# |
May 21st 2021, 15:25 |
kevin.pfeifer |
I just checked the doc for CakePHP 2 https://book.cakephp.org/2/en/core-utility-libraries/security.html As stated there `cipher() uses a *weak* XOR cipher and should *not* be used. It is only included for backwards compatibility.` Dont know if you can/should get that working with newer versions. I would recommend you to start planning a cakephp upgrade in general since cakephp 2 has an EOL of 15th June 2021 |
# |
May 21st 2021, 14:54 |
rajesh |
do any one have suggestion? how swiftly we can migrate from 5.6 to 7.3 - without deleting old cookies - Thanks |
# |
May 21st 2021, 14:53 |
rajesh |
We are migrating Cakephp 2.10 from php 5.6 to 7.3 - we are generating cookies through default CakePHP method Security::cipher() And current active users having cookies generated from php 5.6 (we have approx 200K Active users) now issue is that we can't get cookies correct values those set in php 5.6 at new server 7.3 |
# |
May 21st 2021, 14:22 |
slackebot |
Maybe that's more difficult than I expected? That makes me wonder, does it make more sense for testability to change it from attributes to parameters? |
# |
May 21st 2021, 14:22 |
caseyw |
You're totally right. What was done is there is a service class that's fully tested. The middleware instantiates it, and runs a method passing Req/Resp. All that was mocked and tested and it's good to go. It essentially modifies the request to add the attribute and that's it. We have test around it as well. I don't want to mess with any internals, but thought there might be an easy way in the configRequest to pass attributes. |
# |
May 21st 2021, 14:16 |
ndm |
I wouldn't fiddle with internals in an integration, until there's a specific technical need for it. |
# |
May 21st 2021, 14:15 |
ndm |
Well, apparently it does need it, given that the attribute is missing ;) |
# |
May 21st 2021, 14:14 |
caseyw |
In this case it's being set in middleware, but the test doesn't need the middleware to run. I was hoping to be able to simply set the attribute when I construct the request in the test :) |
# |
May 21st 2021, 14:00 |
ndm |
If it's present in a regular web request, then I'd generally expect that it's present in a simulated test request too. |
# |
May 21st 2021, 13:59 |
ndm |
I'd say that depends on where that attribute is being set. |
# |
May 21st 2021, 13:56 |
caseyw |
Greetings, I have a question about a unit test in 3.9. In a controller we're making use of $this->getRequest()->getAttribute('example') - In an integration test we can't figure out how to populate the attribute field for the request. Any ideas on passing it in the test? |
# |
May 21st 2021, 11:49 |
paolo.bragagni |
ok thanks. lot of work to do |
# |
May 21st 2021, 11:47 |
ndm |
Build your own application template, that's not a workaround, but a perfectly acceptable solution. Check out other's app templates, like https://github.com/markstory/cakephp-typescript-react |
# |
May 21st 2021, 11:46 |
paolo.bragagni |
I know so I have to find a workaround |
# |
May 21st 2021, 11:45 |
ndm |
There is no application baking anymore, custom app skeletons look like `cakephp/app` now. |
# |
May 21st 2021, 11:44 |
paolo.bragagni |
go for easier :) |
# |
May 21st 2021, 11:44 |
paolo.bragagni |
and I had my new app with my settings/template/configuration |
# |
May 21st 2021, 11:43 |
paolo.bragagni |
in cake2 I didi cake bake project --skel Templates/myskel myapp |
# |
May 21st 2021, 11:43 |
ndm |
Again, what's _better_ and _easier_ depends, you have to try it. |
# |
May 21st 2021, 11:42 |
paolo.bragagni |
but I'm OPEN to better and easiest solutions |
# |
May 21st 2021, 11:41 |
paolo.bragagni |
in my idea is to use composer create-project to inizialize my app and the use the plugin where I put all my changes/configurations etc.. |
# |
May 21st 2021, 11:40 |
paolo.bragagni |
it auto generate, but if I copy cakephp/app I have the same for all my apps |
# |
May 21st 2021, 11:39 |
ndm |
Unless you hard-code it, that would get auto-generate, just like when you install the default CakePHP application template (assuming you'd use `composer create-project` to initialize your custom template). |
# |
May 21st 2021, 11:38 |
paolo.bragagni |
I can overwrite my cakephp/app ?? |
# |
May 21st 2021, 11:38 |
paolo.bragagni |
the application has some sort of id salt id etc? |
# |
May 21st 2021, 11:38 |
ndm |
You should give it a try and see hot it works for you. |
# |
May 21st 2021, 11:37 |
ndm |
That all depends on what possible needs to be maintained, there's no one size fits all solution. However, generally I'd suggest an application template as the basis, as trying to cram all sorts of boilerplate code into plugins can easily turn into a hot mess. |
# |
May 21st 2021, 11:37 |
paolo.bragagni |
(I meand I have to port all work done for cake2.. but at least I knw how to do..) |
# |
May 21st 2021, 11:36 |
paolo.bragagni |
I've already made a bake theme to build all my modified actions and views |
# |
May 21st 2021, 11:35 |
paolo.bragagni |
but which is the more simple way? |
# |
May 21st 2021, 11:35 |
paolo.bragagni |
yes this is sure |
# |
May 21st 2021, 11:34 |
kevin.pfeifer |
if you want my hot topic on that: If it works and you (and your co-workers) can work with it then keep it as simple as possible and not "search for the right way" too hard |
# |
May 21st 2021, 11:33 |
paolo.bragagni |
I'm porting the same work that I mede some years ago with cake2 |
# |
May 21st 2021, 11:33 |
paolo.bragagni |
then when I have to build a new app I copy cakephp/app ? |
# |
May 21st 2021, 11:33 |
neon1024 |
I think what you’re doing is a bit too bespoke for a ‘right way’ |
# |
May 21st 2021, 11:32 |
paolo.bragagni |
but it is the right way? |
# |
May 21st 2021, 11:32 |
paolo.bragagni |
yes it is an idea |
# |
May 21st 2021, 11:32 |
paolo.bragagni |
yes, we have smartcard and access to an oauth2 server authentication |
# |
May 21st 2021, 11:32 |
ndm |
You might want to consider a custom application template, eg fork `cakephp/app` and maintain it according to your needs. |
# |
May 21st 2021, 11:31 |
neon1024 |
Sounds like OAuth :thinking_face: |
# |
May 21st 2021, 11:31 |
neon1024 |
So some kind of common way of authenticating? |