In a Laravel project in the folder app/mail there is a file called WelcomeDogSchoolManager.php
In this file I can see the text that is being sent when a new user registers himself.
Within this file, I can see the following code:
#component('mail::button', ['url' => $passwordResetUrl])
Registreren
#endcomponent
Unfortunately, the developer left a mistake in the $passwordResetUrl (leaving it at "https://login..{domain}.nl" instead of the required "https://login.{domain}.nl"
This causes all my users being unable to register (unless they manipulate the URL).
Where in the Laravel Project can I search for the option to change the $passwordResetUrl?
I have no working knowledge of Laravel and am basically just searching through all the files on the server using Filezilla, trying to figure it all out. I got to this point, but have no idea how to proceed further.
Any tips are appreciated!
if your're using Laravel version lower then 6 then search for forget controller. It's basically inside that folder because email is triggered from that controller. Hopefully, you'll find the parameter which is passing to the WelcomeDogSchoolManager class.
Related
I'm new to Laravel and I am handed an existing application that is composed of two parts:
1 - An admin backend built on Laravel and uses Vueify
2 - The frontend website built on next.js and uses react components
The admin part communicates with Laravel using the "web routes" but also uses the "api routes" as well since the vue components make AJAX requests using those "api routes".
I am now tasked with "connecting" the frontend part to the laravel app. The frontend part will be using AJAX as well to communicate with laravel but I was told I should not use the same "api route" that is used by the admin backend because that has a lot more privileges that should not be accessible by the frontend. Basically it's a security risk and that I should somehow separate the two.
I'm not actually sure which term to use.. I initially thought it was called "channel" but I see that channel is one of the 4 "ways" of connecting to laravel (the other 3 being web, api and console). So I think routes is the term to use and forgive me for the double-quotes.
I have made a simple diagram to show the structure I mean. What I need to know is is there a way to create a second api route that would be used exclusively by the frontend and would include only a limited set of priviledges. I imagine something like /frontapi/ or /webapi/ as opposed to /api/ which is used now by the backend.
Thanks a lot for your help and please correct me if I am using wrong terminology.
EDIT
Thank you all for answering the part regarding separating the route prefix and the api route files.
One part of the question that I realized late that I hadn't made clear was the importance of separating the API Keys for both APIs since I think that is the main security issue and what would really make then two individual API "Channels or ways". I think that is one reason why I was confusing about the terminology because "way" sounded to me more separate that just a "route". I've also edited the question to reflect that. Thank you again for taking the time to help.
You can decompose routes in as many files as you want, you can also give each file its own prefix (like how api.php routes start with /api)
The modification need to be done in App\Providers\RouteServiceProvider
//in map() add $this->mapApiTwoRoutes()
public function map()
{
$this->mapApiRoutes();
$this->mapApiTwoRoutes();//<---this one
$this->mapWebRoutes();
}
//now add the method mapApiTwoRoutes
protected function mapApiTwoRoutes()
{
Route::prefix('api2')//<-- prefix in the url
->middleware('api')//<-- api middleware (throttle and such check App\Http\Kernal.php)
->namespace('App\Http\Controllers') //<-- you can modify the namespace of the controllers
->group(base_path('routes/apiTwo.php'));//<-- file containing the routes
}
And that's it.
You need to define a new route file, firstly add a new entry $this->mapApi2Routes(); in the map() function in app\Providers\RouteServiceProvider.
Then add a new function in that file, basically copying the mapApiRoutes() function, call it mapApi2Routes(). You can use different middleware etc. for the new file.
The last step would be adding a new file api2.php in the routes folder.
I have a Codeigniter framework setup that I move cross multiple domain setups as a default starting point. However when I was going to apply it for the first time to a one.com domain I got an error.
An Error Was Encountered
Unable to load the requested class: Form
So far I have tried with checking the source for this. I went into the autoload.php and first tried to change from "form" to "Form" as I found out on another site because of Linux being sensitive to capital letters, but to no use.
I then removed the form all together and then I got the same error, but from the helper "url". I removed that and it went up to libraries and started printing same error for the first in that array.
$autoload['libraries'] = array('Database', 'Session', 'User_agent', 'Upload');
$autoload['drivers'] = array('Form', 'Url');
If there is anything more I can add to shine light on this or make the question better please tell me and I will add it. I am not sure at all where the fault might lie so therefore the information is a bit pale.
You are trying to load a CI helper as a driver ! So the framework looks for a driver Form.php file, which doesn't exist (not in the standard CI installation).
| These classes are located in system/libraries/ or in your
| application/libraries/ directory, but are also placed inside their
| own subdirectory and they extend the CI_Driver_Library class
What you want to do is to load the "form" helper (and the others). A helper is loaded like: $this->load->helper('form'); or autoloaded.
