maxkorlaar / pxl Goto Github PK

Completely new to me. Recommended by @clankstar, @MylesDev, @theminecoder and others.

Sorry for tagging 😗

TODO:

• Learn Laravel
• Controllers?
• Basic log in system, rest will follow I guess
• Fancy it up a bit, own mail looks and password reset messages, looks like they're all 'built-in' now and I should override them with own classes (I am guessing).

Just wondering what exactly would need to be changed to allow users to upload without registering?
Looking to host a free image upload site that's quick to use for friends and this base looks amazing and is smooth to use.

So I've been messing around with Materialize for quite a long time and what I noticed in your code and in the version hosted at https://pxl-dev.maxkorlaar.nl was that the design is not properly responsive.

This is what happens: http://imgur.com/a/6cbiw
In my website, I also had this bug with small screens (like with my iPhone 5s)

I see what you did to make the center card, and I solved this is my code from taking alway position: absolute; from the valign-wrapper. (before and after) I could not find where/if you did this, but I guess you did and that is my hint to fix. Thanks and hope you make it right.

Hi.
I need help setting this up as I am a complete noob at doing things like this. I want to know how to attach it to my domain too.

In the .env file there is a setting to make 2 factor auth mandatory for all users. The function has however not been implemented yet meaning that everyone can use the service without 2fa, even when they should have it enabled as configured.

I would like to prohibit uploading images when this setting is enabled and the current user does not have 2fa - Both when uploading via the API endpoint and via the website itself. I'd do it myself but considering it's Hacktoberfest 2017 I thought that it'd be nice to give someone else the chance to make this small change.

For some reason, it does not log the user out when executing the logout() function.

First, it checks if the CSRF-token in the request is valid (explicitly provided via GET in the url itself as it is easier to place a link on a page instead of a form, making it also non-JS-friendly) and then it performs the logout() function. It successfully passes the CSRF-checks (even though it redirects you now if it would not) but then redirects you back to the home page, without having cleared the session.

https://github.com/MaxKorlaar/Pxl/blob/master/app/Http/Controllers/Auth/LoginController.php#L102-L131

They currently show the default error page, and without a stack trace (which it shows in debug mode) it is quite ugly and pointless to the end user.

It should, when not debugging, show views/errors/500.twig to the end user on a fatal exception. It already does this for HttpExceptions, but not for Twig exceptions for example.