in codeigniter, when loading a model there is a third Boolean argument.
should it always be true?
what is its best practice? does it matter if loading multiple models in one controller function?
thanks allot!
This is in the CI documentation:
"You can tell the model loading function to auto-connect by passing
TRUE (boolean) via the third parameter, and connectivity settings, as
defined in your database config file will be used..."
You can read more about it here: Connecting to your Database
The third argument should be set to true, if you wish the model to automatically connect, otherwise you may get a database error.
Related
I developed a Laravel application that connects to a external MySQL database for reports. I'm using Maatwebsite/Laravel-Excel 3.1 to be able to export to excel.
In this app, I have a method in my model that uses Input::get() for 3 variables ($from, $to, $paymentType). This method is called whenever the user chooses date range and payment type as filter for their reports. Everything works as it should since data is displayed in my view.
Now this same method is called when the user chooses to export the file to excel. Again, all that works except the files is blank.
The curious thing is that if I replace all Input::get() for static values such as '2018-11-14' for the dates and 'n' for payment type, then the file exports with data.
I've been struggling with this for a couple of days so I hope someone can help me.
Thanks,
Ernesto
First, towards the top of the controller file, add:
use Illuminate\Http\Request;
Then, you can access the fields by:
$request->input('from');
$request->input('to');
Assumption: from and to are correct field names.
You can also use request()->input('from') etc. directly (note the absence of $).
Please see this for more info: https://laravel.com/docs/5.6/requests
If the parameters are obtained from the request you should use $request->input() instead of Input::get().
If used in a function where $request is not available you could use request('variable') to get the variable value from the request.
How do I validate password using function module which is stored in Z*** table against the sy-uname in ABAP?
I am using function module to create OData service for Fiori app where in the moment user hits on enter button it should display successful else unsuccessful based on sy-uname?
First,
you never ever shouldn't store passwords for your application in plain text.
It is so obvious that never should be mentioned, but nevertheless. Only hash functions from your passwords should be stored.
Second, following function module should be used for generating hash and validation against it:
CALL FUNCTION 'MD5_CALCULATE_HASH_FOR_CHAR'
EXPORTING
DATA = LV_PASSWORD
IMPORTING
HASH = STRU-PASSHS.
Also, you can check SECH function group and modules contained there, but consider that some of them are deprecated.
I am implementing a cache mechanism for some WebAPI actions. i found the following option is useful but i am not sure its the best way:
I am going to use context.Cache["[Here i will set the action name and the values of all the parameters passed to the action]"] = [here i will set the result i got from the database] in a Filter i will build.
The action filter will search the string of the action name and the parameters in the context.Cache collection. if exists, will return the data instead of executing the original action.
Is that the best approach?
Btw, i prefer to not use any 3rd party libraries.
Say you have a User model. The controller is attempting to create a new User. Should the controller check that the username is valid, and the password is long enough, and the first and last name are filled out, etc? Or should you pass all that data straight to the User model via a Create method? The Create method would then return a true on success, or false on failure?
If it's the latter (and I think it is), how do the error messages get sent back to the controller (so they can be displayed in a view)? Should you pass an errors array to the Create method which the model augments? Or should the model keep an internal store of errors, with appropriate accessors? I don't like either method...is there a better way?
These errors don't seem exceptional, so I don't think exception handling is appropriate.
Edit: I'm using PHP for this project, but I use Python too.
For the first question, the model should do the verifications (and use some form of error handling to notify the controller and view that errors did or did not occur). For the second, it depends on what programming language / framework you are using... What are you using?
A simple question: I have a Model-View-Controller setup, with Models accessing a SQL database. In which part should I sanitize/check for malformed incoming data?
It's important to keep error handling as low as possible in the stack, but supplemental in other parts. If you keep the sanitizing in the controller, you could break the model by swapping out the controller with a looser one, but you can never break the model by being strict higher up in the stack. Keep the sanitizing low in the stack for consistency, and high in the stack for user feedback.
I'd say the Controller should sanitize input.
The model should at most decline to store invalid data.
I would say it is the responsibility of the controller to validate the input and make sure the data is valid before passing on the data to the model.
If invalid data is found, the controller should redirect back to the view and display the relevant error messages.
Having validation in the view only could be bypassed if the user doesn't have javascript enabled or posts to the url directly, however some validation in the view is better from a user experience point of view since the user does not need to wait for a return from the server in a web application.
The model will validate business logic rules, i.e. password length requirements, if a user is allowed to perform an action or not.
The model should obviously also make sure interaction with the database is done in a safe way so that SQL Injection is not possible.
The controller should handle relaying business logic errors back to the view, but can also do some basic sanity checks, i.e. a field is not empty.
I would say output sanitization should also go in the Controller before being passed to the View.
I use two levels of checking. My controller will check what is supposed to be a date is a date, an int an int and so forth. Basically ensuring they can be used to set the values on my objects.
Then my domain has validation for things such as valid values and other business rules. These are ALWAYS checked before saving or interacting with an edited object.
All errors from either level get returned to the user so they can take remedial action as necessary.
I tend to:
Put syntactic validation in the view ("this field is numeric", "that field is a date"). This is often very easy or even implicit in your choice of view design (eg: using a date picker for date fields).
Put semantic violation in a separate validator class ("this date field has to be after that date field", "this can be null if that is greater than zero") and call the validator from the controller, passing errors back to the view for display.
(for my own pseudo-correct definitions of syntax and semantics...)