Laravel 5: I'm building a thing and learning the framework as I go. I've just started implementing authorization with the built-in system, with Policy classes, which is pretty neat for permissions tied to specific model instances. But what when I have a permission not tied to any model instances, but is rather global, so to say? The specific case I have right now is "create new teams", only some users should have that permission. I can't check the permission on an object that doesn't exist yet, how are you supposed to declare that?
|
|
# ¿ Jun 5, 2016 12:05 |
|
|
# ¿ May 7, 2024 07:15 |
DarkLotus posted:You'll check against the user object. So tie that ACL to the user object to see if the user is allowed to create teams. So essentially use a dummy parameter when nothing else is appropriate? Kinda lovely solution but I guess I can live with it.
|
|
# ¿ Jun 6, 2016 05:37 |
Bob Morales posted:Line 239 it works, 245 it doesn't. I would guess it might be something in the variable that gets passed in. Notice that it's not escaped, I should do a SQL injection test Line 239 and 240 seem to me to be the broken ones? Based on the example output. Maybe try copy-pasting the whole "<br>\r\n" string from a working line to a broken one, to fix if there may be some invisible Unicode characters or whatever in the middle. Otherwise try var_dump()'ing the strings, that should also reveal if they have odd things in them.
|
|
# ¿ Jul 25, 2016 15:13 |
LP0 ON FIRE posted:I'm trying to attach a pdf from a URL. All it sends is an empty file. I verified that the filename and path are valid. I've tried a few variations, including using curl, and I have the feeling that maybe is something is going wrong in how the headers or body is written? Does the file you're sending really only exist on a remote server? I.e. what you do is download the file for the user and send it by mail? (If the file you want to send exists on your own server, you shouldn't be passing a HTTP URL to file_get_contents(), but just the filename.) Does the file download if you fetch that URL using your browser? Using a commandline tool (like wget or curl)? Why does your (original) code write the downloaded data to a new file, only to immediately read it back? Do you know if that writing the file works or fails?
|
|
# ¿ Nov 30, 2016 21:27 |
awesomeolion posted:Any idea why my time is off here by 46 minutes? You want "i" for minutes, "m" means month.
|
|
# ¿ Dec 14, 2016 18:32 |
The basic thing is that you are calling add_word() incorrectly, you pass a stringified version of $_POST which is useless, instead of just passing it directly. This is wrong: code:
code:
code:
You should also use parameterized queries instead of munging values and pasting them into SQL strings directly.
|
|
# ¿ Dec 29, 2016 22:29 |
Oh right, $connection in that mysqli_query call, that's probably a global. If it is you need to declare it as such at the start of the function body. http://php.net/manual/en/language.variables.scope.phpv
|
|
# ¿ Dec 29, 2016 22:50 |
Sulla-Marius 88 posted:Is there a function or sample code that can exactly reproduce javascript's deprecated escape() function? I know it's deprecated, but our partner won't update their code so we need to replicate it in PHP. I've tried googling but every response is just people saying "don't use deprecated code" and unfortunately we don't have that luxury. Untested: PHP code:
This "should" handle Unicode within the BMP, and fails with characters outside the BMP. E: The best way to support non-BMP characters may be to first convert the input string to UTF-16 and then process that. It may even be shorter code. nielsm fucked around with this message at 12:36 on Feb 10, 2017 |
|
# ¿ Feb 10, 2017 12:33 |
funny Star Wars parody posted:Hey guys, more dumb noob questions and I will admit that a lot of it involves javascript so if it's better suited to that thread feel free to let me know. I'm trying to make it so that a user can select files that they wish to download or delete from the server (this is an offline embedded device with a lighttpd instance running so that the client has a pretty file management interface) and I can't figure out how exactly to tell the php what to do when the user clicks a button (either download the selected files as a zip or delete them). From this snippet, it looks like you're generally confused with order of execution, and what executes on server and what on client, and how to share data between the two. HTML code:
JavaScript code:
Right after that you define a JavaScript function named rec, which also happens to have a syntax error. Are the two supposed to be related? Is the rec function actually supposed to be toDelete? The syntax error is that you just stick 'delete_selected.php' deletestuff together like that, you need an operator (probably +) between them, except that would probably end up as an invalid URL. It's not clear what deletestuff would contain, from the parts you pasted. HTML code:
JavaScript code:
Which brings me to, suddenly toDelete is an array, but you were using it as a function above. I think the first thing you should consider is whether you actually need to use JavaScript at all. In your post in the general programming questions thread (which reminded me of this, I had intended to reply earlier but forgot about it) you mention that this thing will run locally only on a small computer, not over the internet. In that case you know something about the performance, you know there will only be a single user at a time, and you know that transfer speed and latency between client and server are both as perfect as they can be. So you don't need to use client side scripting to mask over the performance of regular network connections. The much simpler solution, which may be what the original thing you're modifying already does, is to just have a plain old HTML form, no JS, you submit, which then batch deletes all the checked off files, and returns a new page with a new directory listing. Optionally with a log at the top/bottom about changes made. If you really do want a dynamically updating view, you need to completely rework this. You should probably make an array of plain old checkboxes with no events attached. Then have a button you attach a JS event handler to, that event handler then finds all checked boxes, collects the data into a form submission format, uses an XMLHttpRequest to call a PHP script on the server, and waits for then processed the response. The PHP script it calls should accept the form input generated by the JS, process the files, and return a JSON object containing status for each element the JS requested things to be done for. When the JS receives this response, it can go over the returned JSON, find the checkboxes for the files successfully deleted, and replace those checkboxes with a message that the file was deleted, or any error that maybe occurred. Edit: I made a sequence diagram. nielsm fucked around with this message at 09:27 on Apr 8, 2017 |
|
# ¿ Apr 8, 2017 09:17 |
Gozinbulx posted:secondly, if i DID successfully get someone to make the feature I want, is it considered untoward to propose a pull request based on a hired gun's code? Does that violate some GPL/Open source poo poo? Not that it really matters to me all that much if it works for me, but I do know there are people in the Git who want this feature so I'm wondering how the dev would feel. You will want to make publication or not of the modifications part of your contract with the developer. As far as I can tell, SeedDMS is GPL 2 license. I am not a lawyer, however my interpretation is that any modified or extended version must also be covered by GPL or a compatible license on 100% of the code. That in turn means anyone who receives a copy of the modified program is entitled to do whatever they want with it (including redistributing it to anyone they wish) with full source code, as long as all authors are properly credited. On the other hand, it also means that as long as you do not give anyone else a copy of the modified program, nobody else is entitled to it either. (Although I think you also couldn't stop the hired developer from running with the modifications.) The most courteous would be to hire a developer who will work with the open source project and have your required modifications become part of the public distribution. If it's something major you can perhaps negotiate having your business mentioned as a sponsor on the project website.
|
|
# ¿ May 22, 2017 20:54 |
Agrikk posted:Can someone point me to a good resource for learning how to batch insert items into a MySQL database using PHP? Prepared statements and working inside a transaction should be the basic approach. Prepare your insert statement once, then execute it multiple times with different data. Work inside a transaction to allow the database to not flush to disk constantly. (But for some resumability it may be a good idea to commit the transaction every so often, say every 100 or 500 rows.) MySQL also supports inserting multiple rows in a single insert statement, using the syntax INSERT INTO table (field1, field2, ...) VALUES (a1, a2, ...), (b1, b2, ...), (c1, c2, ...), ...; It may have better performance to batch multiple input rows that way, e.g. have your prepared statement process 10 rows at a time.
|
|
# ¿ Jun 6, 2017 18:01 |
ConanThe3rd posted:So, I have a client who wants to take their Excell spreadsheet of ID Numbers and copy-paste it into a textfield to apply a status to it. If you implement a rich-text editor (i.e. a contentEditable HTML thing), copy-paste from Excel will usually end up as an actual HTML table you can traverse client side with DOM, or submit and parse as HTML.
|
|
# ¿ Nov 9, 2017 20:21 |
The really proper way would be to have a separate service/daemon running on the server, which accepts jobs posted via a message queue, or maybe just inserted into a database table. How to actually set up something like that depends wholly on the hosting environment, and most cheap webhosts won't support this scenario at all. (Cheap webhosts will also kill any long running processes spawned by you, so an exec() solution would likely break the same way.)
|
|
# ¿ Apr 11, 2018 00:13 |
At what point is your environment variable getting set? As far as I understand IIS architecture, you run IIS as a system service, which does not inherit any environment, and IIS in turn runs workers such as PHP FastCGI in an application pool, which does not inherit any environment either. So you'd have to configure the environment at the application pool level.
|
|
# ¿ Dec 9, 2019 15:02 |
Jeffrey of YOSPOS posted:Lol I am personally sorry to this thread that [php] tags look bad in dark mode. I did work to make dark mode play nice with [code] tags but [php] tags use a completely different mechanism that is harder to change dynamically. I'm working on it and this is very silly. Can the [php] tags simply be translated to [code=php] instead?
|
|
# ¿ May 19, 2021 12:39 |
The file should be closed when the request finishes, regardless of you closing it explicitly, but it's still good practice to explicitly close your handles.
