KillGorack

Thanks, I'll do some testing with that one, and let you know.

Egad! no I'm not. never thought of that. Could that be the issue?

Basically, it's about a login that is persistent. On the host I use it works well no errors, but on my computer, I can log in, then after a page load, it's gone. part of a class. session_name('__Secure-PHPSESSID'); session_set_cookie_params([ 'lifetime' => 0, 'path' => '/', 'domain' => $_SERVER['SERVER_NAME'], 'secure' => true, 'httponly' => true, 'samesite' => 'Strict', ]); session_start(); header("Content-Security-Policy: default-src 'self'"); header("strict-transport-security: max-age=31536000"); header('X-Frame-Options: sameorigin'); header("X-XSS-Protection: 1; mode=block"); header('X-Content-Type-Options: nosniff'); header("Feature-Policy: vibrate 'none'"); header("Referrer-Policy: no-referrer"); header('Access-Control-Allow-Origin: *'); header("Expect-CT: max-age=86400, enforce"); header_remove("X-Powered-By"); date_default_timezone_set($this->pdo->getSetting('timezone')); I can re arrange the code above and it works but get some warnings. like "Session name cannot be changed when a session is active" admittedly I'm kind of lost.

Thanks, that's what we needed.

Ok, Site vulnerability with an older version of jquery-ui, so I update to 1.13.1 with npm. But I cannot find the js file in my node_modules folder. What am I missing?

Typo fixing this for future reference.. apologies! SELECT GREATEST( COALESCE((SELECT acs.acs_read FROM acs WHERE acs.acs_usr = :usr AND acs.acs_app = :app), 0), COALESCE((SELECT app.ap_read FROM app WHERE app.ID = :app), 0), COALESCE((SELECT acs.acs_administer FROM acs WHERE acs.acs_usr = :usr AND acs.acs_app = 3), 0) ) AS `read`, GREATEST( COALESCE((SELECT acs.acs_modify FROM acs WHERE acs.acs_usr = :usr AND acs.acs_app = :app), 0), COALESCE((SELECT app.ap_modify FROM app WHERE app.ID = :app), 0), COALESCE((SELECT acs.acs_administer FROM acs WHERE acs.acs_usr = :usr AND acs.acs_app = 3), 0) ) AS `modify`, GREATEST( COALESCE((SELECT acs.acs_administer FROM acs WHERE acs.acs_usr = :usr AND acs.acs_app = :app), 0), COALESCE((SELECT app.ap_administer FROM app WHERE app.ID = :app), 0), COALESCE((SELECT acs.acs_administer FROM acs WHERE acs.acs_usr = :usr AND acs.acs_app = 3), 0) ) AS `admin` from acs WHERE acs.acs_usr = :usr

It's kinda ugly but this works SELECT GREATEST( COALESCE((SELECT acs.acs_read FROM acs WHERE acs.acs_usr = :usr AND acs.acs_app = :app), 0), COALESCE((SELECT app.ap_read FROM app WHERE app.ID = :app), 0), COALESCE((SELECT acs.acs_administer FROM acs WHERE acs.acs_usr = :usr AND acs.acs_app = 3), 0) ) AS `read`, GREATEST( COALESCE((SELECT acs.acs_modify FROM acs WHERE acs.acs_usr = :usr AND acs.acs_app = :app), 0), COALESCE((SELECT app.ap_modify FROM app WHERE app.ID = :app), 0), COALESCE((SELECT acs.acs_administer FROM acs WHERE acs.acs_usr = :usr AND acs.acs_app = 3), 0) ) AS `modify`, GREATEST( COALESCE((SELECT acs.acs_modify FROM acs WHERE acs.acs_usr = :usr AND acs.acs_app = :app), 0), COALESCE((SELECT app.ap_modify FROM app WHERE app.ID = :app), 0), COALESCE((SELECT acs.acs_administer FROM acs WHERE acs.acs_usr = :usr AND acs.acs_app = 3), 0) ) AS `admin` from acs WHERE acs.acs_usr = :usr

I don't have a separate app for admin purposes. Admin is just a bit boolean variable that will let a user do administrative functions in an app. Read; read stuff modify; modify stuff like record editing / deleting admin; administrative functions like changing how data is presented to users. These are just bits boolean variables..

