18 May, 2023

Laravel Security Middleware

                No comments   

 Laravel provides a set of middleware that you can use to enhance the security of your web application. These middleware can help protect against common security threats and vulnerabilities. Here are some of the security middleware provided by Laravel:


EncryptCookies: This middleware encrypts the cookies used by your application, making it more difficult for attackers to tamper with or read the cookie data.


VerifyCsrfToken: Cross-Site Request Forgery (CSRF) is a common web vulnerability. This middleware automatically checks that each incoming POST, PUT, PATCH, or DELETE request includes a valid CSRF token, protecting against CSRF attacks.


TrustedProxies: If your application is behind a reverse proxy or load balancer, you can use this middleware to specify the trusted proxy addresses. This helps ensure that Laravel correctly identifies the client's IP address.


FrameGuard: This middleware adds the X-Frame-Options header to responses, which can protect against clickjacking attacks by controlling how your application can be embedded within an iframe.


ContentSecurityPolicy: This middleware sets the Content-Security-Policy header, allowing you to define a policy for controlling what types of content can be loaded by your application. This helps prevent various types of attacks, such as cross-site scripting (XSS) and data injection.


XssFilter: This middleware enables the built-in XSS protection provided by Laravel. It automatically filters the request input for potential XSS (cross-site scripting) attacks.


SecureHeaders: This middleware adds various security-related headers to the response, including Strict-Transport-Security, Content-Security-Policy, X-Content-Type-Options, X-XSS-Protection, and more. These headers can help protect against different types of attacks and vulnerabilities.


To use these security middleware in your Laravel application, you can add them to the middleware stack in the App\Http\Kernel class. You can specify the desired middleware and their order within the protected $middleware or protected $middlewareGroups arrays.


It's worth noting that these are just a few examples of the security middleware provided by Laravel. Depending on your application's specific requirements and the level of security you need, you may consider using additional security measures, such as authentication and authorization middleware, input validation, and output sanitization, to ensure the overall security of your application.

Laravel Octane Adds Support for Roadrunner v3

           ,      No comments   

 The Laravel team relased Laravel Octane V2, with support for Roadrunner V3:

The pull request brings Octane up to date with Release v2023.1.0 and beyond (also known as V3), so check out the "2023" releases to see what's new with Roadrunner.

A huge thanks to Nuno Maduro, who added support for RoadRunner v3 and upgraded Octane dependencies to keep things tidy! If you're already running Octane, check out the upgrade guide to upgrade to V2.

To get started with Laravel Octane, check out the official docs.

Laravel Octane

                No comments   

 Laravel Octane is a package developed by Laravel that allows you to optimize the performance and scalability of your Laravel applications. It achieves this by leveraging Swoole or Roadrunner as the underlying application server.

Traditionally, Laravel applications run on a per-request basis, where each request starts a new PHP process. This can result in overhead due to the initialization and bootstrapping process for each request. Octane addresses this by introducing persistent long-lived processes that can handle multiple requests concurrently, significantly improving the performance and throughput of your Laravel application.

By using Octane, you can benefit from features such as:

  1. High concurrency: Octane leverages Swoole or Roadrunner to handle multiple requests simultaneously, allowing your application to handle a higher number of concurrent connections and improving overall performance.

  2. Preloading: Octane supports preloading, which allows you to load your application's PHP code into memory ahead of time. This reduces the overhead of class autoloading and improves response times.

  3. Improved memory usage: Octane optimizes memory usage by reusing long-lived PHP processes instead of starting a new process for each request. This can result in more efficient memory utilization and increased application capacity.

  4. Task scheduling: Octane provides a task scheduler specifically designed for long-lived processes. This allows you to schedule tasks and jobs within your application without relying on external cron jobs or queue workers.

It's important to note that Octane requires certain prerequisites and may have specific configuration requirements depending on the chosen application server (Swoole or Roadrunner). You can refer to the official Laravel Octane documentation for detailed instructions on installation, configuration, and usage.

