# |
Jun 21st 2021, 17:47 |
alamnaryab |
But I think I can not use `->transactional()` also because all these entities are not for same model, also each entity properties has foreign keys from previously saved record. and there are some conditional properties. |
# |
Jun 21st 2021, 17:36 |
kevin.pfeifer |
it seems that usually every `->save($entity)` call has its own transaction, thats why you can't rollback them now |
# |
Jun 21st 2021, 17:35 |
slackebot1 |
docs for cakephp 4 https://book.cakephp.org/4/en/orm/saving-data.html#converting-multiple-records But this `->transactional()` function is still present in cake 4 so you could try that I guess :man-shrugging: |
# |
Jun 21st 2021, 17:35 |
kevin.pfeifer |
looking at https://book.cakephp.org/3/en/orm/saving-data.html#converting-multiple-records there is a `->transactional()` function you could use to wrap all those saves in one transaction ```$this->Model1->getConnection()->transactional(function () use ($articles, $entities) { foreach ($entities as $entity) { $articles->save($entity, ['atomic' => false]); } });``` But this part has been removed from the |
# |
Jun 21st 2021, 17:23 |
slackebot1 |
Model2'); } if(!$this->Model9->save(...) ){ throw exception('Could not save Model9'); } $datasource->commit(); }catch(Exception $ex){ $datasource->rollback(); $this->Flash->error($ex->getMessage(). ' Line:'.$ex->getLine()); }``` |
# |
Jun 21st 2021, 17:23 |
alamnaryab |
in cakephp2 I am having something like this ```$datasource = $this->Model1->getDataSource(); $datasource->begin(); try{ if(!$this->Model1->save(...) ){ throw exception('Could not save Model1'); } if(!$this->Model2->save(...) ){ throw exception('Could not save Model2'); } $this->Model3->id = $this->Model2->id; /////insert statement if(!$this->Model3->save(...) ){ throw exception('Could not save |
# |
Jun 21st 2021, 17:20 |
kevin.pfeifer |
and you get false back from `$this->Tags->save()` if it didn't save |
# |
Jun 21st 2021, 17:19 |
kevin.pfeifer |
well `$this->Tags->save()` will not save if there are errors in the entity and therefore you don't have to manually rollback. You have multiple events you can hook into in the `src/Table/MyTable.php` https://book.cakephp.org/3/en/orm/table-objects.html#lifecycle-callbacks But maybe I don't understand your usecase. |
# |
Jun 21st 2021, 17:16 |
slackebot1 |
error message to user. it will be difficult to convert all that logic to sql queries. |
# |
Jun 21st 2021, 17:16 |
alamnaryab |
https://cakesf.slack.com/archives/C053DPNGT/p1624270771154400 @kevin.pfeifer about transcation topic at above link I have cakephp2 project to convert to cakephp4 by re-writing all there I have used transactions with models not custom sql queries for more detail I have dynamic workflow on each step I have to insert in some table, while make update in some tables at last send eamil if any thing failed I have to revert and show |
# |
Jun 21st 2021, 16:29 |
ndm |
If by forwarding you mean you're just redirecting a user, then it should pick up the session where it left, given that the session cookie is still valid. |
# |
Jun 21st 2021, 16:28 |
ndm |
Yes, very likely that it doesn't send the session cookie. Depending on what that external thing is, it might not even have that cookie. |
# |
Jun 21st 2021, 16:22 |
neon1024 |
I wondered if the third party don’t send the cookie if the request wouldn’t contain the session? Is that a thing? As it’s `$this ->getRequest()->getSession()` |
# |
Jun 21st 2021, 16:22 |
neon1024 |
If something external posts to my application, will the request not include the sesssion? I am writing data before forwarding a user off, and when they return I want to match stuff with the session from before they left, but it’s not preset |
# |
Jun 21st 2021, 15:47 |
kevin.pfeifer |
i see, thx :) |
# |
Jun 21st 2021, 15:47 |
ndm |
Not with regards to preventing absolute URLs from slipping in, no, `getLoginRedirect()` will prevent that just fine, it just needs to be actually used :) |
# |
Jun 21st 2021, 15:44 |
kevin.pfeifer |
so this isn’t an issue with the authentication plugin? I don’t have a “pure” authentication app ready to test it |
