I have a custom URL route for a controller action i.e:
['pattern'=>'<username>/<post_slug>', 'route'=>'post/view'],
Entering something like localhost/thisismyname/my-user-post would call post/view with the username and post_slug parameters as intended.
The issue with this route is that all my other controller actions no longer work. localhost/post/index would call post/view with the parameters post as username and index as post_slug.
Is there an efficient way to give priority to <controller>/</action> URLs, and if there's no said <controller>/<action> it would pass the parameters as <username>/<post_slug> to the post/view URL route?
I don't want to create a separate route like site/<controller>/<action> or manually add every controller & action as a route into the URL Manager since both are ugly workarounds.
The rule that you specify is very ambigous, so almost any route match it.
You can write a urlRule class and check, is the route <username>/<post_slug> route or not.
As another solution you can place this rule at the very end of your urlManager's rules configuration array.
Related
I'm making a web app where users can create pages, edit them, and delete them. In developing the prototype, I have a user access a route such as:
localhost:8000/mypage/1
The "1" in the URL refers to the ID in the database, so that the controller can fetch the appropriate associated data and populate the page accordingly.
The obvious problem here is that a user can plug in any number to that URL and edit someone else's page.
One obvious fix would be to add logic that checks whether or not page '1' belongs to the Auth::user(). But this would be an if statement that I have to add to every controller that carries out such function.
When I think about other sites, they never have ID's in the URL, or if they do, they look 'encrypted' in some form. What is the best practice for changing an ID into some uninterpretable string that I frequently see done on other websites?
Thank you for any help.
why don't you just use a middleware that check if the route can be acceded by the user? then you can call it with
$this->middleware('middlewareName');
in the controller that you need it or even in the web.php if you want a whole set of routes protected
I'm running into an issue with the redirection that happens after a user of my app authenticates with Keycloak.
My app uses react-router hashRouter. When the initial redirect happens, I get a redirect_fragment that looks something like this:
http://localhost:3000/lol.html?redirect_fragment=%2F&redirect_fragment=%2Fstate%3D1c5900ee-954f-4532-b01c-dcf5d88f07a2%26code%3DKZNXVqQCcIXTCFu2ZIkx4quXa6zJb59zGKpNIhZwfNo.d2786d1e-67cd-437f-a873-bad49126bad4&redirect_fragment=%2Fstate%3D51a9cb44-b80a-4c14-8f3d-f04dfdb84377%26code%3Dp5cKQ7xVCR_n1s4ucXZTSE3O1T5lwNri_PBKD07Mt1Y.63364a83-f04f-4e64-a33e-faf00f6cd4ff&redirect_fragment=%2Fstate%3D05155315-ab60-4990-8d4e-444c7cce9748%26code%3DBxxpf_uMB28rKAQ6MXFTTrL9RE4rC3UtwCMXLu_K1Zo.4ce56da0-8e52-47e3-a0f2-4f982599bb98#/state=f3e362e4-c030-40ac-80df-9f9882296977&code=8HHTgd3KdlfwcupXR_5nDV0CqZNPV1xdCu3udc6l5xM.97b3ea71-366a-4038-a7ce-30ac2f416807
The URL keeps growing from there. I've read a few posts already that indicate that redirection from keycloak might have a problem with client-side routing via location.hash ... Any thoughts would be appreciated!
I think I figured it out!
The redirection loop seems to stop if I use the 'noslash' hashRouter instead of the default which contains a slash.
My URLs look like this: localhost:3000/lol.html#client/side/route
instead of this: localhost:3000/lol.html#/client/side/route
The redirection now seems to terminate appropriately after one redirect, but now I'm running into a different problem where the hash portion of my route is not being honored by react-router...
EDIT: I figured the second issue out
react-router creates a wrapper around window.location that it uses to tell which client side "page" it is currently on. I found that this wrapper was out of sync with window.location.
Check this console output out. This was taken immediately after the redirection resolved (and the page was blank):
history pathname is /state=aon03i-238hnsln-soih930-8hsdlkh9-982hnkui-89hkgyq-8ihbei78-893hiugsu
history hash is (empty)
window.location pathname is /lol.html
window.location hash is #users/1
The state=blah-blah-blah in the history.pathname is part of the redirect url that keycloak sends back after auth. You'll notice that window.location is updated to the correct path / hash, but that history seems to be one URL behind. Maybe keycloak directly modifies window.location to perform this redirection?