Keep in mind that as of my knowledge cutoff in September 2021, Laravel Octane was still a relatively new package, and further updates and enhancements may have been introduced since then. Therefore, I recommend consulting the official Laravel documentation or Laravel community resources for the most up-to-date information on Laravel Octane.

Laravel 10.11 Released

           No comments   

Laravel 10.11 is here with the ability to retrieve a timestamp Carbon instance from a UUID, making the new Sleep class macroable, and more. The post Laravel 10.11 Released appeared first on Laravel News. Join the Laravel Newsletter to get Laravel articles like this directly in your inbox. ---

17 May, 2023

How can I use Dependency Injection to pass Application() to ViewModel() using Hilt in Android Studio?

           No comments   

I 'm using Hilt as Dependency Injection, I hope to DI class UIApp into class SoundViewModel, so I use fun provideUIApp(): UIApp {...} as the following code. I know Application() is a special class in Android , I don't know whether the way below is good, could you tell me ? @HiltAndroidApp class UIApp : Application() { fun log(){ Log.e("my","Server") } } @InstallIn(SingletonComponent::class) @Module object ObjectModule { @Provides @Singleton fun provideUIApp(): UIApp { return UIApp() } } @HiltViewModel class SoundViewModel @Inject constructor( private val myapp: UIApp, private val savedStateHandle: SavedStateHandle ): ViewModel() { ... }

16 May, 2023

APM vs. Application Performance Observability - What’s the Difference

           No comments   

You’ve likely heard the term Observability lately. There’s a fundamental change taking place in the Monitoring space, and Observability is behind it. Observability itself is a broad topic, so in this post we’ll talk about what it means to move from Application Performance Monitoring to Application Performance Observability . The post APM vs. Application Performance Observability - What’s the Difference appeared first on Laravel News. Join the Laravel Newsletter to get Laravel articles like this directly in your inbox. ---

15 May, 2023

14 May, 2023

13 May, 2023

12 May, 2023

Write Shell Scripts like Blade Components With Task Runner

           No comments   

Learn about Laravel Task Runner, a package by Pascal Baljet that lets you write Shell scripts like Blade Components and run them locally or on a remote server. The post Write Shell Scripts like Blade Components With Task Runner appeared first on Laravel News. Join the Laravel Newsletter to get Laravel articles like this directly in your inbox. ---

11 May, 2023

10 May, 2023

Create Repeatable Models with Laravel Recurring Models

           No comments   

The Recurring Models package for Laravel is the ultimate solution for adding recurring functionality to your Laravel Models. The post Create Repeatable Models with Laravel Recurring Models appeared first on Laravel News. Join the Laravel Newsletter to get Laravel articles like this directly in your inbox. ---

09 May, 2023

08 May, 2023

Single controller action for POST and GET form (symfony) vs separate action (laravel) - what speaks for symfony?

           No comments   

symfony argues this: Rendering forms and processing forms are two of the main tasks when handling forms. Both are too similar (most of the time, almost identical), so it's much simpler to let a single controller action handle both. https://symfony.com/doc/6.0/best_practices.html#use-a-single-action-to-render-and-process-the-form now I think I disagree with it (I much seem to prefer https://www.youtube.com/watch?v=MF0jFKvS4SI&ab_channel=AdamWathan ). The thing is, the symfony forms ( https://symfony.com/doc/current/components/form.html ) and processing is done in a way that it simplifies actually doing it in one controller. There is no form component with laravel, and thus less incentives to reuse the same controller function (as you dont have to initialize the form component). What I saw as well a lot is that after validation failing, in symfony you dont do a redirect but instead do a rerender https://github.com/symfony/demo/blob/main/src/Controller/BlogController.php#L131 . This actually causes the user on pressing ctrl+r or refresh, to resubmit the form again which I don't think is what is intended behaviour? Is there something I am missing? What do you guys subjectively prefer? submitted by /u/Iossi_84 [link] [comments]

07 May, 2023

What stack involving laravel do you (or your company) use?

