Laravel 5.6 ckfinder integration - php

I want to integrate ckfinder with my laravel but I am stuck with authentication.
I found many ways but there were for older laravel versions and none are working for 5.6.
I found this:
require '../../vendor/autoload.php';
$app = require_once '../../bootstrap/app.php';
$app->make('Illuminate\Contracts\Http\Kernel')
->handle(Illuminate\Http\Request::capture());
But I am getting Invalid request from Ckfinder when I put it in config.php
I would like to access Auth::check() and return it in authentication
require __DIR__ . '/../../vendor/autoload.php';
$app = require_once __DIR__ . '/../../bootstrap/app.php';
$request = Illuminate\Http\Request::capture();
$request->setMethod('GET');
$app->make('Illuminate\Contracts\Http\Kernel')
->handle($request);
$config['authentication'] = function () {
return auth()->check();
};
EDIT
So I had a look at index.php and copied this into config.php:
define('LARAVEL_START', microtime(true));
require '/Applications/MAMP/htdocs/laravel-dealer/vendor/autoload.php';
$app = require_once '/Applications/MAMP/htdocs/laravel-dealer/bootstrap/app.php';
$kernel = $app->make(Illuminate\Contracts\Http\Kernel::class);
$response = $kernel->handle(
$request = Illuminate\Http\Request::capture()
);
But I am getting runtime exceptions for $acl argument.
Fatal error: Uncaught RuntimeException: Controller
"CKSource\CKFinder\Command\Init::execute()" requires that you provide
a value for the "$acl" argument. Either the argument is nullable and
no null value has been provided, no default value has been provided or
because there is a non optional argument after this one. in
/Applications/MAMP/htdocs/laravel-dealer/vendor/symfony/http-kernel/Controller/ArgumentResolver.php:78
Stack trace: #0
/Applications/MAMP/htdocs/laravel-dealer/vendor/symfony/http-kernel/HttpKernel.php(141):
Symfony\Component\HttpKernel\Controller\ArgumentResolver->getArguments(Object(Symfony\Component\HttpFoundation\Request),
Array) #1
/Applications/MAMP/htdocs/laravel-dealer/vendor/symfony/http-kernel/HttpKernel.php(66):
Symfony\Component\HttpKernel\HttpKernel->handleRaw(Object(Symfony\Component\HttpFoundation\Request),
1) #2
/Applications/MAMP/htdocs/laravel-dealer/public/ckfinder/core/connector/php/vendor/cksource/ckfinder/src/CKSource/CKFinder/CKFinder.php(610):
Symfony\Component\HttpKernel\HttpKernel- in
/Applications/MAMP/htdocs/laravel-dealer/vendor/symfony/http-kernel/Controller/ArgumentResolver.php
on line 78
Thanks for any help


Here's how the authentication section looks like on one of my projects
/*============================ Enable PHP Connector HERE ==============================*/
// http://docs.cksource.com/ckfinder3-php/configuration.html#configuration_options_authentication
require __DIR__ . '/../../vendor/autoload.php';
$app = require_once __DIR__ . '/../../bootstrap/app.php';
$request = Illuminate\Http\Request::capture();
$request->setMethod('GET');
$app->make('Illuminate\Contracts\Http\Kernel')
->handle($request);
$config['authentication'] = function () {
return auth()->check();
};


Well I spent some time with this and came up with this solution:
This function gets the value of $_COOKIE['allowCkfinder'] and decrypts it using cipher and your app key.
// /public/ckfinder/config.php
$config['authentication'] = function () {
$APP_KEY = "YOUR_APP_KEY";
$cookie_contents = json_decode( base64_decode( $_COOKIE['allowCkfinder'], true ));
$value = base64_decode( $cookie_contents->value );
$iv = base64_decode( $cookie_contents->iv );
return unserialize( openssl_decrypt($value, "AES-256-CBC", base64_decode($APP_KEY), OPENSSL_RAW_DATA, $iv));
};
When logging in user / admin set cookie with name allowCkfinder:
Also dont forget to remove the cookie on user logout.
// /app/Http/Controllers/LoginController.php
if (Auth::attempt(['user_email' => $validatedData['email'], 'password' => $validatedData['password'], "user_active" => 1, "user_banned" => 0]))
{
if (Auth::user()->user_admin == TRUE)
return redirect()->intended('/')->withCookie(cookie()->forever('allowCkfinder', "1"));
else
return redirect()->intended('/');
} else
{
$request->session()->flash('error', __("E-mail and/or password do not match"));
return redirect('login')->withInput();
}
That's the best I came up with.

