I have application base on Zend framework 2. I have a form with CSRF field. If I fill the form and submit after around 5 minutes it gives me The form submitted did not originate from the expected site validation error.
So I assumed it might be some issue with session configurations. Then I added options to SessionConfig on module.config.php as follows
'session' => array(
'remember_me_seconds' => 2419200,
'use_cookies' => true,
'cookie_httponly' => true,
'cookie_lifetime' => '2419200',
'gc_maxlifetime' => '2419200'
),
But the problem still exist. Do you know how to fix this issue ?
--Update--
My form class contains the CSRF element as follows,
$this->add(array(
'type' => 'Zend\Form\Element\Csrf',
'name' => 'security',
'options' => array(
'csrf_options' => array(
'timeout' => 20000
)
)
));
None of these seems to work.
The Csrf system under ZendFramework configures the session duration from the parameter stored in the configuration of the Csrf element under the timeout key as shown in the following example :
$form->add([
'type' => Element\Csrf::class,
'name' => 'csrf',
'options' => [
'csrf_options' => [
'timeout' => 600,
],
],
]);
Put the session config under the config key as shown in the following example :
'session' => [
'config' => [
'class' => Zend\Session\Config\SessionConfig::class,
'options' => [
'name' => 'SID',
'use_cookies' => true,
'cookie_httponly' => true,
'remember_me_seconds' => 2419200,
],
],
]
Related
I am quite novice with ZF3 and I can't figure out how should I define a logger module as a service and how could I use (reuse) it in other modules. The official documentation is poor from this point of view. Any short example would be good.
If you want to use zend-log in ZF app, after installation you need to do 2 thing:
To register Zend\Log in the application config under the 'modules' key.
Add config for your logger in global.php or module config
'log' => [
'MyLogger' => [
'writers' => [
'stream' => [
'name' => 'stream',
'priority' => \Zend\Log\Logger::ALERT,
'options' => [
'stream' => '/tmp/php_errors.log',
'formatter' => [
'name' => \Zend\Log\Formatter\Simple::class,
'options' => [
'format' => '%timestamp% %priorityName% (%priority%): %message% %extra%',
'dateTimeFormat' => 'c',
],
],
'filters' => [
'priority' => [
'name' => 'priority',
'options' => [
'operator' => '<=',
'priority' => \Zend\Log\Logger::INFO,
],
],
],
],
],
],
],
],
after that just take it from Service Manager and use it:
$logger = $container->get('MyLogger'); // <-- the key that you register in config above
$logger->info('Logging info message in the file');
You probably want to take logger from SM and than inject it in a class that you want to use it.
There is a god blog post about Logging with zend-log
When I try to run the ./yii translate/scan command, I got this error message after the Extreacting messages:
Exception 'yii\base\InvalidConfigException' with message 'Unable to locate message source for category 'DbMessageSource'.'
config/web.php
'components' => [
'i18n' => [
'translations' => [
'*' => [
'class' => 'yii\i18n\DbMessageSource',
'db' => 'db',
'sourceLanguage' => 'hu-HU', // Developer language
'sourceMessageTable' => '{{%language_source}}',
'messageTable' => '{{%language_translate}}',
'forceTranslation' => true,
'cachingDuration' => 86400,
'enableCaching' => true,
],
]
],
'translatemanager' => [
'class' => 'lajax\translatemanager\Component',
],
'modules' => [
'class' => 'lajax\translatemanager\Module',
'layout' => '//main',
'allowedIPs' => ['*'],
'roles' => ['Admin'],
]
]
config/console.php
'modules' => [
'translatemanager' => [
'class' => 'lajax\translatemanager\Module',
'tmpDir' => 'runtime', // Writable directory for the client-side temporary language files.
// IMPORTANT: must be identical for all applications (the AssetsManager serves the JavaScript files containing language elements from this directory).
//'root' => '#app', // The root directory of the project scan.
'phpTranslators' => ['::t'], // list of the php function for translating messages.
'jsTranslators' => ['lajax.t'], // list of the js function for translating messages.
