Tuesday, 11 November 2014

CSRF Vulnerability In Laravel 4

News from Laravel blog 
On November 7th, Chris Smith (@chrismsnz) of Insomnia Security alerted the Laravel development team of a method of bypassing the CSRF verification in Laravel 4 applications.

To patch your applications, modify the default CSRF route filter in the app/filters.php file to the following:
Route::filter('csrf', function()
    if (Session::token() !== Input::get('_token'))
        throw new Illuminate\Session\TokenMismatchException;

Note that the token comparison has been changed from a != comparison to a !== comparison. This will prevent specially crafted JSON requests from bypassing the filter.

If you are using the CSRF protection feature of Laravel, it is recommended that you apply this patch immediately.

Monday, 10 November 2014

Change user folders paths in Ubuntu

To change the paths to the user folders (Music, Documents, Videos, etc).Open user-dirs.dirs file in terminal by command:
 nano ~/.config/user-dirs.dirs
Each row is a user folder definition (music, video...), edit as you want

# This file is written by xdg-user-dirs-update
# If you want to change or add directories, just edit the line you're
# interested in. All local changes will be retained on the next run
# Format is XDG_xxx_DIR="$HOME/yyy", where yyy is a shell-escaped
# homedir-relative path, or XDG_xxx_DIR="/yyy", where /yyy is an
# absolute path. No other format is supported.

Save file, Logout and Login back to effect properly.

Thursday, 6 November 2014

Ubuntu 14.04 CMake Error qmake: could not exec

I built sqlitebrowser in Ubuntu 14.04 and foud qmake could not exec when run cmake command.
$ cmake ..
qmake: could not exec '/usr/lib/x86_64-linux-gnu/qt4/bin/qmake': No such file or directory
CMake Error at /usr/share/cmake-2.8/Modules/FindQt4.cmake:1386 (message):
  Found unsuitable Qt version "" from NOTFOUND, this code requires Qt 4.x
Call Stack (most recent call first):
  libs/qhexedit/CMakeLists.txt:8 (find_package)
Saw that Ubuntu 14.04 has not qt4-qmake. So, just install qt-sdk to solve this error:

sudo apt-get install qt-sdk

Saturday, 18 October 2014

[Laravel 4] change column name in Migration

In Laravel 3, you can change column name in migration file. From Laravel 4, If you are using the renameColumn function in your migrations, you will need to add the doctrine/dbal dependency to your composer.json file. This package is no longer included in Laravel by default.

So, just  include "doctrine/dbal":"*", as a dependency in composer.json.
Update by running composer update:

In migration class, you can use renameColumn method like the following:
Schema::table('TABLE_NAME', function($table)
    $table->renameColumn('OLD_COLUMN_NAME', 'NEW_COLUMN_NAME');

Thursday, 3 July 2014

[Laravel 4] Class not Found error when using migrate:rollback

Run composer dump-autoload  in terminal to update autoload class file. After that, run migrate:rollback again

Thursday, 12 June 2014

Sublime text 2 - Setting vertical line after 80 characters

Hold on !  Why 80 characters ?

Well, I think It's common coding standard (May be it's a result of the IBM's 1928 80 column punched card format )

In Sublime text 2, we can add one or more vertical lines after amount of characters (basing on what you setted) like the following: As you can see, I have 3 vertical line on the right side of screen.To set them, just open up your setting file in "Prefernce/ settings-User" menu , and add "rulers": [80,90,100] option :

/* Preferences / settings-User*/
 "color_scheme": "Packages/Color Scheme - Default/Monokai.tmTheme",
 "font_size": 15,
 "rulers": [80,90,100]


The values of array : [80,90,100] are the number of characters  alternately.

Friday, 4 April 2014

Generate migration from existed database in Laravel 4

Laravel supports migration function which help us manage database and collaborate with team members better. We write code to define schema, execute the migration to evolve the database schema.
Synchronize our source code with all team members, each person will knows about any scheme change. When you deloy for app on a production server , it's also a robust way to upgrade our database schema, I think.

I'm using Laravel with mySQL database. For quick database design, For some project, we need some database design first (It sounds  not in Agile way ^^). I use mySQL workbench and synchronize between local database and MySQL Workbench's EER model. We have EER diagram for document, live database in right place. And, we need migrate source in right place ,too.

Let's think about the work - flow in this situation:

For the first time.

ER analysis --> create EER diagram in mySQL workbench --> synchronize with dev database --> generate migration source code.
Change database schema when developing: 

Edit migration source --> migrate into DB --> synchronize with EER diagram in mySQL workbench to update EER diagram.

Thank to JeffreyWay  and Xethron who created  2 amazing tools which  help us generate migration source code from existed database in Laravel 4.

We need some config.

 Install Laravel 4 generator &  Laravel migrations Generator.

Edit your  project's composer.json and add an "require-dev" section:

  "xethron/migrations-generator": "dev-master" 

composer update
You should see that xethron/migrations-generator has required way/generators package. way/generators
package is also installed.

Edit your config/app.php file (I recommend to create dev or local enviroment and make them separate from production )
Run php artisan command you would see generate command is added to migrate

Generate migration from existed database

Run php artisan migrate:generate command to generate migrate file of all tables in current connection.
It will creates migration files of all tables and foreign keys in your databases.

(To be continue ....)