Jump to content

KillGorack

Members
  • Posts

    74
  • Joined

  • Last visited

About KillGorack

  • Birthday 11/22/1970

Profile Information

  • Gender
    Male

Recent Profile Visitors

1,501 profile views

KillGorack's Achievements

Regular Member

Regular Member (3/5)

1

Reputation

1

Community Answers

  1. Thanks, I'll do some testing with that one, and let you know.
  2. Egad! no I'm not. never thought of that. Could that be the issue?
  3. Basically, it's about a login that is persistent. On the host I use it works well no errors, but on my computer, I can log in, then after a page load, it's gone. part of a class. session_name('__Secure-PHPSESSID'); session_set_cookie_params([ 'lifetime' => 0, 'path' => '/', 'domain' => $_SERVER['SERVER_NAME'], 'secure' => true, 'httponly' => true, 'samesite' => 'Strict', ]); session_start(); header("Content-Security-Policy: default-src 'self'"); header("strict-transport-security: max-age=31536000"); header('X-Frame-Options: sameorigin'); header("X-XSS-Protection: 1; mode=block"); header('X-Content-Type-Options: nosniff'); header("Feature-Policy: vibrate 'none'"); header("Referrer-Policy: no-referrer"); header('Access-Control-Allow-Origin: *'); header("Expect-CT: max-age=86400, enforce"); header_remove("X-Powered-By"); date_default_timezone_set($this->pdo->getSetting('timezone')); I can re arrange the code above and it works but get some warnings. like "Session name cannot be changed when a session is active" admittedly I'm kind of lost.
  4. Ok, Site vulnerability with an older version of jquery-ui, so I update to 1.13.1 with npm. But I cannot find the js file in my node_modules folder. What am I missing?
  5. Typo fixing this for future reference.. apologies! SELECT GREATEST( COALESCE((SELECT acs.acs_read FROM acs WHERE acs.acs_usr = :usr AND acs.acs_app = :app), 0), COALESCE((SELECT app.ap_read FROM app WHERE app.ID = :app), 0), COALESCE((SELECT acs.acs_administer FROM acs WHERE acs.acs_usr = :usr AND acs.acs_app = 3), 0) ) AS `read`, GREATEST( COALESCE((SELECT acs.acs_modify FROM acs WHERE acs.acs_usr = :usr AND acs.acs_app = :app), 0), COALESCE((SELECT app.ap_modify FROM app WHERE app.ID = :app), 0), COALESCE((SELECT acs.acs_administer FROM acs WHERE acs.acs_usr = :usr AND acs.acs_app = 3), 0) ) AS `modify`, GREATEST( COALESCE((SELECT acs.acs_administer FROM acs WHERE acs.acs_usr = :usr AND acs.acs_app = :app), 0), COALESCE((SELECT app.ap_administer FROM app WHERE app.ID = :app), 0), COALESCE((SELECT acs.acs_administer FROM acs WHERE acs.acs_usr = :usr AND acs.acs_app = 3), 0) ) AS `admin` from acs WHERE acs.acs_usr = :usr
  6. It's kinda ugly but this works SELECT GREATEST( COALESCE((SELECT acs.acs_read FROM acs WHERE acs.acs_usr = :usr AND acs.acs_app = :app), 0), COALESCE((SELECT app.ap_read FROM app WHERE app.ID = :app), 0), COALESCE((SELECT acs.acs_administer FROM acs WHERE acs.acs_usr = :usr AND acs.acs_app = 3), 0) ) AS `read`, GREATEST( COALESCE((SELECT acs.acs_modify FROM acs WHERE acs.acs_usr = :usr AND acs.acs_app = :app), 0), COALESCE((SELECT app.ap_modify FROM app WHERE app.ID = :app), 0), COALESCE((SELECT acs.acs_administer FROM acs WHERE acs.acs_usr = :usr AND acs.acs_app = 3), 0) ) AS `modify`, GREATEST( COALESCE((SELECT acs.acs_modify FROM acs WHERE acs.acs_usr = :usr AND acs.acs_app = :app), 0), COALESCE((SELECT app.ap_modify FROM app WHERE app.ID = :app), 0), COALESCE((SELECT acs.acs_administer FROM acs WHERE acs.acs_usr = :usr AND acs.acs_app = 3), 0) ) AS `admin` from acs WHERE acs.acs_usr = :usr
  7. I don't have a separate app for admin purposes. Admin is just a bit boolean variable that will let a user do administrative functions in an app. Read; read stuff modify; modify stuff like record editing / deleting admin; administrative functions like changing how data is presented to users. These are just bits boolean variables..
