I need to store client's timezone.
Haven't found a way to write it to DB using migration (laravel 8.5).
The purpose is like just display current time depends on what timezone user have selected.
What is the best practice to store client's timezone?
Usually the better way is to use UTC timezone in app.config.php , save registered user's timezone in database and display the result accordingly.
Just check this nice blog https://qcode.in/managing-users-timezone-in-laravel-app/
Related
I've just begun attempting to use UTC on MySQL and it seems that my download did not include a timezone file and doesn't support it (it shows up as NULL).
I've looked around the MySQL website for a way to get timezone support loaded, but I can't seem to find anything.
Can someone walk me through the process or tell me whether there's a file I should import? I've already seen the manual pages, but it doesn't seem to apply to my situation.
Thanks!
What exactly are you trying to do?
The usual way would be to ignore timezone issues when you're storing things in the database. Put them in as timestamps, which will be timezone-agnostic (i.e., they'll be the time in UTC). When you want to display something in your application, you will need to retrieve the timestamp from the database and display it according to the appropriate timezone for the machine it's running on.
My website mostly use Django + Mysql and sometimes Redis for some frequently access data.
My problem is how to sync data from Mysql to Redis automatically when I write data to Mysql by Django admin page.
Thank you for giving me some advice. It also will be appreciated if someone can tell me how to write data into Redis directly by Django admin page
Thank you!
What you want to achieve looks like using Redis as a cache. The pattern is:
Always look for the data in redis
If it's not in redis, get it from MySQL
and store it in Redis with an expiration date, using the expire command
Doing it like this, you have to modify you app, not the admin page. But there could be a delay between the writing of the informations in the admin page, and their availability to the clients.
You may delete the data from the Redis cache in the admin, when storing them, to ensure the newest version will always be delivered. But you will have to modify Django admin page for this.
I have a web app which I want to work internationally.
I can ask each user their time zone and store it, no problem. Then I'm looking to store all dates in UTC and make the adjustments when transacting from the database.
Firstly, is this the best way to do it, or are there any other suggestions?
Secondly, does anybody know how best to convert the timezones when going to and from the database? Could I create some clever layer (in the zend framework) that does this automatically based on the php environment timezone, or would I need to update all of my queries?
Many thanks!
Zend_Date does all of this and much more .
I am currently planning a project in which revision safety of the database data is important. This means: we want to be able to proof that the data in the database was not tempered with since it was imported - no user changed the value, no db admin logged into the database and changed it.
What is the best way to achieve this?
Till now, I like the idea of signing the database row best: I create a MD5 hash of all the fields in the row, then send it to a timestamping signing server (have a look on wikipedia) and store the created signature with the row. From this time on, we can prove that no one changed the row since this stamp was created.
Any better ideas? And, if you like the idea as much as I do, what timestamp server should I use and how can I access it? The Verisign Timestamp Server seems to be used a lot, but I could not find any documentation on how to use it "raw", e.g. without the Microsoft code signer tools etc.
Thank you!
Time stamp servers are usually not free-to-use.
Alternatively you may use an HMAC-MD5 (or HMAC-SHA1) instead and use a password that is only known to the authorized user. The password is of course not directly used, better via PKCS#5 or at least hashed with a seed. Without the password noone can verify or recreate the HMAC-MD5
We need to deploy application(developed by Java) WAR file in client place which make use of MySql 5.0. But we would like to restrict the client (the application owner, not the webpage visitor) from modifying any data in the database. Is there any way to protect data. The client can make use of the application but they should not be able to change any value in database. How to do that?
Manage Role/User permissions
Create an sql user (you should already have one), which will have only SELECT permission. So it would be something like
GRANT SELECT ON db_base.* TO db_user#'localhost' IDENTIFIED BY 'db_passwd';
http://kb.mediatemple.net/questions/788/HOWTO:+GRANT+privileges+in+MySQL
http://blog.wl0.org/2010/01/managing-mysql-grants/
http://www.ntchosting.com/mysql/grant.html
Check links below for further reading
FOR MySQL
Best Practice for Designing User Roles and Permission System?
http://www.databasejournal.com/features/mysql/article.php/3311731/An-introduction-to-MySQL-permissions.htm
http://www.devshed.com/c/a/MySQL/MySQL-User-Account-Management/
Can't set permissions on MySQL user
http://www.aquafold.com/d7/docs/BD5C99E4-3B55-C812-8318-6338A9A89ED9.html
FOR SQL Server.
http://www.databasejournal.com/features/mysql/article.php/3311731/An-introduction-to-MySQL-permissions.htm
http://www.mssqlcity.com/Articles/Adm/SQL70Roles.htm
http://www.sql-server-performance.com/articles/dba/object_permission_scripts_p1.aspx
https://web.archive.org/web/1/http://articles.techrepublic%2ecom%2ecom/5100-10878_11-1061781.html
http://www.databasejournal.com/features/mssql/article.php/2246271/Managing-Users-Permissions-on-SQL-Server.htm
This is impossible; if you deploy the application at the client, he will have the credentials and will be able to log into the MySQL database and pretent he is the application. And thus he can make any change to the database that your application can.
The only way to solve this securely is to make a tier between the client and your MySQL database, and make sure that you control this so that it is only possible to make 'legal' changes.
Just write the code accordingly so that the user doesn't have any chance to modify the database? I.e. the code doesn't execute any INSERT or UPDATE and/or controls the access based on a login/role.
I honestly really don't forsee any problems here, or the code must be prone to SQL injection attacks.
Update: The above answer is actually irrelevant since the question is clarified. Turning into Community Wiki.