'patterns' => ['*.js', '*.php'],// list of file extensions that contain language elements.
'ignoredCategories' => ['yii'], // these categories won’t be included in the language database.
'ignoredItems' => ['config'], // these files will not be processed.
'scanTimeLimit' => null, // increase to prevent "Maximum execution time" errors, if null the default max_execution_time will be used
'searchEmptyCommand' => '!', // the search string to enter in the 'Translation' search field to find not yet translated items, set to null to disable this feature
'defaultExportStatus' => 1, // the default selection of languages to export, set to 0 to select all languages by default
'defaultExportFormat' => 'json',// the default format for export, can be 'json' or 'xml'
'tables' => [ // Properties of individual tables
[
'connection' => 'db', // connection identifier
'table' => '{{%language}}', // table name
'columns' => ['name', 'name_ascii'], //names of multilingual fields
'category' => 'database-table-name',// the category is the database table name
],
]
],
],
'controllerMap' => [
'translate' => \lajax\translatemanager\commands\TranslatemanagerController::className(),
],
Do you have any idea what's wrong with my config or missing something?
I am using ZF2 authentication. It writes the authentication credentials into the storage properly.
Also I can see my session variable being set (checked by print_r($_SESSION)).
My doubts are:
1. the function, hasIdentity() from AuthenticationService.php always returns false even if the authentication is successful As a result I can't log in.
In my config/autoload/global.php I have config like this:
'session' => array(
'config' => array(
'class' => 'Zend\Session\Config\SessionConfig',
'options' => array(
'name' => 'testsuitestudio',
'remember_me_seconds' => $lifeTime,
'gc_maxlifetime' => $lifeTime,
'gc_divisor' =>1,
'gc_probability' =>1,
'cookie_lifetime' =>$lifeTime,
'cookie_domain' => $subDomainVar,
'cache_expire' => $lifeTime,
'save_path' => $sessionDirectory
),
),
'storage' => 'Zend\Session\Storage\SessionArrayStorage',
'validators' => array(
array(
'Zend\Session\Validator\RemoteAddr',
'Zend\Session\Validator\HttpUserAgent',
),
),
),
2. If I comment out :'cookie_domain' => $subDomainVar, from the above array, it works fine.
What could be the issue?
Yii version 1.1.8
I have added a column to a table in a mysql database,
but the new column is not showing in output of $model->getAttributes() method call
I deleted all files in protected/runtime folder, but still no column
config: 'schemaCachingDuration' => 0, // in seconds. <1 means off
I can add data to the new column directly in the database.
Are there any other things that I can do to debug this?
index.php
<?php
// change the following paths if necessary
$yii=dirname(__FILE__).'/../../framework/yii.php';
$config=dirname(__FILE__).'/protected/config/main.php';
// remove the following line when in production mode
//debug
defined('YII_DEBUG') or define('YII_DEBUG',true );
//show profiler
defined('YII_DEBUG_SHOW_PROFILER') or define('YII_DEBUG_SHOW_PROFILER',true);
//enable profiling
defined('YII_DEBUG_PROFILING') or define('YII_DEBUG_PROFILING',true);
//trace level
defined('YII_TRACE_LEVEL') or define('YII_TRACE_LEVEL',0);
//execution time
defined('YII_DEBUG_DISPLAY_TIME') or define('YII_DEBUG_DISPLAY_TIME',false);
require_once($yii);
Yii::createWebApplication($config)->run();
main.php
<?php
return CMap::mergeArray(array(
'timeZone'=>'UTC',
'basePath' => dirname(__FILE__) . DIRECTORY_SEPARATOR . '..',
'catchAllRequest' => null, // null if online, array('site/offline') if offline,
'sourceLanguage' => 'en_ca',
'theme' => 'td',
'charset' => 'UTF-8',
'preload' => array('log'),
'import' => array(
'application.models.*',
'application.components.*',
'application.extensions.*'
),
'modules' => array(
),
// application components
'components' => array(
'format' => array(
),
'user' => array(