CI - helper
CI - autoload
CI - driver
im fairly new to laravel and im currently working on a project that needs to store files in the server. What im doing is store it under public/docs the problem is the files under that directory is accessible all the time given that they know the url to the certain file. for example even if they are logged out if they know this url http://localhost/dummy/public/uploads/docs/2016-06-02-10-52-43-oth-content-inventory-and-planning-spreadsheet.pdf they would be able to access it what im thinking is to do something like this
in my routes i would do something like
Route::any('uploads/docs/' , 'go to some controller to check if user can acces');
is this possible? thanks in advance!
it's called public for a reason...
you should use storage instead (laravel 5) in storage you dont restrict access, actualy the opposite, you grant access to the file .
try this for laravel 4.2 (move the file after upload like this to a storage folder)
Input::file('file')->move(__DIR__.'/storage/',Input::file('file')->getClientOriginalName());
});
Anyway ,the conclusion is that you can't restrict access (you shouldn't even if there is a way) because it's meant to be public ! so you should use storage folder(or whatever its called in laravel 4)
I have created page for mail template and set buttons for preview template also.
I have set image path from my local machine like,
src="/projectname/app/webroot/img/logo.JPG"
and when i preview that template it displays logo.
when using that template when i send mail image is not displayed in email.
So can anyone please tell me what could be the issuee or i am missing something like mime types?
Thanks,
This won't work. The email is opened in a client, what the hack would a path like "/projectname/app/webroot/img/logo.JPG" mean to that client? What is the domain?
You can either add a domain to the SRC like src="http://example.com/projectname/app/webroot/img/logo.JPG". But this won't be displayed by default, because it is a security risk.
Imagine spammers including images like src="http://example.com/feedback?id=12345" to each email, where ID is identifying each e-mail address the mail is sent to. Each client downloading this image will acknowledge the receiving of this e-mail, letting the spammers know you are reading their spam. Most e-mail clients explicitly ask you whether images referred to in the mail should be downloaded or not.
An alternative solution is to include each e-mail as an attachment to the e-mail, then you can refer to it as an "inline" image. This does no requires external connection and is less of a security risk, mostly allowed by default in clients.
I've google up a component that supposedly supports also inlining, but you might find others as well:
http://bakery.cakephp.org/articles/CraZyLeGs/2006/12/18/swiftmailer-component-tutorial
Within emails, you must use your full path, not a relative path. To do this easily in CakePHP, use the: FULL_BASE_URL constant with the HTML Helper like this:
<?php
echo $this->Html->image(
FULL_BASE_URL . $photo['Photo']['path'].$photo['Photo']['filename']
);
?>
(obviously this could be done in one line, but I broke it down for ease of reading on StackOverflow)
That's probably because when you test on your local machine, that path is fine. But if you send an email to yourself (say gmail) your browser will probably look for the image somewhere like http://mail.google.com/gmail/projectname/app/webroot/img/logo.JPG and will not find your image there.
So you'll need to set your image source to something like http://localhost/projectname/app/webroot/img/logo.JPG.
The email client needs the absolute path to the image; use the HTML helper to attach the full base:
<?= $this->Html->image("logo.JPG", array('fullBase' => true)) ?>
Note that the /projectname/app/webroot/img/ is not required when using the HTML helper.
If you are using CakePHP v1.2 or 1.3 (yes they are deprecated - but hey someone might find this useful) you will need to add a Content-ID header to the image to be attached to the email so you can refer to it via the cid when using it inline in the message. Open the email controller of the cake installation and add this line in the __attachFiles() method:
$this->__message[] = 'Content-ID: <' . basename($file) . '>';
You can then add the image in your template like so:
The attachfile method of email class in v1.2 & 1.3 only accepts paths and does not have the added functionalities of later version hence the "hack"
I am working on a new module of existing live project. It is a website developed in PHP Zend Framework. New module is on admin side. It runs properly on my localhost/virtualhost.
When I uploaded it online with correct directory path it is found that one file is not found.
It is called like
www.example.com/admin/controllerName/actionName
All the actions works except one action that doesn't display anything and returns exception error mentioning that page or file not found.
What could be the issue? I have checked folders. If one action for the same controller works than why doesn't other. Both have their .phtml files in View section.
Help would be appreciated.
Would I be right if I guessed your local development environment was Windows?
It's probably a filename case sensitivity issue.
Assuming your request looks like
www.example.com/admin/fusionmaps/newpage
I'm not sure how you've setup your modules but if it's reasonably standard, you should have something like this (note the upper and lowercase characters)
application/modules/admin/controllers/FusionmapsController.php
The controller classname should be Admin_FusionmapsController with action public function newpageAction()
The view script should be at
application/modules/admin/views/scripts/fusionmaps/newpage.phtml