Symfony2 esi cache forms not working - forms

I get to the weird situation. I have up to date server files with local files. This "flash message with error" appears when this is not valid:
if ($form->isValid() && $this->checkLastComment($commentRepository,$user,$status, $comment)) {
I have two urls. First /Home (working) for everyone where i load statuses with comments BUT I DO NOT CACHE THE PAGE
Then i have /Suggested url where i load statuses with comments BUT USING
$response->setPublic();
$response->setSharedMaxAge(3600);
I CACHE THE PAGE because its the same for all users.
But its weird because on local machine (caching is on i tested) everything runs normal when i want to create a comment... on prod, dev env.
On server it runs normal when i am under dev env.(caching is off) but when i try post comment on prod env. i get error flash message for the mentioned condition...
WTF? Where could be leak please? i have no idea.
The public esi cache somehow breaks my forms? or...?
One friend is able to post a comment there... another one is not.. weird... i wasn't before but after cache clear i am again able...
EDIT:
After lunch i tried it again and i am not able to post comment... wtf..
This is my header i see in chrome: (sending)
CommentForm[comment]:gllll
status_id:65084
CommentForm[_token]:4858119eccbc91da6219d4cbaa1b6c2e79dbd56a
comment_id:0
Using this jquery code:
var url=Routing.generate('create_comment', {"comment_id": comment_id_value, "status_id": status_id_value})+'.json';
$.post(url, $this.serialize(), function(data) {
To this controller:
public function createAction(Request $request, $comment_id=0, $status_id)
{
// first CHECK if user exists
$user=$this->getUser();
if ($user) {
$em=$this->getDoctrine()->getManager();
// GET REPOSITORIES
$statusRepository=$em->getRepository('WallBundle:Status');
$commentRepository=$em->getRepository('WallBundle:Comments');
$notifyRepository=$em->getRepository('NotifyBundle:Notify');
$userRepository=$em->getRepository('UserBundle:User');
// GET SM
$SM=$this->get('status_manager');
// GET status by ID
$status=$statusRepository->find($status_id);
// CHECK if this status exists
if ($status) {
$targetUser=$status->getUser();
if ($request->isMethod('POST') && ($this->getRequest()->getRequestFormat() == 'json')) {
if ($comment_id==0 || !$cE) {
$cE = new Comments();
}
$form = $this->createForm(new CommentFormType(), $cE);
$form->bind($request);
$comment=$form->getData()->getComment();
if ($form->isValid() && $this->checkLastComment($commentRepository,$user,$status, $comment)) {
AND the checkLastComment function
public function checkLastComment($commentRepository, User $user,Status $status, $comment)
{
// check if last comment was more than 10s ago
$lastCommentQueryArray=$commentRepository->getLastComment($user, $status);
$lastCommentTime=0;
$lastCommentContent='';
foreach ($lastCommentQueryArray as $lastComment) {
$lastCommentTime =$lastComment['time'];
$lastCommentContent=$lastComment['comment'];
}
if (($lastCommentTime+10>=time()) && (trim($lastCommentContent)==trim($comment))) {
return false;
}
else {
return true;
}
}
*But the bug should not be in the code because i am using this technique all over the web and everything runs good... only at this particularly page ITS NOT WORKING ... and the only difference between pages is that this one is cached ... + when i am creating a new comment it has nothing with cache isn't that right? it only takes the data from form which is on cached page... *

Related

yii2 binds redirect to each link after first request

public function actionDone($id)
{
if ($model = $this->findModel($id)) {
$model["status"] = 3;
if ($model->save()) {
return $this->redirect(['test/index']);
}
} else {
throw new NotFoundHttpException('The requested page does not exist.');
}
}
It works only for the first time for each link. After that its just redirects to the 'test/index' without doing anything. Seems like browser (or smth else) remember, that if we open, for example, page site.com/?r=test/done&id=2 it should redirect to 'test/index' anyway.
Why is that? How can I fix it?
I even tried put die(); in the beginning of the method - anyway it redirects to 'test/index' until I use different link with another ID.
Thanks!