Related

How to import/use package installed with Composer?

I'm just getting started with PHP and I ran into a small problem.
I've downloaded a package using composer require <package_name> and now I'm not sure how to access it from my .php file. I tried bunch of things but I couldn't make it work.
I'm trying to use this package: https://packagist.org/packages/giggsey/libphonenumber-for-php
EDIT:
This is the code I use to test:
<?php
use Slim\Factory\AppFactory;
require __DIR__ . '/../vendor/autoload.php';
// Instantiate app
$app = AppFactory::create();
// Add Error Handling Middleware
$app->addErrorMiddleware(true, false, false);
// Register routes
$routes = require __DIR__ . '/../app/routes.php';
$routes($app);
$swissNumberStr = "044 668 18 00";
$phoneUtil = \libphonenumber\PhoneNumberUtil::getInstance();
try {
$swissNumberProto = $phoneUtil->parse($swissNumberStr, "CH");
var_dump($swissNumberProto);
} catch (\libphonenumber\NumberParseException $e) {
var_dump($e);
}
// Run application
$app->run();
And it says: Undefined type 'libphonenumber\PhoneNumberUtil'.

How to install Phalcon php

I downloaded Phalcon from official website
I copied php_phalcon.dll file to my xampp's php/ext directory
Edited the php.ini file located at D:\xampp\php\php.ini. and add there line extension=php_phalcon.dll at the end of the file.
I Restarted apache server and computer several times.
When I write phpinfo() to my code it seems phalcon was installed
Unfortunatelly Whan I try to run some code like
<?php
try {
// Autoloader
$loader = new \Phalcon\Loader();
$loader->registerDirs([
'../app/controllers/',
'../app/models/'
]);
$loader->register();
// Dependency Injection
$di = new \Phalcon\DI\FactoryDefault();
$di->set('view', function() {
$view = new \Phalcon\Mvc\View();
$view->setViewsDir('../app/views');
return $view;
});
// Deploy the App
$app = new \Phalcon\Mvc\Application($di);
echo $app->handle()->getContent();
} catch(\Phalcon\Exception $e) {
echo $e->getMessage();
}
?>
I get this error
Fatal error: Uncaught Error: Class 'Phalcon\Loader' not found in D:\xampp\htdocs\php-learning\public\index.php:4 Stack trace: #0 {main} thrown in D:\xampp\htdocs\php-learning\public\index.php on line 4
I also tried to follow the steps from tutorial on Phalcon ofical website where code looks somehow like this
<?php
use Phalcon\Di\FactoryDefault;
use Phalcon\Loader;
use Phalcon\Mvc\View;
use Phalcon\Mvc\Application;
use Phalcon\Url;
// Define some absolute path constants to aid in locating resources
define('BASE_PATH', dirname(__DIR__));
define('APP_PATH', BASE_PATH . '/app');
// Register an autoloader
$loader = new Loader();
$loader->registerDirs(
[
APP_PATH . '/controllers/',
APP_PATH . '/models/',
]
);
$loader->register();
$container = new FactoryDefault();
$container->set(
'view',
function () {
$view = new View();
$view->setViewsDir(APP_PATH . '/views/');
return $view;
}
);
$container->set(
'url',
function () {
$url = new Url();
$url->setBaseUri('/');
return $url;
}
);
$application = new Application($container);
try {
// Handle the request
$response = $application->handle(
$_SERVER["REQUEST_URI"]
);
$response->send();
} catch (\Exception $e) {
echo 'Exception: ', $e->getMessage();
}
But didn´t help. What I am doing wrong?