# |
Jun 21st 2021, 15:40 |
ndm |
You may want to open an issue with cakedc/users so that they can possibly fix it. |
# |
Jun 21st 2021, 15:35 |
kevin.pfeifer |
but isn't that exactly what is being discussed here? https://github.com/cakephp/authentication/issues/450 |
# |
Jun 21st 2021, 15:32 |
kevin.pfeifer |
I can confirm the external redirect from the `redirect_to=<url_encoded-URL>` param when using cakedc/users which is based on the authentication plugin |
# |
Jun 21st 2021, 14:36 |
a.vanniel |
we jumped on the Authentication middleware with version 1.x ... I guess we forgot to change this part for 2.x ... I feel a bit stupid now. |
# |
Jun 21st 2021, 14:31 |
ndm |
`getLoginRedirect()` was introduced with some early 1.x version I think, so at some point the docs were different. |
# |
Jun 21st 2021, 14:25 |
a.vanniel |
we actually used that page to build what we have now... has this been changed? or did we just mess things up at some point? |
# |
Jun 21st 2021, 14:25 |
ndm |
https://book.cakephp.org/authentication/2/en/index.html#building-a-login-action |
# |
Jun 21st 2021, 14:23 |
a.vanniel |
where do I find docs to do this properly ... or in other words, where do I find docs to read how this should be fixed? |
# |
Jun 21st 2021, 14:21 |
a.vanniel |
```$redirect = $this->request->getQuery('redirect', [ 'controller' => 'Pages', 'action' => 'display', 'home' ]);``` I think this must be old and has not been updated at some point... |
# |
Jun 21st 2021, 14:21 |
a.vanniel |
o dear... I just noticed something... |
# |
Jun 21st 2021, 14:20 |
ndm |
What does your redirect code look like? |
# |
Jun 21st 2021, 14:20 |
a.vanniel |
(running Authentication 2.6.1 by the way) |
# |
Jun 21st 2021, 14:19 |
a.vanniel |
might we have done something wrong on our end to allow redirect to go to an external page after loggin in? I just tried it again... came to https://www.our-site.com/users/login?redirect=%2F and I changed the redirect to https://www.some-evil-site.com/ and got redirected to the external site after logging in... |
# |
Jun 21st 2021, 14:17 |
a.vanniel |
odd... |
# |
Jun 21st 2021, 14:02 |
ndm |
Yes, it really should. https://github.com/cakephp/authentication/blob/2.6.1/tests/TestCase/AuthenticationServiceTest.php#L751-L755 |
# |
Jun 21st 2021, 13:59 |
slackebot1 |
illegal urls. |
# |
Jun 21st 2021, 13:59 |
a.vanniel |
@ndm really? because I manually changed redirect for the Authentication middleware plugin in the login page and after logging in, i was redirected to the google search engine landing page... Also, I am looking to do this in a place somewhere other then login ... it was just an example ... not meant to say there is a bug or security hole in there... I just was trying to figure out if and how that middleware handles external |
# |
Jun 21st 2021, 13:56 |
ndm |
Sorry, ment to tag @a.vanniel |
# |
Jun 21st 2021, 13:55 |
ndm |
@alexdd55976 Use the authentication component, `getLoginRedirect()` will only return relative URLs, if someone crams in an absolute URL (internal or external), you'd receive `null`. |
# |
Jun 21st 2021, 13:07 |
a.vanniel |
for now I did what you suggested regarding the host by the way... checking if the host in the redirect url (full) matches the current host... if not, it most likely isn't internal |
# |
Jun 21st 2021, 13:06 |
a.vanniel |
It would be great to have an isInternal method inside Router... I don't think many people actually need this though.. I will open an issue on github. see where it goes. good luck on your 2nd shot... I need to wait until 12th of juli for the 2nd one. |
# |
Jun 21st 2021, 13:01 |
kevin.pfeifer |
I would suggest you create an issue in the cakephp/cakephp repo. I dont know it/cant check right since im on my way to get my 2. vacine shot :) Or someone else can answer that ^^ |
# |
Jun 21st 2021, 12:22 |
a.vanniel |
What I don't really get, but there might some logic to this, is why the Google website counts as an existing route....? |
# |
Jun 21st 2021, 12:17 |
a.vanniel |
would normalize be able to help me out here? |