Codeigniter - Form validation callback not working on server, but OK on WAMP

I've developed a CI site on my local machine using WAMP. I'm using CI 3 with the HMVC extension and it all works fine.
I've just uploaded the site to the production server and changed the config files etc to get it working. However, form validation callbacks are not working on the production server.
Here's an example from a login form:
// Process login form
public function submit()
{
$this->load->library('form_validation');
$username = $this->input->post('username', TRUE);
$this->form_validation->set_rules('username', 'Username', 'required');
$this->form_validation->set_rules('password', 'Password', 'required|callback_do_login');
if($this->form_validation->run($this) == FALSE)
{
$this->login();
}
else
{
// Set login session
...
}
}
This is the callback function do_login:
public function do_login($password)
{
// Get user / pass from POST
$submitted_password = $this->input->post('password', TRUE);
$username = $this->input->post('username', TRUE);
$this->crud->setTable($this->table);
$this->load->model('mdl_users');
// Check User Exists
$query = $this->mdl_users->getUser($username);
if($query->num_rows() == 1)
{
// Get stored password
$row = $query->row();
$stored_password = $row->password;
// Check password
$this->load->module('mod_security');
$result = $this->mod_security->login($username, $submitted_password, $stored_password); // Returns false if no match
return ($result) ? TRUE : FALSE;
}
else
{
return FALSE;
}
}
On my local WAMP setup, this all works fine. But on the server
$this->form_validation->run($this)
always returns false.
To eliminate any errors with the callback function itself, I changed it to the following as a test:
public function do_login($password)
{
return TRUE;
}
... which will obviously always return TRUE, however when $this->form_validation->run($this) is called, even though I changed the do_login callback function to return TRUE, $this->form_validation->run($this) still returns FALSE!!
This is driving me crazy and I have no idea why this is happening. It is as if the form validation is ignoring the callback function and just returning false.
Can anyone help me? Could it be a setting on the server causing it or something else that could have changed when I uploaded the site files to the server?
If it is relevant, on my local machine, within the do_login callback function I had originally set the callback error message like this:
$this->form_validation->set_message('do_login', 'User / Pass Incorrect');
...which worked fine, but on the production server it threw an error stating: "Unable to access an error message corresponding to your field name Password.(do_login)". I had to set the error message in the language library file to overcome this. But the fact that this happened on the production server and not on my WAMP setup makes me think there must be some setting or something on the server that is causing this.
Anyway, any help is gratefully received.
Thanks
I finally found the solution. The HMVC application requires a small library file named as MY_Form_validation.php. Seemingly everywhere on the net this file is shown to be thus:
class MY_Form_validation extends CI_Form_validation {
function run($module = '', $group = '')
{
(is_object($module)) AND $this->CI = &$module;
return parent::run($group);
}
}
However, although this worked in my WAMP setup, it did not work on my server. I found that by declaring the CI variable at the start the server problem is resolved. So the MY_Form_validation.php file finally becomes:
class MY_Form_validation extends CI_Form_validation {
public $CI;
function run($module = '', $group = '')
{
(is_object($module)) AND $this->CI = &$module;
return parent::run($group);
}
}

Exchanging Facebook Auth Code for Access Token using the PHP SDK

I am trying to build a server-to-server auth flow using the Facebook PHP SDK and no Javascript, as outlined here. So far, I have successfully created a LoginUrl that lets the User sign in with Facebook, then redirect back to my App and check the state parameter for CSFR protection.
My Problem is, that I can't seem to get the API-call working that should swap my Auth Code for an access token. I pillaged every similar problem anyone else that Google was able to find had encountered for possible solutions.
Yet the end result was always the same: no access token, no error message that I could evaluate.
Researching the topic yielded the following advice, which I tested:
The URL specified in the App Settings must be a parent folder of $appUrl.
use curl to make the request instead of the SDK function api()
I've been at this for 2 days straight now and really could use some help.
<?php
require '../inc/php-sdk/src/facebook.php';
// Setting some config vars
$appId = 'MY_APP_ID';
$secret = 'MY_APP_SECRET';
$appUrl = 'https://MY_DOMAIN/appFolder';
$fbconfig = array('appId'=>$appId, 'secret'=>$secret);
$facebook = new Facebook($fbconfig);
// Log User in with Facebook and come back with Auth Code if not yet done
if(!(isset($_SESSION['login']))){
$_SESSION['login']=1;
header('Location: '.$facebook->getLoginUrl());
}
// process Callback from Facebook User Login
if($_SESSION['login']===1) {
/* CSFR Protection: getLoginUrl() generates a state string and stores it
in "$_SESSION['fb_'.$fbconfig['appId'].'_state']". This checks if it matches the state
obtained via $_GET['state']*/
if (isset($_SESSION['fb_'.$fbconfig['appId'].'_state'])&&isset($_GET['state'])){
// Good Case
if ($_SESSION['fb_'.$fbconfig['appId'].'_state']===$_GET['state']) {
$_SESSION['login']=2;
}
else {
unset($_SESSION['login']);
echo 'You may be a victim of CSFR Attacks. Try logging in again.';
}
}
}
// State check O.K., swap Code for Token now
if($_SESSION['login']===2) {
$path = '/oauth/access_token';
$api_params = array (
'client_id'=>$appId,
'redirect_uri'=>$appUrl,
'client_secret'=>$secret,
'code'=>$_GET['code']
);
$access_token = $facebook->api($path, 'GET', $api_params);
var_dump($access_token);
}
The easiest way I found to do this is to extend the Facebook class and expose the protected getAccessTokenFromCode() method:
<?php
class MyFacebook extends Facebook {
/** If you simply want to get the token, use this method */
public function getAccessTokenFromCode($code, $redirectUri = null)
{
return parent::getAccessTokenFromCode($code, $redirectUri);
}
/** If you would like to get and set (and extend), use this method instead */
public function setAccessTokenFromCode($code)
{
$token = parent::getAccessTokenFromCode($code);
if (empty($token)) {
return false;
}
$this->setAccessToken($token);
if (!$this->setExtendedAccessToken()) {
return false;
}
return $this->getAccessToken();
}
}
I also included a variation on the convenience method I use to set the access token, since I don't actually need a public "get" method in my own code.