|
|
# ¿ Jan 9, 2022 00:25 |
Two things: You only have one instance of the countdown JS, and it only handles a single $countdown value. And it looks for the cell to fill in the countdown by HTML "id", which is by definition unique inside the document, it's not allowed to have two HTML elements with the same "id". What I'd personally do is make an empty cell in the output HTML from the PHP, give those cells a specific HTML "class", and then use a "data" attribute on them to store the countdown target. Then in the JS, you can search for all elements with the specific "class" value and create timers for each of them. PHP code:
JavaScript code:
|
|
# ¿ Feb 13, 2022 21:07 |
Nah you almost certainly want to check the actual client system time every time the interval timer runs in JS. You don't have any guarantee the timer runs exactly every 1000 ms, it can run a bit later and eventually you get noticeable timer drift. It can be okay to pass the server timestamp in from PHP, but you still want to at least calculate a time delta between page load and now with JS.
|
|
# ¿ Feb 13, 2022 22:39 |
"meta_data" is an array of objects, you need something like $item_data['meta_data'][0]['value']['deposit'] or probably rather a loop over it, in case there's multiple metadata.
|
|
# ¿ Mar 7, 2022 18:05 |
Don't use PHP to send the file. Or reinvent the wheel and implement a chunked reading and transfer where you continually check connection_aborted() as well as handle HTTP range requests in full.
|
|
# ¿ Apr 21, 2022 18:10 |
Not better at all. You need to be checking the connection_aborted() function whether the client has disconnected and then stop sending, otherwise you are definitely wasting server resources sending something to nowhere. Sending content type application/octet-stream is a good way to ensure that browsers will almost certainly not use the video in a <video> element. Send the right MIME type for the data unless you explicitly want it to only be a file download. If the goal is to let browsers play the video you really should also implement range requests as I suggested above. That can allow seeking in the video without downloading the full thing. I would also suggest using a safer identifier for the data to send than just a filename. Have a database or something to look up that the requested resource is on the approved list, and optionally do other permission checks for the specific client/user. Otherwise you're far better off just serving the files directly via your web server instead of wrapping the download in a script. Edit: ... I just noticed. You're taking the video file from a web URL and re-sending it? Is that on the same server, or on somewhere else? Just to be sure, you do realize that what you're doing there is tell PHP to open a HTTP connection as a client to the URL you construct there, download the data at that URL, and then re-send the just downloaded data to the client that script is serving, right? nielsm fucked around with this message at 22:12 on Apr 23, 2022 |
|
# ¿ Apr 23, 2022 22:07 |
Jabor posted:Alternatively, if you're just trying to store this information and aren't interested in querying based on the values in it, storing all the attributes in a single JSON field will be much easier to work with. Going to second this. JSON fields can be useful when you mostly just need to dump some data for storage. You can still query on them, it's just horrible and slow.
|
|
# ¿ Jul 6, 2022 05:54 |
Do you allow one pair of nodes to have multiple connections between them? (Or must there be at most one connection between any pair of nodes?) Do you allow nodes to connect to themselves? Do you allow the graph to have multiple "islands"? (Disconnected sets of nodes, where there is no possible path from a node in one island to a node in a different island.) Do you allow any nodes to have zero connections (be a single-node island)? The more "no" you have in the above, the harder the solution will be. On the other hand, if you can say "yes" to all of the above, one way to do it is to determine the number of desired connections for each node ahead of time, put every node into an array as many times as it needs connections, shuffle that array, remove the two last nodes in the array and connect those with each other, repeat until you've exhausted the array.
|
|
# ¿ Feb 25, 2023 21:38 |
If you're okay with getting Python code in the PHP thread, I tried writing something that generates a graph and at least tests whether it fulfills the entirely connected requirement.Python code:
Otherwise, it would be possible to write some algorithm to attempt to connect the disconnected islands too, probably something like pick two islands, select the least connected nodes in each island, and connect them pairwise, and repeat until the entire graph is connected. nielsm fucked around with this message at 23:08 on Feb 26, 2023 |
|
# ¿ Feb 26, 2023 22:50 |
Agrikk posted:
Look up "single source shortest path algorithm", there are multiple famous algorithms for it.
|
|
# ¿ Mar 1, 2023 18:07 |
You can also structure it as a lookup table, where each item stores the range start, range end, and the mapped values, then search the mapping by value. Or if all the search values are integer, use an array with the lookup key, so e.g. indexes 1 up to 20 in the lookup array all reference the same mapping object. If you need to translate a large number of values that's probably an advantage performance-wise.
|
|
# ¿ Dec 29, 2023 19:16 |
|
|
# ¿ May 7, 2024 07:15 |
You can clone the original repository locally and checkout the relevant branch or tag. Then add the other repository that the Pull Request is sent from as a second remote to your local checkout, and fetch it. Then you should have the branch the pull request is from as a reference that you can merge in. So it becomes something like: code:
|
|
# ¿ Mar 19, 2024 17:39 |