           No comments   

In the dev sub-department of my company where I work, some of our old apps (3-5 years old) were built on Symfony + MySQL. Most of our newer greenfield projects are built now using Laravel + MySQL or Python (Flask + PostgreSQL). submitted by /u/shadowninja555 [link] [comments]

06 May, 2023

PostgreSQL Full Text Search for Laravel Scout

           No comments   

Use PostgreSQL native full text search in Laravel Scout with this community package. The post PostgreSQL Full Text Search for Laravel Scout appeared first on Laravel News. Join the Laravel Newsletter to get Laravel articles like this directly in your inbox. ---

05 May, 2023

04 May, 2023

Small but powerful CLI apps with Minicli

           No comments   

Building CLI applications can be a lot of fun. We don't have to worry about the UI, and we can write beautiful PHP code that doesn't need any build steps. The post Small but powerful CLI apps with Minicli appeared first on Laravel News. Join the Laravel Newsletter to get Laravel articles like this directly in your inbox. ---

03 May, 2023

LDAP Framework for PHP

           No comments   

LdapRecord is a full-featured LDAP framework LdapRecord is a framework that helps you quickly integrate LDAP into your PHP applications. The post LDAP Framework for PHP appeared first on Laravel News. Join the Laravel Newsletter to get Laravel articles like this directly in your inbox. ---

02 May, 2023

Use ChatGTP to ask a question to the Laravel Docs

           No comments   

Ask a Question to the Laravel docs is a new project that uses ChatGTP to generate answers to your questions from the official Laravel documentation. The post Use ChatGTP to ask a question to the Laravel Docs appeared first on Laravel News. Join the Laravel Newsletter to get Laravel articles like this directly in your inbox. ---

01 May, 2023

Why does caching feels slower?

           No comments   

My app runs a lot of identical queries on small tables with less than 10 items. The tables are like statuses for orders. ​ ID value 1 pending 2 taken for example When I run the following code, I get a weird output. $timer = new Timer(); echo 'normal '; $timer->start(); for ($i = 0; $i < 1; $i++) { Status::all(); } echo $timer->stop()->asString() . " "; $timer->start(); for ($i = 0; $i < 10; $i++) { Status::all(); } echo $timer->stop()->asString() . " "; $timer->start(); for ($i = 0; $i < 100; $i++) { Status::all(); } echo $timer->stop()->asString() . " "; echo 'cache '; $timer->start(); for ($i = 0; $i < 1; $i++) { Cache::remember('Status', now()->addMinutes(10), function () { return Status::all(); }); } echo $timer->stop()->asString() . " "; $timer->start(); for ($i = 0; $i < 10; $i++) { Cache::remember('Status', now()->addMinutes(10), function () { return Status::all(); }); } echo $timer->stop()->asString() . " "; $timer->start(); for ($i = 0; $i < 100; $i++) { Cache::remember('Status', now()->addMinutes(10), function () { return Status::all(); }); } echo $timer->stop()->asString() . " "; echo 'normal '; $timer->start(); for ($i = 0; $i < 1; $i++) { Status::whereValue('pending')->get(); } echo $timer->stop()->asString() . " "; $timer->start(); for ($i = 0; $i < 10; $i++) { Status::whereValue('pending')->get(); } echo $timer->stop()->asString() . " "; $timer->start(); for ($i = 0; $i < 100; $i++) { Status::whereValue('pending')->get(); } echo $timer->stop()->asString() . " "; echo 'cache '; $timer->start(); for ($i = 0; $i < 1; $i++) { Cache::remember('Status', now()->addMinutes(10), function () { Status::whereValue('pending')->get(); }); } echo $timer->stop()->asString() . " "; $timer->start(); for ($i = 0; $i < 10; $i++) { Cache::remember('Status', now()->addMinutes(10), function () { Status::whereValue('pending')->get(); }); } echo $timer->stop()->asString() . " "; $timer->start(); for ($i = 0; $i < 100; $i++) { Cache::remember('Status', now()->addMinutes(10), function () { Status::whereValue('pending')->get(); }); } echo $timer->stop()->asString() . " "; With this output normal 00:00.002 00:00.023 00:00.237 cache 00:00.015 00:00.150 00:01.516 normal 00:00.001 00:00.015 00:00.154 cache 00:00.014 00:00.153 00:01.518 Why does caching make the process 10 times slower? If caching isn't usable for small and simple queries, what should I do to improve my performance? submitted by /u/bububeti [link] [comments]

30 April, 2023

How to manage data and perform CRUD operations on a "models" that are stored in YAML files rather than in my database?

