Is there a way- besides looking over all my code- to find out what controller is setting a flash message?
I have this message that is displaying on all pages, except admin_ pages, which I apparently set at some point during testing, but I would like to get rid of.
I have searched through much of my code for $this->Session->setFlash but I can't seem to find where the problem is.
In short, no. Technically the flash message can be set from anywhere as it's just a session value. Instead, you can debug the location right above the flash message.
In your view, add the debug statement under where the flash message is set.
echo $this->Session->flash();
debug($this->here);
Related
I don't know if this is bad code on our part, or a bot/spider doing something for tracking purposes. What I'm seeing is our URLs are getting modified, and it's generating site errors and error emails that I'm set up to get when it seems like my site is being hacked.
For example, a URL that should read/load like this
http://site.com/page.asp?pid=915411&order=Date
gets loaded like this
http://site.com/page.asp?pid=-1'&order=Date
the email I get shows
query string = pid=-1%27&order=Date
The IP address that comes up in the error emails always change, but many point to Kiev or Minsk, but are so varied I don't see how I can stop this from happening easily. My site is on an IIS 7.5 server, win2008.
Someone is trying to hack your application. They are testing if your application uses values from the forms or URL directly into SQL statements.
This hacking attempt is easy and called "SQL injection". Check your application if it is vulnerable, fix it immediately if required.
Additionally, try to track the attackers and if you see them coming from a set of IP addresses, block them.
Using HTTP_REEFER we are able to control the URL Modifying on directly.
Try the below code
if Request.ServerVariables("HTTP_REFERER") = "" Then
RESPONSE.WRITE " <b><h1><font color=blue></font><font color=red>UNSECURED MENU ACCESS</font><font color=blue></font><h1></b> "
response.end
End if
Is there any functionality that allow me do something like flash messages in cakephp? I don't want to use session, because it shows flash message on the next page.
For example:
user type link with mistake mysite?action=mistake and i want to check in controller if there isnt mistakes like this so i have array with some actions which are allowed and i check if $this->params['url']['action'] is there. If it isn't i want to show error to user , but this error shows only on second page (or if i reload). How can i avoid this?
The error you see is just a div with a concrete style. Something like:
<div id="flashMessage" class="error-message">Error</div>
What you could do is check with Javascript whatever you want to check and if it is not as expected, append the error div wherever you want.
That's what I have dont in some forms to show the error in real time.
If you want something more elaborate you could try this:
http://www.alfbd.com/cakephp-ajax-form-validation-with-jquery-and-jsonview/
I've taken a reCaptcha plugin from this guy
(github link of the plugin)
I've entered the following code form in my view:
[form creation]
[table]
[inputs]
[/table]
echo $this->Recaptcha->show(array('theme' => 'white'));
echo $this->Recaptcha->error();
[/form]
I've followed the steps suggested, and the reCaptcha window appears properly, but no matter what I enter in the captcha, it never gets verified and I always receive the 'message' field of beforeValidate (I've set it to "You've entered a wrong message" etc).
I'm not even sure how to debug it to see at which point it fails. Even if I just replace all the code in checkRecaptcha function with "return true" to try and skip the validation with the keys and just see if the rule itself is correct, it still remains the same, and I'm generally not getting any of the specific incorrect-captcha-sol messages that I read around.
Am I correct to assume that the only code I need inside my controller function (assuming I've already included the component and helper in the controller) is Configure::load('Recaptcha.key'); and no further manual validation checks?
(unfortunately I can't link you my whole project due to rights)
I had a similar issue. Try removing the 2 response and challenge field lines in the component and overwrite them with these:
$controller->$modelClass->set('recaptcha_response_field',
$controller->request->data['recaptcha_response_field']);
$controller->$modelClass->set('recaptcha_challenge_field',
$controller->request->data['recaptcha_challenge_field']);
if i have a cake php saveAll method like so:
if ($this->Video->saveAll($this->data)){
... // stuff that never happens, sadly
} else {
...
$this->Session->setFlash('boo! hss! error here');
}
how do i print out the database error? I tried:
$this->Session->setFlash('boo! hss! error here' . print_r($this->Video->validationErrors,true);
but that didn't work (it just showed me an empty array)
cheerio!
UPDATE:
ah. So, the problem is that, while normally i'd get the database error, i was using the old prg mechanism, and cake doesn't (magically) show the db errors on redirect pages.
Fair enough, but in the future, how the heck am i meant to see the db errors on a redirect page (that is, the question still stands, its just that most people probably just SEE the error, and don't need to do anything to get it)
make sure debug is set to 2 in config/core.php
print error messages to the log file like so:
$this->log(print_r($this->Video->validationErrors, true));
I am simply trying to pass data from my controller to my default layout file:
users_controller
$this->set('fish', 'trout');
default.ctp (layout file)
echo "You caught a " . $fish. " from the river.";
What I am trying to achieve is: echo $group['Group']['name']; in the default layout file, but the above was my first attempt to understand how the relationship actually works.
Thanks for any advise on this : )
anything that you set to the view is available in the layout.
If you set anything in the default.ctp, it will show in the layout just like you would do in a view. There's no difference.
You might not be seeing anything because you have set debug to 0 and you have an error. Try making it 2 and check it out.
As Thorpe says, you need debug set to non-zero.
Check (and change) in app/core.php (search the file for debug and you'll see the information you need).
If you're not getting any output this is most likely the problem.
debug($aVar); is IMO more useful than echo or pr as it will output the line number even if there is no other output (but you must have debug enabled!).