cakephp facebook api, FB->api('/me') returns empty value

I use Webtechnick Facebook plugin for cakephp 1.3 website. I implemented it about a year ago. And it worked fine until now. But today I found out that when I try to login(as a new user) it does not save facebook user data, because $this->Connect->user() (which result is taken from $this->FB->api('/me'), /plugins/facebook/controller/components/connect.php, line 194) returns nothing. I tried also, this facebook plugin on another cakephp 2.0 website, but the same thing was there.
I think, that there was some change in facebook api, because I did not absolutely make any change on the website, which could bring to that result.
this is user function in connect.php component
function user($field = null){
if(isset($this->uid)){
$this->uid = $this->uid;
if($this->Controller->Session->read('FB.Me') == null){
$this->Controller->Session->write('FB.Me', $this->FB->api('/me'));
}
$this->me = $this->Controller->Session->read('FB.Me');
}
else {
$this->Controller->Session->delete('FB');
}
if(!$this->me){
return null;
}
if($field){
$retval = Set::extract("/$field", $this->me);
return empty($retval) ? null : $retval[0];
}
return $this->me;
}
and my beforeFacebookSave() function in app_controller
public function beforeFacebookSave() {
$fbUser = $this->Connect->user ();
//debug($fbUser); // outputs nothing
$this->Connect->authUser ['User'] ['email'] = $fbUser ['email'];
$this->Connect->authUser ['User'] ['first_name'] = $fbUser ['first_name'];
$this->Connect->authUser ['User'] ['last_name'] = $fbUser ['last_name'];
return true;
}
Thank you !
There was a certificate change on Facebook that wasn't reflected in the SDK (because it used the old certificate). Since the plugin is based on PHP SDK, you should just fetch the latest version of the repo https://github.com/webtechnick/CakePHP-Facebook-Plugin. The author has pushed the commit to include the new PHP SDK with the new certificate.
https://github.com/webtechnick/CakePHP-Facebook-Plugin/tree/master/Vendor
Your error log should have a Facebook Exception due to SSL problems which chokes the API calls causing /me to return empty.
try this, it work for me
$infos = $facebook->api('/me?fields=id,first_name,last_name,picture,email');

codeigniter2, nusoap, soap server and examples

A morning of googling I've learnt a few things.
Many people would like to use their CI2 installs to make a soap server for other apps to talk to their app.
However, each forum post I find ends in 'This doesn't work in CI2' or similar.
I've found this article:
http://phpmaster.com/web-services-with-php-and-soap-1/
Which is GREAT... but I can't get it working in CI2.
I've put my library in place, renamed where needed and this code is bringing up many errors.
I've not started on the client side yet.
`class soap extends CI_Controller {
function __construct ()
{
parent:: __construct ();
$this->load->library('nusoap_base');
}
function index()
{
$this->nusoap = new soap_server();
$this->nusoap->register("getProd");
$this->nusoap->service($HTTP_RAW_POST_DATA);
}
function getProd($category) {
if ($category == "books") {
return join(",", array(
"The WordPress Anthology",
"PHP Master: Write Cutting Edge Code",
"Build Your Own Website the Right Way"));
}
else {
return "No products listed under that category";
}
}
}`
Got fed up, using CI REST library instead (cheers Phil!)
:)