If it makes understanding it easier, here's my current solution.. $sql = "SELECT acs_read AS `read`, acs_modify AS `modify`, acs_administer AS `admin` FROM acs WHERE acs.acs_usr = :usr AND acs.acs_app = :app UNION SELECT ap_read AS `read`, ap_modify AS `modify`, ap_administer AS `admin` FROM app WHERE app.ID = :app UNION SELECT acs_administer AS `read`, acs_administer AS `modify`, acs_administer AS `admin` FROM acs WHERE acs.acs_usr = :usr AND acs.acs_app = 3"; $vars = array('app' => $kernel['app']['ID'], 'usr' => $kernel['ses']['usr']['ID']); $bits = $this->pdo->fetchdata($sql, 2, $vars); $row = array( 'read' => max(array_column($bits, 'read')), 'modify' => max(array_column($bits, 'modify')), 'admin' => max(array_column($bits, 'admin')), ); The weird part at the end where I point to app 3; Three is the permissions app. If you have the admin bit set at one there for a user.. you have access to everything..

Need some pointers. User (usr), Application (app), and Permission (acs) tables. Need an SQL to ascertain access levels for read, modify, and admin.. A record in asc is NOT guaranteed! in the app table for example if ap_read = 1 then we need not a record in acs to read whatever is there. If however it was 0 we would need a record in asc with read = 1 for that app/usr combo I currently open and query these three separately, and it works, but there has to be a more elegant way. not EXACTLY normalized.. I guess. I hope the question is descriptive enough.

Normally I would do this.. function tableInator($data, $class = "") { $html = "<table class=\"{$class}\">\r\n"; $html .= "<thead>\r\n"; $html .= "<tr><th>".implode("</th><th>", array_keys($data[0]))."</th></th>\r\n"; $html .= "</thead>\r\n"; $html .= "<tbody>\r\n"; foreach($data as $datum){ $html .= "<tr><td>".implode("</td><td>", $datum)."</td></tr>\r\n"; } $html .= "</tbody>\r\n"; $html .= "</table>\r\n"; return $html; }

Hey, No real issue below works, but I'm trying to find best practices. Is the below normal, or is there a better more concise way to do it? private function lst($content) { $html = <<<"EOT" <table class="data clickable admin"> <thead> <tr> EOT; foreach(array_keys($content[0]) as $key){ $html .= <<<"EOT" <th>{$key}</th> EOT; } $html .= <<<"EOT" </tr> </thead> EOT; $html .= <<<"EOT" <tbody> EOT; foreach($content as $row){ $html .= <<<"EOT" <tr> EOT; foreach($row as $cell){ $html .= <<<"EOT" <td>{$cell}</td> EOT; } $html .= <<<"EOT" </tr> EOT; } $html .= <<<"EOT" </tbody> EOT; $html .= <<<"EOT" </table> EOT; return $html; }

I may have butchered it, but it works, and I can keep the classes in separate files. the simple class loader I have still works. <?php namespace main; class kernel{ protected $qry; protected $ses; protected $app; protected $fld; protected $sql; protected $acs; private static $instance = NULL; static public function getInstance() { if (self::$instance === NULL) self::$instance = new kernel(); return self::$instance; } public function __construct( qry $qry = null, ses $ses = null, app $app = null, fld $fld = null, sql $sql = null, acs $acs = null ){ $this->qry = qry::getInstance(); $this->ses = ses::getInstance(); $this->app = app::getInstance(); $this->fld = fld::getInstance(); $this->sql = sql::getInstance(); $this->acs = acs::getInstance(); } public function buildKernel() { $kernel = array(); $kernel['qry'] = $this->qry->get(); $kernel['ses'] = $this->ses->get(); $kernel['app'] = $this->app->get(); $kernel['fld'] = $this->fld->get(); $kernel['sql'] = $this->sql->get(); $kernel['acs'] = $this->acs->get(); return $kernel; } } ?> Output Array ( [qry] => Query string scrubbers [ses] => Check the session variables [app] => Settings for current application [fld] => Create the field array. [sql] => Create the initial sql statement. [acs] => Ascertain access level. )

Oh, those are freaking nice, I will do some reading.. but the facade looks to be what's needed. Thanks, I'll come back here to let you know if I used any of it. Frustrating that I didn't come across any of those with el'goog..

Not really an issue, just trying to find best practices. In the past I've extended classes but never was successful with more than a couple together. I'm putting together an array that kinda acts like a back bone for a dbms. Each one of these nested classes is a part of that array that would change depending on stuff like querystrrings, who's logged in or whatever. Later of course accessing one of the nested classes would be necessary.