           No comments   

I'm building an LMS and want to add a feature where tutors can create quizzes and students can attempt those quizzes. I want the quizzes to be stored as YAML files rather than in my database (I'm using MySQL). The main two reasons being so that they can be easily version controlled and faster to retrieve. Stack: - Breeze scaffolding (Vue & Inertia SSR) - Filament admin panel My question is, since I don't have a quizzes table, is there still some way I can make a Quiz model? Because it seems to me that I would instead have to make a Quiz class that doesn't extend Model and parses a given YAML file. Surely there must be some packages out there that allow you to work with models and Eloquent for data stored in flat-files. Another approach I could try is installing Statamic into my project but seems a bit overkill to have both Filament and Statamic on the same project for what is essentially a single Statamic collection (Quizzes). A Quiz entry might look something like this: title: "Algebra Quiz" author: 3 level: "Intermediate" subject: 2 topics: - Algebra questions: - question: "What is the equation of the line that passes through the points (2, 3) and (-1, 5)?" choices: - "y = 2x + 7" - "y = -2x + 7" - "y = 2x - 7" - "y = -2x - 7" answer: "y = -2x + 7" - question: "What is the value of x in the equation 3x - 7 = 14?" choices: - "7" - "9" - "11" - "15" answer: "7" - question: "What is the solution set for the equation 2x + 5 = 9?" choices: - "{2}" - "{2.5}" - "{3}" - "{3.5}" answer: "{2}" Regarding author and subject fields, I'm not sure whether to store these as IDs as I did above, or with some UUID such as email for author and slug for subject. submitted by /u/lewz3000 [link] [comments]

29 April, 2023

Top 10 Laravel Audit Security Issues

           No comments   

Let’s dive in and check out the ten most common security issues I've discovered during my security audits. The post Top 10 Laravel Audit Security Issues appeared first on Laravel News. Join the Laravel Newsletter to get Laravel articles like this directly in your inbox. ---

28 April, 2023

Laravel 10.9 Multiple Image Upload In PHP

                No comments   

 

<form action="uploading.php" method="POST" enctype="multipart/form-data">

    <input type="file" name="image_path[]">

</form>


$files = $request->file('image_path');

            //upload multipal file one row diffrent name with seprate comma

            $i = 0;


            if($request->hasfile('image_path')){

                foreach ($files as $file) {                   

                    // $name = $file->getClientOriginalName();

                    //with $i help you save diffrent name file

                    $name = time() . $i . '.' . $file->getClientOriginalExtension();

                    //movie file in folder location

                    $file->move(public_path().'/backend/image/',$name);

                    $datavk[] = $name;

                    //save data in database with diffrent name with comma

                    $user->document_name = implode(",",$datavk);

                    $i++;

                }

            }

Using attributes to add value

           No comments   

PHP Attributes were added in version 8.0 of the language, and it has been a misnomer for many developers. What are their benefits, and how can I use them? The post Using attributes to add value appeared first on Laravel News. Join the Laravel Newsletter to get Laravel articles like this directly in your inbox. ---

27 April, 2023

Laravel 10.9 Released

           No comments   

Laravel 10.9 is out with new features like defining route middleware with named static methods, HTTP status assertions, and more. The post Laravel 10.9 Released appeared first on Laravel News. Join the Laravel Newsletter to get Laravel articles like this directly in your inbox. ---

26 April, 2023

Going past Actions in Laravel

           No comments   

Over the last year or so, the Action based approach has been gaining popularity in the Laravel world. I was a big fan of this and adopted it relatively early on The post Going past Actions in Laravel appeared first on Laravel News. Join the Laravel Newsletter to get Laravel articles like this directly in your inbox. ---

