digitaltim / boutiquecommerceold Goto Github PK
View Code? Open in Web Editor NEWHelping Mom & Pop. eCommerce and Point-Of-Sale Platform for Apparel Boutiques. Currently under development.
License: MIT License
Helping Mom & Pop. eCommerce and Point-Of-Sale Platform for Apparel Boutiques. Currently under development.
License: MIT License
Currently am redirecting to home with error message. - See CsrfMiddleware.
authorization is basically 'hard coded' for admins functionality:
{% elseif key == updateColumn %} {% if authentication.user.role == 'owner' or attribute(row, 'role') != 'owner' %} <td><a href="{{ path_for(updateRoute, {"primaryKey": attribute(row, 'id')}) }}" title="update">{{ value }}</a></td>
as is delete logic:
{% elseif key == 'delete' %} {# do not show delete link for the current user (cannot delete self) or for owner rows if the current user is not and owner #} {% if attribute(row, 'username') != authentication.user.username and (authentication.user.role == 'owner' or attribute(row, 'role') != 'owner') %} <td><a href="{{ path_for(value, {"primaryKey": primaryKey}) }}" title="delete" onclick="return confirm('Are you sure you want to delete admin {{ attribute(row, 'username') }}?');">X</a></td>
for non-fatal errors handled in ErrorHandler::handleError(), we currently redirect to the home page and display the error message (details on dev site, generic on live site). is it better to remain on the current page (either redirect to current script or spit out complete html page within ErrorHandler)?
Currently are setting
$_SESSION['formInput'] = $request->getParsedBody();
in controller methods as needed. I believe this is the best approach, even though it causes some repetition as opposed to setting it once in middleware, because it must be unset upon a successful controller action and that doesn't seem possible through middleware. Leaving it in the controller methods will be a good workflow, setting and unsetting in each method where form input is required.
Note, the middleware code that works for setting is
if ($request->isPost() || $request->isPut() || $request->isPatch()) {
$_SESSION['formInput'] = $request->getParsedBody();
}
-- (chunk of html problem: https://www.perl.com/pub/2002/02/20/css.html). does twig prevent it or does |raw thwart that? => using |raw is potentiall unsafe: https://vivait.co.uk/labs/safely-escape-twigs-json_encode-without-using-raw
getting written to log file on occasion for me
[2017-04-20 19:22:21 America/New_York]btqWeb Page: GET /type: 32
message: type: 32
file: Unknown
line: 0
type 32 means CORE WARNING or something. i'm guessing there's something wrong in my php.ini file - sounds minor. i'm not sure how to debug, but not really a problem
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.