| # |
May 29th 2021, 18:10 |
 etibor |
i can implament in the controller for sure, but would be good to leave alone the controller now and add to the Model |
| # |
May 29th 2021, 18:09 |
ndm |
@etibor That sounds like a job for a custom application rule where you query the storage row and check whether the score is valid. |
| # |
May 29th 2021, 18:05 |
dereuromark |
@admad The "ADmad" release is freshly baked :) https://github.com/dereuromark/cakephp-geo/releases/tag/2.1.0 |
| # |
May 29th 2021, 18:04 |
etibor |
the scenerio is like : Documents have an storage_id, score field(store an int) the maximal and minimal value is stored in the storage Model so Document's score depend on Storage minimal and maximal field |
| # |
May 29th 2021, 18:00 |
ndm |
Not sure what you are referring to now. Your min/max validation? You don't know how to implement that? |
| # |
May 29th 2021, 17:58 |
etibor |
i can implement a basic validation, but validation based on different model's value dont know |
| # |
May 29th 2021, 17:57 |
ndm |
Well, basic setup could be an `existsIn()` rule for the rules checker to ensure only existing storage IDs are saved, and an `inList()` validation rule for the request data in case you need to restrict what IDs a user is allowed to select. |
| # |
May 29th 2021, 17:56 |
etibor |
and the Documents have a score field which minimal and maximal value depend on the Storage type(the storage_id) |
| # |
May 29th 2021, 17:55 |
etibor |
yes document have a storage_id field too |
| # |
May 29th 2021, 17:54 |
ndm |
So you save storage IDs? |
| # |
May 29th 2021, 17:53 |
etibor |
the select field in the Documents, its depends on Storage "b" field value |
| # |
May 29th 2021, 17:53 |
etibor |
i have two models, Documents and Storage |
| # |
May 29th 2021, 17:52 |
etibor |
so bascily i dont know how can i add the validation rule in model to make it easier |
| # |
May 29th 2021, 17:50 |
etibor |
i store the form datas in db, for example the value of select list is also stored in this table |
| # |
May 29th 2021, 17:50 |
ndm |
You need to validate anyways, there's no way around that. |
| # |
May 29th 2021, 17:50 |
etibor |
i know i can validate the data, but i have too many forms now |
| # |
May 29th 2021, 17:49 |
etibor |
yes i dont know the whole process, just have this experience that adding extra fields will thrown black whole |
| # |
May 29th 2021, 17:49 |
ndm |
You should validate and verify your data in the backend anyways... which is why I was never really a fan of that feature anyways. |
| # |
May 29th 2021, 17:47 |
ndm |
*change its name |
| # |
May 29th 2021, 17:47 |
ndm |
I don't think select options are being secured, only the field itself, for example you cannot its name. |
| # |
May 29th 2021, 17:41 |
etibor |
but if change select list element value its just saved |
| # |
May 29th 2021, 17:41 |
etibor |
little progress: adding a new input field redirect to blackhole |
| # |
May 29th 2021, 17:31 |
ndm |
IIRC on 3.8 loading the security component should be enough to enable form tampering protection. |
| # |
May 29th 2021, 17:30 |
ndm |
CSRF has nothing to do with form tampering though, except for the field that holds the CSRF token of course. Unless you mean that this also won't make CSRF protection work? |
| # |
May 29th 2021, 17:28 |
etibor |
but nothing prevented |
| # |
May 29th 2021, 17:28 |
etibor |
i also added the $this->loadComponent('Csrf'); |
| # |
May 29th 2021, 17:28 |
ndm |
the default identity class proxies access to the inner object |
| # |
May 29th 2021, 17:28 |
etibor |
thank you @ndm i use cake 3.8 |
| # |
May 29th 2021, 17:27 |
ndm |
Check it |
| # |
May 29th 2021, 17:26 |
CakeIsGreat |
Seems to be returning it fine, as if it manually set user_id = ... getIdentity()->id; it saves it appropriately |
| # |
May 29th 2021, 17:26 |
ndm |
@etibor Depending on your CakePHP version, form protection is now a separate component. |
| # |
May 29th 2021, 17:25 |
ndm |
CakeIsGreat: Maybe `getIdentity()` doesn't return an entity, the ORM won't save anything else. |
| # |
May 29th 2021, 17:22 |
etibor |
is there any additional todo to make working the form tampering protection? |
| # |
May 29th 2021, 17:21 |
CakeIsGreat |
Well thanks both for the help. The posts association is fixed. I just don't understand why the user association isn't being saved. |
| # |
May 29th 2021, 17:14 |
admad |
If any IRC user has a problem with freenode they can use slack/discord/matrix :) |
| # |
May 29th 2021, 17:14 |
ndm |
@ionas I have no idea about that :) |
| # |
May 29th 2021, 17:12 |
admad |
Also conventionally the join table name should be "keywords_posts". You need to follow alphabetical order when combining the words. |
| # |
May 29th 2021, 17:12 |
admad |
CakeIsGreat: setting the fK field is the right way for belongsTo and hasOne associations. Why do you have Posts hasMany Keywords? It should be belongsToMany Keywords. |
| # |
May 29th 2021, 17:10 |
inoas |
@ndm we need to move the CakePHP IRC channel / bot to irc.libra.chat I think - or at least install it there, too |
| # |
May 29th 2021, 17:09 |
CakeIsGreat |
Thank you. Yes, I *just* discovered that, but took a lot of trial and error. What I still don't get though is why I can't set "$post->user = $this->Authentication->getIdentity();" I could manually set $post->user_id but that seems to be the wrong way to go about it since it should be able to save by association anyways |
| # |
May 29th 2021, 17:08 |
ndm |
That being said, you have set up `Posts hasMany Keywords`, so when saving a post with keywords there will be no join table involved. You probably want `Posts belongsToMany Keywords` instead, ie the opposite direction of what you have on your `Keywords` table. |