You have Phalcon installed successfully. However the namespace should be changed:
Moved Phalcon\Loader to Phalcon\Autoload\Loader #15797
please refer to the change log
enter link description here

Class 'Silex\Application' not found

I’ve done with google sign-up, I want to ask regarding google token_id authentication. Google issues a token-id to every user which changes on every sign-in, I am getting that token-id when the user sign-in, I want to authenticate that token-id from google to verify if the sign-in was original or fake. I am using this php api provided by google, but it is continuously giving this error:
Uncaught Error: Class 'Silex\Application' not found in C:\xampp\htdocs\final\gplus-verifytoken-php-master\verify.php:23
Stack trace: #0 {main} thrown in C:\xampp\htdocs\final\gplus-verifytoken-php-master\verify.php on line 23
require_once __DIR__.'/vendor/autoload.php';
require_once __DIR__.'/google-api-php-client/src/Google_Client.php';
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
const CLIENT_ID = 'xyz';
const CLIENT_SECRET = 'xyz';
const APPLICATION_NAME = "xyz";
$client = new Google_Client();
$client->setApplicationName(APPLICATION_NAME);
$client->setClientId(CLIENT_ID);
$client->setClientSecret(CLIENT_SECRET);
$app = new Silex\Application();
$app['debug'] = true;
$app->register(new Silex\Provider\TwigServiceProvider(), array(
'twig.path' => __DIR__,
));
$app->register(new Silex\Provider\SessionServiceProvider());
// Initialize a session for the current user, and render index.html.
$app->get('/', function () use ($app) {
return $app['twig']->render('index.html', array(
'CLIENT_ID' => CLIENT_ID,
'APPLICATION_NAME' => APPLICATION_NAME
));
});
// Verify an ID Token or an Access Token.
// Example URI: /verify?id_token=...&access_token=...
$app->post('/verify', function (Request $request) use($app, $client) {
$id_token = "eyJhbGciOiJSUzI1NiIsImtpZCI6ImE0MzY0YjVmYjliODYxYzNhYTRkYTg5NWExMjk5NzZjMjgyZGJmYzIifQ.eyJpc3MiOiJhY2NvdW50cy5nb29nbGUuY29tIiwiaWF0IjoxNDg1NDEyMjQ1LCJleHAiOjE0ODU0MTU4NDUsImF0X2hhc2giOiJMSV9DTWxzeG1lSTdvQm9lSUxoSjZRIiwiYXVkIjoiNDY4MzU1OTM0NzMzLXZqNnRkdDJtazEwZ3R0OHJvZGY2bG84MHM4czdtdTRrLmFwcHMuZ29vZ2xldXNlcmNvbnRlbnQuY29tIiwic3ViIjoiMTEyNjE1NTE5MDY0MTc3ODI0NTgzIiwiZW1haWxfdmVyaWZpZWQiOnRydWUsImF6cCI6IjQ2ODM1NTkzNDczMy12ajZ0ZHQybWsxMGd0dDhyb2RmNmxvODBzOHM3bXU0ay5hcHBzLmdvb2dsZXVzZXJjb250ZW50LmNvbSIsImVtYWlsIjoibWdoYXphbmZhcmFsaWtoYW4wOUBnbWFpbC5jb20ifQ.Bpa2_zeVebQ7xtKXvuEell50bvUtKOGb5ZertUZGvzGWXnlA-c2kw4Mvko9Xd4JI_R4wbFoyBtrGCiK0jAlJMgaIH8p3wJbzNKPZ-gPFJdX8mv4v42v8-9urGM7rRUCDylz16WEcR1A2qOmEcNCpCf0_FGNpChl8sc8q8zvTnIb_zYYHp_V7ebR2RlUuO2z9G5YzBN3hZDnmen1xLStmNmYKsIiP5ypMqbWaLjnXJjre6bjTuIGymg_phDYDmwWMVTJyx88zmKAfwQTCh2u3qe_fkCDxxm0MO2wC29__q4uc0BfUNdH62GOrNTBJXmPTUZuT1vdUhzz4CLu1KUohWg";
/*$id_token = $request->get("id_token");*/
$access_token = $request->get("access_token");
$token_status = Array();
$id_status = Array();
if (!empty($id_token)) {
// Check that the ID Token is valid.
try {
// Client library can verify the ID token.
$jwt = $client->verifyIdToken($id_token, CLIENT_ID)->getAttributes();
$gplus_id = $jwt["payload"]["sub"];
$id_status["valid"] = true;
$id_status["gplus_id"] = $gplus_id;
$id_status["message"] = "ID Token is valid.";
} catch (Google_AuthException $e) {
$id_status["valid"] = false;
$id_status["gplus_id"] = NULL;
$id_status["message"] = "Invalid ID Token.";
}
$token_status["id_token_status"] = $id_status;
}
$access_status = Array();
if (!empty($access_token)) {
$access_status["valid"] = false;
$access_status["gplus_id"] = NULL;
// Check that the Access Token is valid.
$reqUrl = 'https://www.googleapis.com/oauth2/v1/tokeninfo?access_token=' .
$access_token;
$req = new Google_HttpRequest($reqUrl);
$tokenInfo = json_decode(
$client::getIo()->authenticatedRequest($req)
->getResponseBody());
if ($tokenInfo->error) {
// This is not a valid token.
$access_status["message"] = "Invalid Access Token.";
} else if ($tokenInfo->audience != CLIENT_ID) {
// This is not meant for this app. It is VERY important to check
// the client ID in order to prevent man-in-the-middle attacks.
$access_status["message"] = "Access Token not meant for this app.";
} else {
$access_status["valid"] = true;
$access_status["gplus_id"] = $tokenInfo->user_id;
$access_status["message"] = "Access Token is valid.";
}
$token_status["access_token_status"] = $access_status;
}
return $app->json($token_status, 200);
});
$app->run();