// enable cookie-based authentication
'allowAutoLogin' => true,
'autoRenewCookie' => true,
),
'widgetFactory' => array(
'enableSkin' => true,
),
'urlManager' => array(
),
),
'db' => array(
'class' => 'CDbConnection',
'connectionString' => 'mysql:host=localhost;dbname=mydb',
'emulatePrepare' => true,
'initSQLs'=>array("set time_zone='+00:00'"),
'username' => 'root',
'password' => '',
'charset' => 'utf8',
'tablePrefix' => 'tbl_',
'enableParamLogging' => true, //show parameter values in log
// 'schemaCachingDuration' => 0, // in seconds. <1 means off
'enableProfiling' => YII_DEBUG_PROFILING, //show sql profile info in log
'nullConversion' => true,
//'initSQLs'=>array('set time_zone="+00:00"')
),
'errorHandler' => array(
),
'log' => array(
'class' => 'CLogRouter',
'routes' => array(
array(
'class' => 'CFileLogRoute',
'levels' => 'error, warning',
'filter' => 'CLogFilter',
'enabled' => !YII_DEBUG
),
array(
'class' => 'CPhpMailerLogRoute',
'levels' => 'error',
'emails' => 'neilmcguigan+tderror#gmail.com',
'filter' => 'CLogFilter',
'enabled' => false,
),
array(
'class' => 'CWebLogRoute', // show log messages on web pages
'enabled' => YII_DEBUG,
'filter' => 'CLogFilter',
//'showInFireBug' => false
),
array(
'class' => 'CProfileLogRoute',
'enabled' => YII_DEBUG,
'showInFireBug' => false
)
),
),
'request' => array(
),
'securityManager'=>array(
)
),
// application-level parameters that can be accessed
// using Yii::app()->params['paramName']
'params' => array(
),
), require(dirname( __FILE__ ) . '/override.php'));
Having just went through this problem -- I found out the new field names need to be in the attributeLabels function in the model
public function attributeLabels()
{
return array(
'id' => 'ID',
'newfield' => 'New Field',
...
Be careful with using the "better still update overwrite your whole model" suggestion if you are like me and have a lot of custom code in your models. As Sankalp Singha suggests, Just copy the "diff" (green part) from using gii and add the part from attributeLabels to your code.
After you have added a new column in your table then just go to Gii and then click on model generator. In that put the name of your table again and then click preview. There would be an option of diff click on that and then copy the highlighted green code and copy paste it in your original modal or better still update overwrite your whole modal. Then check if you are able to get the values inside and are able to get the attributes. This should work.
I'm attempting to use the session database with Kohana 3.
I have setup the mysql database as described here: http://kerkness.ca/wiki/doku.php?id=sessions_and_cookies
I am setting session variables like so:
Session::instance('database')->set('uid', $user_id);
However when I go to fetch the data back later on a different page or refresh it returns NULL.
Session::instance('database')->get('uid', NULL);
But if I put them right next to each other it works fine... i.e.
Session::instance('database')->set('uid', $user_id);
Session::instance('database')->get('uid', NULL);
Any ideas as to why this is happening?
I have also setup session.php in my config folder which looks like this:
<?php
return array(
'cookie' => array(
'name' => 'cookie',
'encrypted' => TRUE,
'lifetime' => 43200,
),
'native' => array(
'name' => 'session',
'encrypted' => TRUE,
'lifetime' => 43200,
),
'database' => array(
'group' => 'default',
'table' => 'sessions',
),
);
?>
Cheers,
Thomas.
Update the session.php file to look like this:
<?php
return array(
'cookie' => array(
'name' => 'session_cookie',
'encrypted' => TRUE,
'lifetime' => 43200,
),
'native' => array(
'name' => 'session_native',
'encrypted' => TRUE,
'lifetime' => 43200,
),
'database' => array(
'name' => 'session_database',
'group' => 'default',
'table' => 'sessions',
),
);
?>
Problem was by default the sessions are called 'session'.
So I renamed each adapter and it has fixed the issue.