Problem with NULL values you should remember

When trying to execute SELECT OR UPDATE query for rows different than a specific value, we should be aware to insert additional statement for null values too.

For Example:

        UPDATE account_event 
        SET account_event.assigned_to_id = 2 
        WHERE account_event.status != 1

With this query your goal is to update all rows where account_event.status is different from 1. But if status have null value it wont be updated!
In MySQL all null elements are skipped from comparison and will never be Selected or Updated.

When you have a null fields you should always add additional statement for null like this:

        UPDATE account_event 
        SET account_event.assigned_to_id = 2 
        WHERE account_event.status != 1 
        OR account_event.status IS NULL

Symfony – Create a service – the right way

Always create service interface for your service. This way you will have better structured code and phpunit testing will be real pleasure.
Also use dependency injection for your repositories in the service.

Service Interface Example

interface UserServiceInterface{
  public function getUsername();
  public function viewAll();
}

Service Example

class UserService implements UserServiceInterface
{

  private $entityManager;
  private $userRepository;

  public function __construct(EntityManager $entityManager, UserRepository $userRepository)
  {
    $this->entityManager = $entityManager;
    $this->userRepository = $userRepository;
  }

  public function viewAll()
  {
    return $this->userRepository->findAll();
  }
}

Repository Example

class UserRepository extends \Doctrine\ORM\EntityRepository
{
  public function __construct(EntityManager $em, Mapping\ClassMetadata $metadata = null)
  {
    parent::__construct(
      $em,
      $metadata == null ?
      new Mapping\ClassMetadata(User::class) :
      $metadata
    );
  }
}

Symfony Security Authorization

There are several way to make authorization on your site with Symfony.
First is in your security.yml on the same level as firewalls tag:

access_control:
        - { path: ^/admin, roles: ROLE_USER }

This will block all users that don’t have ‘ROLE_USER’ to admin page.

Second option is to use Controller. Inside Method insert:

        if(!$this->get('security.authorization_checker')->isGranted('ROLE_ADMIN')){
            throw $this->createAccessDeniedException('GET OUT!');
        }

Or like this:

$this->denyAccessUnlessGranted('ROLE_ADMIN');

This will deny access to all users that don’t have ‘ROLE_ADMIN’ to this method.

You can also use annotations:

/**
* @Security("is_granted('ROLE_ADMIN')")
*/

Annotations also work if you add them to the Class. So they will block all users that don’t have ‘ROLE_ADMIN’ to this class.

Continue reading “Symfony Security Authorization” »

Symfony Security Authentication

Create Entity named User

< ?php

namespace AppBundle\Entity;

use Symfony\Component\Security\Core\User\UserInterface;
use Doctrine\ORM\Mapping as ORM;

/**
 * @ORM\Entity
 * @ORM\Table(name="user")
 */
class User implements UserInterface
{
    /**
     * @ORM\Id
     * @ORM\GeneratedValue(strategy="AUTO")
     * @ORM\Column(type="integer")
     */
    private $id;

    /**
     * @ORM\Column(type="string", unique=true)
     */
    private $email;

    /**
     * @ORM\Column(type="string")
     */
    private $password;

    private $plainPassword;

    public function getUsername()
    {
        return $this->email;
    }

    public function getRoles()
    {
        return ['ROLE_USER'];
    }

    public function getPassword()
    {
        return $this->password;
    }

    public function getSalt()
    {
    }

    public function eraseCredentials()
    {
        $this->plainPassword = null;
    }

    /**
     * @param mixed $email
     */
    public function setEmail($email)
    {
        $this->email = $email;
    }

    /**
     * @param mixed $password
     */
    public function setPassword($password)
    {
        $this->password = $password;
    }

    /**
     * @return mixed
     */
    public function getPlainPassword()
    {
        return $this->plainPassword;
    }

    /**
     * @param mixed $plainPassword
     */
    public function setPlainPassword($plainPassword)
    {
        $this->plainPassword = $plainPassword;
        //This should be here to set value for password to activate doctrine listeners
        $this->password = null;
    }



}

and generate migration:

#php bin/console doctrine:migrations:diff
#php bin/console doctrine:migrations:migrate

Continue reading “Symfony Security Authentication” »

PHP CURL Function Example

This function is populated with all needed data for curl to be executed

function get_curl($site_url){
	$ch = curl_init();

	curl_setopt($ch, CURLOPT_URL, $site_url);
	curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
	curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "GET");
	curl_setopt($ch, CURLOPT_ENCODING, 'gzip, deflate');

	$headers = array();
	$headers[] = "Accept-Encoding: gzip, deflate, sdch";
	$headers[] = "Accept-Language: en-US,en;q=0.8";
	$headers[] = "Upgrade-Insecure-Requests: 1";
	$headers[] = "User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.59 Safari/537.36";
	$headers[] = "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8";
	$headers[] = "Referer: $site_url";
	//Set a cookie if needed (you can set other values)
	$headers[] = "Cookie: D_SID=185.196.133.50:u147oywWqvEJoD/GIlY10erXbeio1QIKGdi6Vo6/HVo; D_IID=0108BE8F-6C68-31CF-9B9D-4308308DB3A6; D_UID=5A4BCE68-9FD2-3A70-B1DF-376B7D77FD4B; D_ZID=248B7EFC-E23A-3F71-A675-764EA373AEC6; D_ZUID=4DFFC8BD-0AD9-3DE0-94AE-60A57D49736A; D_HID=07EDD9E4-1EDF-3EE3-9D52-B67B5952F6EC";
	$headers[] = "Connection: keep-alive";
	curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);

	$result = curl_exec($ch);

	if (curl_error($ch)) {
		$output['status'] = '404';
		$output['msge'] = curl_error($ch);
	} else {
		$output['status'] = 'ok';
		$output['html'] = $result;
	}

	curl_close ($ch);
	return $output;
}

Send Array to API with POST

function send_curl(array $array)
    {

        $api = 'https://localhost/services/api';
        $action = 'test';
        $password = 'TestPass';

        $ch = curl_init($api);
        curl_setopt($ch, CURLOPT_POST, 1);
        curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query(
            [
                'password' => $password ,
                'data' => $array,
                'action' => $action,
            ]
        ));
        curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
        curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
        curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);

        $serverOutput = curl_exec($ch);
        curl_close($ch);

        return $serverOutput;
    }