@vincent15000 But Laravel cookies are already secure by being HTTP only, optionally HTTPS-only, restricted to path, restricted to domain, and with cross-site restrictions. So what, exactly, “enhanced security” were you trying to add here?

@muhammadali2003 This is why you don’t cut corners: “quick fixes” end up sticking around for much, much longer than intended, and the work to undo them becomes bigger than just doing things properly from the start.

I’ve not worked with WordPress for a few years now, but I’d start by extracting styles for components one-by-one into your theme.css file if you’re building an “old-style” theme. I can’t remember how styles work in block-based themes but again, just extract styles for one component at a time.

@lailaih You need to look into multi-part/chunked uploading for large uploads. This is where the file is sent in multiple chunks (and requests), and then re-assembled server-side. It then means any failing chunks can be re-tried if they fail, and the entire upload paused and resumed.

@adamnet It’s all going to depend on how the projects are hosted, and where the stored files actually live (i.e. on disk, or in some third party store like S3).

If the files are stored on disk, and both projects are hosted on the same server, then you could create a symbolic link so both applications can access the files. If the applications are stored on separate servers with separate file systems, then this obviously becomes much, much more difficult.

@imranbru Wasn’t calling you a bot; just that you were giving OP answers copied from an LLM so it was like OP was chatting with a bot. It’s clear from your comments which ones are written by you (inconsistent formatting and grammar) and which one’s have been sourced from an LLM (suddenly perfect formatting and grammar).

If OP wanted answers from an LLM then they could ask Lary, or something like ChatGPT, themselves instead of waiting for you to do and then copy-and-paste the response.

In project 1users will be able to only submit (post) pdf documents. […] In project 2 the administrators must be able to see all the pdf documents

@adamnet Why are these two different projects in the first place? They’re clearly the same project, just with users with different roles.

Also, @imranbru is just regurgitating an LLM response to you, so you’re essentially chatting with a bot.

@shaungbhone The irony of posting an AI-generated post to complain that you can’t focus when using AI…

@vincent15000 Why have you added that prefix?

I develop on a Mac. Tag line:

Escape the complexity of Docker and WSL. Larabox provides isolated, pre-bundled native binaries for Nginx, PHP, MariaDB, Node.js and more optimized for Windows and live in seconds. 

Pre-bundled native binaries...who is compiling these on or for Windows, there already native binaries.

Docker isn't complex, neither is WSL.

I am a bit old school, if you use Nginx or Apache, you should know how to install and configure them.

More optimized for windows, as to 'less optimized'? How...

@imranbru You’ve pretty much just repeated my comment and examples, and added nothing extra? 🤷‍♂️

Is it possible instead of using the primary key $id to use another field which is not the primary key?

@adamnet Yes? Just specify it?

DB::delete('DELETE FROM users WHERE some_other_column = ?', [$value]);

Alternatively, you can still use the query builder:

DB::table('users')->where('some_other_column', '=', $value)->delete();

@vincent15000 What do you mean by “works” and “doesn’t work”?

We have no idea what data you’re sending, to where, what you expect to see, nor what you’re actually seeing.

@iamyannc Hey. I’ve done a lot of these type of re-factoring and re-platforming projects in the past. The way I’d approach it would be like this:

• Get the application running on a newer version of PHP. So upgrade to 7, fix any usage of deprecated APIs and libraries, and then when possible upgrade to PHP 8 and do the same.
• Once you’ve got the vanilla PHP application running on a modern version of PHP, create a new Laravel application and dump your legacy application’s file in the public directory.
  • Rename Laravel’s index.php file to something like laravel-index.php to avoid clashing with your legacy index.php file.
  • Tweak your .htaccess or nginx config to just load a file if it exists, or fall back to Laravel’s front controller.
• You should now have a Laravel application, but with no requests actually being routed through it to start off with, and instead requests hitting your legacy application as before.
• Slowly start re-factoring your legacy application to Laravel controllers, views, etc. Do this slowly, and one discreet part at a time. Trying to re-factor too much in one go just leads to lots of files being touched, none of them 100% converted, and the dreaded feeling of, “Urgh, I need to git reset this and start over.”
• As you do the above, the number of files from the legacy application will decrease, and the number of Laravel files increase, until you’re left with nothing of the legacy application.

Happy for you to reach out if you have any questions. DM me on Twitter 𝕏 (https://x.com/martinbean) and I can share my email address.

@sbrillo Fortify already requires the bacon/bacon-qr-code package at version 3 (https://github.com/laravel/fortify/blob/fc66a38872a0e304748336d2975f37672c8fca9c/composer.json#L19). The package you’re trying to install wants version 1 of that package, which suggests the package you’re trying to install is massively outdated.

So given Fortify already adds bacon/bacon-qr-code to your Laravel application, just use it directly. You don’t need to install a package to generate QR codes when there’s literally already one installed.