I did like this
composer install (after that run this command)
composer dump-autoload
it is working for me

If your Framework don't work after migration.
or see Class 'Silex\Application' not found.
Delete "vendor" folder after composer install.
Working for me

Notice: Undefined offset: 0 in C:\wamp64\www\lynda2\src\Chatter\Middleware\Authentication.php on line 12

Hi i'm created a web service with Slim from a course of lynda "Building APIs in PHP Using the Slim Micro Framework" but when i want login, this error Occurs
Notice: Undefined offset: 0 in C:\wamp64\www\lynda2\src\Chatter\Middleware\Authentication.php on line 12
Authentication
namespace Chatter\Middleware;
use Chatter\Models\User;
class Authentication
{
public function __invoke($request, $response, $next)
{
$auth = $request->getHeader('Authorization');
$_apikey = $auth[0];
$apikey = substr($_apikey, strpos($_apikey, ' ') + 1);
$user = new User();
if (!$user->authenticate($apikey)) {
$response->withStatus(401);
return $response;
}
$response = $next($request, $response);
return $response;
}
}
User.php
<pre><code>
namespace Chatter\Models;
class User extends \Illuminate\Database\Eloquent\Model
{
public function authenticate($apikey)
{
$user = User::where('apikey', '=', $apikey)->take(1)->get();
$this->details = $user[0];
return ($user[0]->exists) ? true : false;
}
}
</code></pre>
index.php
<pre><code>
require 'vendor/autoload.php';
include 'bootstrap.php';
use Chatter\Models\Message;
use Chatter\Middleware\Logging as ChatterLogging;
use Chatter\Middleware\Authentication as ChatterAuth;
$app = new \Slim\App();
$app->add(new ChatterAuth());
$app->add(new ChatterLogging());
$app->get('/messages', function ($request, $response, $args) {
$_message = new Message();
$messages = $_message->all();
$payload = [];
foreach($messages as $_msg) {
$payload[$_msg->id] = ['body' => $_msg->body, 'user_id' => $_msg->user_id, 'created_at' => $_msg->created_at];
}
return $response->withStatus(200)->withJson($payload);
});
$app->get('/', function ($request, $response, $args) {
return "This is a catch all route for the root that doesn't do anything useful.";
});
// Run app
$app->run();
</code></pre>

The error is stating that when you "login" there is no Authorization header present.
$request->getHeader('Authorization') returns an empty array, so when you attempting to access the first element of the array, you get your error:
$_apikey = $auth[0]; // Will trigger error, since there are no elements in the array
Thus to aviod this error, get $apikey like this:
public function __invoke($request, $response, $next)
{
$auth = $request->getHeader('Authorization');
$_apikey = array_shift($auth);
if ($_apikey) {
$apikey = substr($_apikey, strpos($_apikey, ' ') + 1);
$user = new User();
if (!$user->authenticate($apikey)) {
return $response->withStatus(401);
} else {
return $next($request, $response);
}
} else {
// Authorization header is missing, therefore unauthorized access
return $response->withStatus(401);
}
}

This is an older thread, but in case anyone else is following this tutorial ... the code the OP posted was supposed to do exactly what it does - to fail if there is no authorization header present.
Looks like the OP missed one step: adding the bearer token to the request. In Postman, go to Authorization > Type > Bearer Token and paste a valid token in the input field. I believe that it was clearly stated in the tutorial. Afterward, everything works as expected.

