When I upgraded to new CI version, it is adding backticks to every group by and other queries. So I would like to disable it using $db['default']['_protect_identifiers']= FALSE; in database.php cofig file. This has any impact on security ?
Backticks keep your table and field names from conflicting with the DB keywords. They have nothing to do with security
Related
So JHipster comes by default with the 'dev' and 'prod' profiles. I need to add another profile called 'hive' because I want to try and connect that profile to a HIVE database .. through an URL Connection String like this one:
"jdbc:hive2://localhost:10000/default"
I am a begginer with JHipster so I really don't know where to find the documentation if there is any. And so far I haven't seen any post about creating a new profile. I don't know what files to add, what things to change in order to use that profile rather than the 'dev' or 'prod' one, etc. I can see I have to create a new file called src/main/resources/config/application-hive.yml and that a lot of the code will go there ... but still I don't where is all the information about how to set all of those properties.
Thank you very much.
JHipster can't support Hive because Liquibase does not support it and I don't think JPA/Hibernate supports it either.
So I'm working on a little web application in which you can manage your database.
Now I can use the following function to retrieve all databases
DB::select('SHOW DATABASES')
But I now want to be able to get the tables for each of those databases and eventually do more with those databases, but I figured if I get this working that wouldn't be a problem.
Normally you'd have the different database in your config, but since I want my application work with "any" database and make sure I don't have to manually add all the databases etc since that's the kind of work I want my web app done for me.
I've tried tricking around it a bit without success for example.
DB:select('USE dbName; SHOW TABLES');
DB::select('SELECT dbName(); SHOW TABLES');
Obviously this didn't work, but is there any "proper" solution to this? I thought editing the .env variable on the fly might've been an option, but I can't seem to find a "legit" way to do that either.
You don't need this.
I thought editing the .env variable on the fly might've been an
option, but I can't seem to find a "legit" way to do that either.
What you need is this
DB::purge('mysql');//IMP
Config::set('database.connections.mysql.host', $host);
Config::set('database.connections.mysql.database', $database);
Config::set('database.connections.mysql.username', $username);
Config::set('database.connections.mysql.password', $password);
You just need to figure out a way to get the values for $host, $database, $username, and $password dynamically.
One way to do that is have a database which stores all these values and point the default database connection (say mysql in config/database.php) to it. Then read values from it on the fly and set the connections accordingly.
Anyone please help me on how to disable DELETE option in EF6?
I mean from the application, now record should be deleted (even accidentally)
Thanks.
Create a user/role in the database that does not have permissions to delete/modify records and use it in your application. EF itself is not meant to be a security tool and there are always options to perform a delete operation (e.g. a developer can send any arbitrary SQL query/command to the database bypassing all the 'security' measures implemented in the data access layer)
When getting the entities call with AsNoTracking() option.
eg :- Context.Users.AsNoTracking()
Edit after Stevens Comment
Its true that anyone can still go and change the entity state to Deleted manually. I would recommend, using Repository Pattern for data access and can restrict delete operation. By hiding the DbContext outside of the assembly.
After a research it seems that Meteor Sessions are reset after refreshing page or opening the website in new tab, i.e. they are not usual server-side sessions but something like global javascript variables on client-side. Some people advice to use AmplifyJS, but I'm not sure that it will work like usual session in other frameworks/languages and also it is a third party library, so is there any normal way to use sessions in Meteor, i.e. keep user-specific data on server?
At this moment I'm handling that by using custom Collections, but it is not an ideal way of doing that because it is needed to remove expired values from Collection manually, which makes additional troubles.
Yes this is correct. Despite the name Session is nothing like a cookie, but just a reactive form of a variable stored in a hashmap
To keep data persistent across tabs you need to use a Collections (as this is the only way to reactively share data across tabs) - Cookies can't work because they can't be made reactive as data needs to be sent to the server to notify the client when there is a change. There really wouldn't be another way at the moment as the publish/subscribe methods can only send down data from collections at the moment.
You can use your setup you have now with your custom collection. You can use a server side cron job to remove expired data (either with Meteor.setInterval or Tom Coleman's cron.
There is a package developed just for that: https://atmospherejs.com/u2622/persistent-session
After installation you can use the following functions to set sessions which are persistent:
//store a persistent session variable which is stored across templates
Session.setPersistent(key, value);
//same as above, but automatically deletes session data when user logs out
Session.setAuth(key, value);
I've tried the package and it works like charm.
I'm a bit lost how I should get the entity framework to work with automatic migration. I want:
The database to be created automatically when it doesnt exist
The database to be updated automatically when the model changed
For the latter I'm using DbMigrator. It is rather slow so I don't want to run it every request, and also I have multiple databases in the same application so it cant go in Application_Start which is why I put it in Session_Start like this:
if (Session["started"] == null)
{
// this takes care of any database updates that might be necessary.
MigrationConfiguration configuration = new MigrationConfiguration();
DbMigrator migrator = new DbMigrator(configuration);
List<string> pm = migrator.GetPendingMigrations().ToList();
if (pm.Count > 0)
{
migrator.Update();
}
}
else
{
Session["started"] = "started";
}
Not sure if this is the right way to do it but it seems to work, however it doesnt actually generate the database when it doesnt exist. It gives me a "Cannot open database "db" requested by the login"
I had this working before with the following:
Database.SetInitializer<DbContext>(new InitializerIfModelChange());
This drops the database and generates seed data which is fine for when the database doesnt exist but it also is triggers when the database is changed (in which case I would like DbMigrator to handle it) This was in Application_Start before but I'm not sure what to do with it. I'm afraid that it will conflict with the DbMigrator. How would I set this all up in order to achieve the two things described earlier?
I manually run the Update-Database in the package manager whenever the database needs to be changed. Initially I used the Database.SetInitializer like you did to create the database but have it commented out now.
Checkout Entity Framework 4.3 Automatic Migrations Walkthrough for more advanced help.
This should work for what you want, then if you need to create a new database just add Database.SetInitializer<NewDBContext>(new NewDBInitializer()); like you had, build and run. Then comment it out so it doesn't run in the future on a model change and instead use the Update-Database command in the package manager.