I tried using a history.push(window.location.hash) to push the hash fragment and update react router, but got the error "this entry already exists on the stack". Since it clearly is not on the top of the location stack, this led me to believe that react-router compares window.location with its internal location to figure out where it ultimately is. So how did I get around this?
I used history.replace() instead, which just replaces the entry on the top of the stack with a new value, instead of pushing a new entry to the stack. This also makes sense, since we don't want users who navigate "back" in their browsers to go back to that /state=blah-blah-blah url <-- replace eliminates this entry from the history stack.
One final piece: react-router history.location, like window.location, has both pathname and hash components. HashRouter uses the history.location.pathname component to keep track of the client side route after the hash in the browser. The equivalent of this in window.location is stored in window.location.hash, so we will be using this as the value passed to history.replace() instead of window.location.pathname. This confused me for a bit, but makes sense when you think about it.
react-router history also keeps track of its current route with a prepended / instead of a prepended #, since it's just treating it like any normal URL. Before I called history.replace(), I needed to take my window.location.hash, replace the leading hash with a / and then pass that value history.replace()
const slashPath = window.location.hash.replace('#', '/');
history.replace(slashPath);
Whew!
I am developing a Cordova App, and I use a URL parameter to manipulate or control my pages. e.g.:
file:///App/www/index.html?goto=profile
What I am trying to do is to remove the goto parameter from the URL.
An example use case: the user login using a temporary password. When the user logged in successfully the app will point them to the "change password" page, which is represented by a parameter on the url - ?goto=profile. Now the url has this parameter.
The problem here is that two parameters are set; ?goto=profile and ?goto=messages (directed the user on his inbox page). So the url now would be file:///App/www/index.html?goto=profile?goto=messages.
How to remove the ?goto=profile in the url without reloading the page?
to add multiple search query parameters, concatenate them with an ampersand (&). e.g.:
file:///App/www/index.html?goto=profile&goto=messages
if you don't want multiple parameters (they have the same name, so i presume you only want to replace the goto parameter value), just overwrite it.
i don't know the implementation used for routing, as you did not specify it in your question, but with plain javascript, it'd be something like this:
location.search = 'goto=messages';
I have Redux app with React Router (based on https://github.com/este/este).
Inside one Route, there may be more than 1 AJAX calls (fired by redux-promise-middleware & redux-thunk). When the page changes (via react-router) I wish to reject all remaining _SUCESS or _FAILED callback actions fired by the previous route.
What is the best way to do this?
I'd suggest that you make the data you fetch page-aware. Meaning that in the action where the fetch is started, add a page-context. When the reducer gets the data it can either save it for that page-context or it can throw it away if the location is not the same as your browser (meaning that the user has navigated away). If you keep the data for the different pages/contexts you also have the bonus of these being ready if the user returns (if that is something that you'd want).
You are on url "/pageX". You start fetching data and the action makes sure that the page-context is remembered for when the SUCCESS action is to be dispatched. When the reducer handles the action it stores the data in store.context["/pageX"].data (or similar). Note: This is where you could also throw it away (reject) in case the current location is not the same as the received data.
The UI should know how to ask/use data from the context that matches it's location only.
You might also want to consider tracking the browser-location in the state for the app...
I have a plugin and i need to load a different routing.yml file based on a variable in the query string.
Example:
if($request->getParameter('page'){
// use routingPage.yml
}
else{
// use another routing.yml
}
So, If the page parameter in url the url_for('#route1'), will return one url, else the same url_for('#route1') would return other url.
How can override the rouing.yml loading mechanism to do what I want?
Every application can have only one routing.yml (of course it can be overrided by other plugins).
The reason for this is quite simple: If you want to use multiple routing files (say routing1.yml and routing2.yml), and they both have a route called route1, which redirects to controller1/action and controller2/action respectively.
Maybe you would be able to switch it in the view, and go to controller1/action in the one case and controller2/action in the other. But then: when a new request arrives, and the front controller is determining which controller / action to execute: how does it now which routing.yml to use?
So I don't know exactly what you're trying to achieve, but I would go for two routes in your routing.yml, and select the route based on your view parameters.