin.pfeifer |
how you cirtumvent that with an AJAX call, i have no idea |
| # |
Apr 12th 2021, 20:48 |
kevin.pfeifer |
so if the hash of the forms in the “old” form (mixed up with the current session) don’t match up with the sent form then you get that error |
| # |
Apr 12th 2021, 20:47 |
kevin.pfeifer |
https://github.com/cakephp/cakephp/blob/master/src/Controller/Component/SecurityComponent.php#L295 |
| # |
Apr 12th 2021, 20:47 |
kevin.pfeifer |
in this function it uses sessions |
| # |
Apr 12th 2021, 20:47 |
kevin.pfeifer |
https://github.com/cakephp/cakephp/blob/master/src/Controller/Component/SecurityComponent.php#L230 |
| # |
Apr 12th 2021, 20:47 |
kevin.pfeifer |
_validatePost uses the method _hashParts |
| # |
Apr 12th 2021, 20:46 |
kevin.pfeifer |
well i think i know whats the problem |
| # |
Apr 12th 2021, 20:45 |
khalil |
I’ll check and if i figure it out i’ll let you guys know |
| # |
Apr 12th 2021, 20:45 |
khalil |
Perfect thanks Kevin! |
| # |
Apr 12th 2021, 20:44 |
kevin.pfeifer |
https://github.com/cakephp/cakephp/blob/master/src/Controller/Component/SecurityComponent.php#L242 |
| # |
Apr 12th 2021, 20:44 |
kevin.pfeifer |
if you get a AuthSecurityException its this line |
| # |
Apr 12th 2021, 20:43 |
kevin.pfeifer |
if your get a BadRequestException its this line https://github.com/cakephp/cakephp/blob/master/src/Controller/Component/SecurityComponent.php#L188 |
| # |
Apr 12th 2021, 20:43 |
khalil |
Next challenge is to make it happen haha |
| # |
Apr 12th 2021, 20:43 |
khalil |
I’m setting up a local dev with a debugger |
| # |
Apr 12th 2021, 20:08 |
kevin.pfeifer |
there are only a few places where that error is being triggered. If you got a local setup and/or xdebug you could pretty easily track down what causes that error |
| # |
Apr 12th 2021, 20:05 |
greg138 |
I can't find specifics of what I'm talking about now, so I'm wondering whether I've got it wrong and that's not an explicit thing but rather a side effect of CSRF or session timeout? If you have an integrated debugger, it should be pretty easy to step through the security component's form checking to find what, specifically, is triggering the issue for you. |
| # |
Apr 12th 2021, 19:52 |
khalil |
And Kevin my form doesn’t fall under any of these criteria’s |
| # |
Apr 12th 2021, 19:51 |
khalil |
Blackhole is annoying :$ |
| # |
Apr 12th 2021, 19:51 |
khalil |
I need to read more if we can extend the time |