Symfony 2 ESI Cache

I have an action which is called in all my page (for logged people only), this action retrieves recent tweets from my twitter account.
API access is limited so I would like the result of this action to be in cache for 10 minutes
public function socialAction(){
$consumerKey = $this->container->getParameter('consumer_key');
$consumerSecret = $this->container->getParameter('consumer_secret');
$accessToken = $this->container->getParameter('access_token');
$accessTokenSecret = $this->container->getParameter('access_token_secret');
// on appel l'API
$tweet = new TwitterOAuth($consumerKey, $consumerSecret, $accessToken, $accessTokenSecret);
$screen_name = "blabla";
$tweets = $tweet->get('statuses/user_timeline', [
'screen_name' => $screen_name,
'exclude_replies' => true,
'count' => 50
]);
$tweets = array_splice($tweets, 0, 5);
$response = $this->render('GestionJeuBundle:Default:social.html.twig', array("tweets" => $tweets));
$response->setPublic();
$response->setSharedMaxAge(600);
return $response;
}
To enable caching I have made ​​the following changes
app/config/config.yml
framework:
esi: { enabled: true }
fragments: { path: /_proxy }
and
app/AppCache.php
<?php
require_once __DIR__.'/AppKernel.php';
use Symfony\Bundle\FrameworkBundle\HttpCache\HttpCache;
class AppCache extends HttpCache
{
protected function getOptions()
{
return array(
'debug' => false,
'default_ttl' => 0,
'private_headers' => array('Authorization', 'Cookie'),
'allow_reload' => false,
'allow_revalidate' => false,
'stale_while_revalidate' => 2,
'stale_if_error' => 60,
);
}
}
and
web/app_dev.php
<?php
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\Debug\Debug;
// If you don't want to setup permissions the proper way, just uncomment the following PHP line
// read http://symfony.com/doc/current/book/installation.html#configuration-and-setup for more information
//umask(0000);
// This check prevents access to debug front controllers that are deployed by accident to production servers.
// Feel free to remove this, extend it, or make something more sophisticated.
if (isset($_SERVER['HTTP_CLIENT_IP'])
|| isset($_SERVER['HTTP_X_FORWARDED_FOR'])
|| !in_array(#$_SERVER['REMOTE_ADDR'], array('127.0.0.1', '.....', 'fe80::1', '::1'))
) {
header('HTTP/1.0 403 Forbidden');
exit('You are not allowed to access this file. Check '.basename(__FILE__).' for more information.');
}
$loader = require_once __DIR__.'/../app/bootstrap.php.cache';
Debug::enable();
require_once __DIR__.'/../app/AppKernel.php';
require_once __DIR__.'/../app/AppCache.php';
$kernel = new AppKernel('dev', true);
$kernel->loadClassCache();
$kernel = new AppCache($kernel);
// When using the HttpCache, you need to call the method in your front controller instead of relying on the configuration parameter
Request::enableHttpMethodParameterOverride();
$request = Request::createFromGlobals();
$response = $kernel->handle($request);
$response->send();
$kernel->terminate($request, $response);
error_log($kernel->getLog());
Despite that the page is updated every page refresh (after testing, it does exactly the same things in production environment with change on app.php too)
Have I misunderstood or forgotten a thing ?
Thank you in advance for your help.
EDIT solve : i was rendering this action with
{{render(controller("GestionJeuBundle:Default:social")) }}
changing it for
{{render_esi(controller("GestionJeuBundle:Default:social")) }}
solve my problem
Hexune

i was rendering this action with
{{render(controller("GestionJeuBundle:Default:social")) }}
changing it for
{{render_esi(controller("GestionJeuBundle:Default:social")) }}
solve my problem

As far as I experimented last weeks, it's worth noting that if you use debug environment in Symfony, Varnish always passes-by your request to the back-end.

Categories