  8. If it makes understanding it easier, here's my current solution.. $sql = "SELECT acs_read AS `read`, acs_modify AS `modify`, acs_administer AS `admin` FROM acs WHERE acs.acs_usr = :usr AND acs.acs_app = :app UNION SELECT ap_read AS `read`, ap_modify AS `modify`, ap_administer AS `admin` FROM app WHERE app.ID = :app UNION SELECT acs_administer AS `read`, acs_administer AS `modify`, acs_administer AS `admin` FROM acs WHERE acs.acs_usr = :usr AND acs.acs_app = 3"; $vars = array('app' => $kernel['app']['ID'], 'usr' => $kernel['ses']['usr']['ID']); $bits = $this->pdo->fetchdata($sql, 2, $vars); $row = array( 'read' => max(array_column($bits, 'read')), 'modify' => max(array_column($bits, 'modify')), 'admin' => max(array_column($bits, 'admin')), ); The weird part at the end where I point to app 3; Three is the permissions app. If you have the admin bit set at one there for a user.. you have access to everything..
  9. Need some pointers. User (usr), Application (app), and Permission (acs) tables. Need an SQL to ascertain access levels for read, modify, and admin.. A record in asc is NOT guaranteed! in the app table for example if ap_read = 1 then we need not a record in acs to read whatever is there. If however it was 0 we would need a record in asc with read = 1 for that app/usr combo I currently open and query these three separately, and it works, but there has to be a more elegant way. not EXACTLY normalized.. I guess. I hope the question is descriptive enough.
  10. Normally I would do this.. function tableInator($data, $class = "") { $html = "<table class=\"{$class}\">\r\n"; $html .= "<thead>\r\n"; $html .= "<tr><th>".implode("</th><th>", array_keys($data[0]))."</th></th>\r\n"; $html .= "</thead>\r\n"; $html .= "<tbody>\r\n"; foreach($data as $datum){ $html .= "<tr><td>".implode("</td><td>", $datum)."</td></tr>\r\n"; } $html .= "</tbody>\r\n"; $html .= "</table>\r\n"; return $html; }
  11. Hey, No real issue below works, but I'm trying to find best practices. Is the below normal, or is there a better more concise way to do it? private function lst($content) { $html = <<<"EOT" <table class="data clickable admin"> <thead> <tr> EOT; foreach(array_keys($content[0]) as $key){ $html .= <<<"EOT" <th>{$key}</th> EOT; } $html .= <<<"EOT" </tr> </thead> EOT; $html .= <<<"EOT" <tbody> EOT; foreach($content as $row){ $html .= <<<"EOT" <tr> EOT; foreach($row as $cell){ $html .= <<<"EOT" <td>{$cell}</td> EOT; } $html .= <<<"EOT" </tr> EOT; } $html .= <<<"EOT" </tbody> EOT; $html .= <<<"EOT" </table> EOT; return $html; }
  12. I may have butchered it, but it works, and I can keep the classes in separate files. the simple class loader I have still works. <?php namespace main; class kernel{ protected $qry; protected $ses; protected $app; protected $fld; protected $sql; protected $acs; private static $instance = NULL; static public function getInstance() { if (self::$instance === NULL) self::$instance = new kernel(); return self::$instance; } public function __construct( qry $qry = null, ses $ses = null, app $app = null, fld $fld = null, sql $sql = null, acs $acs = null ){ $this->qry = qry::getInstance(); $this->ses = ses::getInstance(); $this->app = app::getInstance(); $this->fld = fld::getInstance(); $this->sql = sql::getInstance(); $this->acs = acs::getInstance(); } public function buildKernel() { $kernel = array(); $kernel['qry'] = $this->qry->get(); $kernel['ses'] = $this->ses->get(); $kernel['app'] = $this->app->get(); $kernel['fld'] = $this->fld->get(); $kernel['sql'] = $this->sql->get(); $kernel['acs'] = $this->acs->get(); return $kernel; } } ?> Output Array ( [qry] => Query string scrubbers [ses] => Check the session variables [app] => Settings for current application [fld] => Create the field array. [sql] => Create the initial sql statement. [acs] => Ascertain access level. )
  13. Oh, those are freaking nice, I will do some reading.. but the facade looks to be what's needed. Thanks, I'll come back here to let you know if I used any of it. Frustrating that I didn't come across any of those with el'goog..
  14. Not really an issue, just trying to find best practices. In the past I've extended classes but never was successful with more than a couple together. I'm putting together an array that kinda acts like a back bone for a dbms. Each one of these nested classes is a part of that array that would change depending on stuff like querystrrings, who's logged in or whatever. Later of course accessing one of the nested classes would be necessary.
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.