25 April, 2023

Laravel Vapor application observability with Inspector

           No comments   

An extended tutorial on integrating Inspector observability platform to monitor your Laravel application deployed with Vapor. The post Laravel Vapor application observability with Inspector appeared first on Laravel News. Join the Laravel Newsletter to get Laravel articles like this directly in your inbox. ---

24 April, 2023

Weekly /r/Laravel Help Thread

           No comments   

Ask your Laravel help questions here. To improve your chances of getting an answer from the community, here are some tips: * What steps have you taken so far? * What have you tried from the documentation? * Did you provide any error messages you are getting? * Are you able to provide instructions to replicate the issue? * Did you provide a code example? * Please don't post a screenshot of your code. Use the code block in the Reddit text editor and ensure it's formatted correctly. For more immediate support, you can ask in the official Laravel Discord. Thanks and welcome to the /r/Laravel community! submitted by /u/AutoModerator [link] [comments]

23 April, 2023

SpinLock VB.Net Example From MSDN Possibly Produces Incorrect Behaviour

           No comments   

The code below is part of an example from MSDN. It is the example on how to use SpinLock but to my eye there is a race condition in it. Why I think this is because of the Dim lockTaken As Boolean = False line in the UpdateWithSpinLock method. It appears to me that the following could occur: Thread 1 enters UpdateWithSpinLock method and executes as far as _queue.Enqueue(d) and a context switch occurs. Thread 1 now has the SpinLock and lockTaken is True. Thread 2 enters and only executes as far as the line Dim lockTaken As Boolean = False. Thread 2 has now set lockTaken back to False and a context switch occurs. Thread 1 continues and tests lockTaken in the Finally block and finds it to be False (it should be True for Thread 1) so doesn't release the SpinLock. Thread 1 exits the method leaving the lock inplace and thread 2 waiting forever. Imports System.Threading Imports System.Threading.Tasks Class SpinLockDemo2 Const N As Integer = 100000 Shared _queue = New Queue(Of Data)() Shared _lock = New Object() Shared _spinlock = New SpinLock() Class Data Public Name As String Public Number As Double End Class Shared Sub Main() UseSpinLock() Console.WriteLine("Press a key") Console.ReadKey() End Sub Private Shared Sub UpdateWithSpinLock(ByVal d As Data, ByVal i As Integer) Dim lockTaken As Boolean = False Try _spinlock.Enter(lockTaken) _queue.Enqueue(d) Finally If lockTaken Then _spinlock.Exit(False) End If End Try End Sub Private Shared Sub UseSpinLock() Dim sw = Stopwatch.StartNew() Parallel.Invoke( Sub() For i As Integer = 0 To N - 1 UpdateWithSpinLock(New Data() With {.Name = i.ToString(), .Number = i}, i) Next End Sub, Sub() For i As Integer = 0 To N - 1 UpdateWithSpinLock(New Data() With {.Name = i.ToString(), .Number = i}, i) Next End Sub ) sw.Stop() Console.WriteLine("elapsed ms with spinlock: {0}", sw.ElapsedMilliseconds) End Sub Shared Sub UpdateWithLock(ByVal d As Data, ByVal i As Integer) SyncLock (_lock) _queue.Enqueue(d) End SyncLock End Sub Private Shared Sub UseLock() Dim sw = Stopwatch.StartNew() Parallel.Invoke( Sub() For i As Integer = 0 To N - 1 UpdateWithLock(New Data() With {.Name = i.ToString(), .Number = i}, i) Next End Sub, Sub() For i As Integer = 0 To N - 1 UpdateWithLock(New Data() With {.Name = i.ToString(), .Number = i}, i) Next End Sub ) sw.Stop() Console.WriteLine("elapsed ms with lock: {0}", sw.ElapsedMilliseconds) End Sub End Class Is the way I'm interpreting this correct. If it's not could you please show me what I'm missing. Thanks in advance.

Meta

Popular Posts

Categories

Social Media Links

Blog Archive

Laravel News

Loading...