WanWizard

a.k.a. WanWizard

Remember cookie user mismatch - security issue
If you check the code of the Auth_Login_Simpleauth class, you'll see in perform_check() that it will check for the existence of a remember-me cookie, and if it exists, it will retrieve the "user_id" variable from it, and use that to c…

Comment by WanWizard April 2017 permalink
Remember cookie user mismatch - security issue
Remember me is implemented using a separate session instance, using an encrypted cookie. The cookie is stored locally by the browser, so it is linked to the PC and the browser installed on it, and not the user. Did someone else use that PC before t…

Comment by WanWizard April 2017 permalink
Creating a user registration form
In that if, just change the "false" default value to "true", so it skips the if. I think your biggest challenge here is that you don't have the View, and you struggle to understand the fieldset functionality, which is the bi…

Comment by WanWizard April 2017 permalink
The correct place to authenticate
You're welcome. Just give a shout if you need to know more. ( and I know what you mean, we have a few WP sites to maintain, very PHP4 like... ;-) )

Comment by WanWizard April 2017 permalink
The correct place to authenticate
Never put logic in a View. Views are only for markup of your output, so ideally they contain only HTML. If you need to use PHP, only use it for stuff like simple if's, or loops. If you need pre-markup logic, for example to convert a database re…

Comment by WanWizard April 2017 permalink
Creating a user registration form
Stuff like if ( ! \Config::get('application.user.registration', false)) also doesn't exist in your application, as the "application" config file is specific to our framework. Because it does not exist, the if is true, and yo…

Comment by WanWizard April 2017 permalink
FuelPHP URI becomes query string. How to fix this?
Think I've been able to address it: 'QUERY_STRING' => string 'test=1' (length=6) 'REQUEST_URI' => string '/transactions?test=1' (length=20) https://github.com/fuel/core/commit/b873970bcbd6d96d92d…

Comment by WanWizard April 2017 permalink
Creating a user registration form
The Auth example code in the docs are a direct copy from the application framework we use as the basis of our applications. Apart from the Message class, everything else is standard Fuel and should work without problems. You might have a look at ht…

Comment by WanWizard April 2017 permalink
FuelPHP URI becomes query string. How to fix this?
I think this broke it: https://github.com/fuel/core/commit/43705ba1402327dcaa5e8420a0c5331008a22007 so it didn't fix https://github.com/fuel/core/issues/1551, it worked around it. So I need a think about how to address this problem, and not cre…

Comment by WanWizard April 2017 permalink
FuelPHP URI becomes query string. How to fix this?
Where in your app have you dumped $_SERVER and $_GET? If not in public/index.php, can you do that, and tell me what QUERY_STRING, REQUEST_URI and SCRIPT_NAME (and PATH_INFO if it exists) exactly is? Because it could also be a bug in Input::uri() wh…

Comment by WanWizard April 2017 permalink
Load perms by company using fuel acl
You can overload every class in your project, it is better that working with a copy.

Comment by WanWizard April 2017 permalink
Unable to connect to default database
Sorry, my bad, the code uses array_key_exists. So it should be unset(static::$_properties_cached[$class]);

Comment by WanWizard April 2017 permalink
Unable to connect to default database
You shouldn't do that, that erases the entire ORM properties cache. Instead, use $class = get_class();static::$_properties_cached[$class] = array(); to only erase the cache of the current model class.

Comment by WanWizard April 2017 permalink
session long expiration time
The docs define the "expiration_time" config value as: Number of seconds of idle time after which the session will expire. This value must be greater than zero. If an invalid value is defined, it will be set to 7200 seconds. So according t…

Comment by WanWizard April 2017 permalink
Unable to connect to default database
You could by explicitly closing the database connection before you change databases and try to access the new database: static::$_connection and static::\DB::instance(static::$_connection)->disconnect();static::$_write_connection and static::\DB:…

Comment by WanWizard April 2017 permalink
Unable to connect to default database
From within the class, everything can be changed. That doesn't mean you should. Everything that is defined as "static" is global, for all instances of the class. So changing it will have an impact on all instances, also the onces alre…

Comment by WanWizard April 2017 permalink
Unable to connect to default database
An ORM model is record representation, so is it always linked to a single table of a single database. It will probably be possible, with quite a bit of effort, to cleanly swap databases, but it will never work if the table's schema in the datab…

Comment by WanWizard March 2017 permalink
Load perms by company using fuel acl
Doesn't really matter which one you use. It's a matter of adding the column for the foreign key to the users table (if the relation between users and companies is a one-to-many) or create a many-many table between the two. If a one-to-man…

Comment by WanWizard March 2017 permalink
Load perms by company using fuel acl
Our application also has a many-many relation between the user table and the companies table, so every user can be linked to his/her employer(s). Our base controller has an has_employee_access() method, that retrieves the current users employer info…

Comment by WanWizard March 2017 permalink
Load perms by company using fuel acl
How would you define "company permissions"? The ACL system is user centric, so you would have to emulate the notion of a company, either through a group (assuming a user works for one company), or via a role ("employee of X"). An…

Comment by WanWizard March 2017 permalink
Uncaught exception PDOException: SQLSTATE[55000]
Shouldn't that be fixed by PHP itself? Or is it just that your PHP distro has the wrong version?

Comment by WanWizard March 2017 permalink
Uncaught exception PDOException: SQLSTATE[55000]
This is a known problem, there is no specific PostgreSQL database driver at the moment. The database drivers are required to return the generated id in case of an auto increment primary key column, or return null otherwise. But in case of the PGSQL …

Comment by WanWizard March 2017 permalink
Autoloader issues on PHP7.1
Wait a sec: SomeHelperClass.php is an illegal filename, Fuel requires all files to be lowercase. See https://docs.fuelphp.com/general/coding_standards.html under "File Naming". You could get away with a filename like this on Windows (becau…

Comment by WanWizard March 2017 permalink
Autoloader issues on PHP7.1
Ok. I really need a php 7.1 setup now...

Comment by WanWizard March 2017 permalink
Autoloader issues on PHP7.1
Any error messages? Or other helpful info?

Comment by WanWizard March 2017 permalink

More Comments

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

About

Username: WanWizard
Joined: January 2011
Visits: 2,369
Last Active: 6:13PM
Roles: Administrator

FuelPHP Forums

Ask your question about FuelPHP in the appropriate forum, or help others by answering their questions.

WanWizard

Howdy, Stranger!

About