@iamyannc Hey. I’ve done a lot of these type of re-factoring and re-platforming projects in the past. The way I’d approach it would be like this:

• Get the application running on a newer version of PHP. So upgrade to 7, fix any usage of deprecated APIs and libraries, and then when possible upgrade to PHP 8 and do the same.
• Once you’ve got the vanilla PHP application running on a modern version of PHP, create a new Laravel application and dump your legacy application’s file in the public directory.
  • Rename Laravel’s index.php file to something like laravel-index.php to avoid clashing with your legacy index.php file.
  • Tweak your .htaccess or nginx config to just load a file if it exists, or fall back to Laravel’s front controller.
• You should now have a Laravel application, but with no requests actually being routed through it to start off with, and instead requests hitting your legacy application as before.
• Slowly start re-factoring your legacy application to Laravel controllers, views, etc. Do this slowly, and one discreet part at a time. Trying to re-factor too much in one go just leads to lots of files being touched, none of them 100% converted, and the dreaded feeling of, “Urgh, I need to git reset this and start over.”
• As you do the above, the number of files from the legacy application will decrease, and the number of Laravel files increase, until you’re left with nothing of the legacy application.

Happy for you to reach out if you have any questions. DM me on Twitter 𝕏 (https://x.com/martinbean) and I can share my email address.

@randy_johnson Pest is based on PHPUnit. Just take a look at the tests directory in the laravel/laravel repository for the skeleton files you need to go back to using PHPUnit.

@vincent15000 What is your actual question?

@imranbru That is not a solution 😬

In this case what about having a Livewire channel ? It's also a third-party framework, no ?

@vincent15000 No. It’s first-party. Its website (https://livewire.laravel.com) is under the laravel.com domain.

Furthermore NativePHP is now entirely free.

So are a load of Spatie packages. But they don’t have channels.

@jimothee You’ve said yourself that running php -v says your PHP version is 8.2, and Laravel is telling you that it requires a version of PHP that is 8.3 or above. Well when you run Artisan (a CLI tool) it’s going to use the CLI version of PHP, which is not PHP 8.3 or above.

@onurzdgn I truthfully don’t use Digital Ocean or its app platform, but what do either of these have to do with create a backup using mysqldump?

Dockerfiles are for containerising a project; not running one-off commands like mysqldump. And I’ve never used an “Aptfile” whatever that is.

@imranbru Thanks, ChatGPT.

@maurits-leblo Why can’t the sysadmins just set up cron jobs proper in that case?

@brunogritti Sounds like you’re trying to connect over the Internet (i.e. external IP address) rather than through some sort of internal IP address or socket, hence the latency.

@shivamyadav I see you didn’t take my advice (that I’m sure I mentioned a couple of times when you’ve posted about this Google Drive-related project) of moving your Google Client creation logic to a service provider, so that classes then using that client (controllers, etc) just need to type-hint it and it will be automatically built and resolved:

public function register(): void
{
    $this->app->singleton(Client::class, function (Application $app) {
        return new Client([
            'client_id' => $app['config']['services.google.client_id'],
            'client_secret' => $app['config']['services.google.client_secret'],
            'scopes' => 'https://www.googleapis.com/auth/drive',
            'redirect_uri' => $app['config']['services.google.redirect_uri'],
            'prompt' => 'consent',
            'access_type' => 'offline',
        ]);
    });
}

For refreshing access tokens, I have a scheduled task that fires daily to refresh any soon-to-expire access tokens. But again, I’m sure I’ve mentioned this before:

Schedule::command('access-token:refresh')->daily();

If you find you’re unable to refresh an access token (because it’s been revoked by the owner), then you can delete it, and send a notification to the owner telling them they need to re-connect their Google account.

@shibu0708 What exactly is the problem? You can just install the Vue package, and built it with Vite in your Laravel project: https://laravel.com/docs/13.x/vite#vue

Why would you need a “separate installation”?

@max100 Just use Docker. I use it on macOS, but it’ll be even more streamlined on Linux.

All I need to do to get running with a project is clone it and run make. My Makefile then builds the containers (if needed), and runs the project. Vite also works just fine.

@aymanmsh That’s because they pretty much are interchangeable. Those names just refer to a class that encapsulates business logic.

Use cases and actions tend to be individual classes that encapsulate a single process, whereas an application service tends to be a class that groups one or more methods related to a particular concept in a single class. So you might have a OrderService with methods for creating an order, updating an order, cancelling an order, etc.

The important thing is to choose one approach and stick to it. Your codebase should look like a single person has authored it, so that means not using multiple names and approaches for the same thing.

Also, my customary DDD gripe: DDD is more about working with people in a business to create software that accurately models that business and its processes. DDD is not carving your codebase up into modules that you then you then call “domains” instead.

In this case what about having a Livewire channel ? It's also a third-party framework, no ?

@vincent15000 No. It’s first-party. Its website (https://livewire.laravel.com) is under the laravel.com domain.

Furthermore NativePHP is now entirely free.

So are a load of Spatie packages. But they don’t have channels.

Don‘t really think it makes sense as NativePHP is a paid for and third-party. Otherwise every third party with a premium product would want their own dedicated channel.

This forum tends to be more about Laravel and its first-party ecosystem.

I’d personally add a separate timestamp column for recording “start” and “end” dates, just so users can set up training to start at a future date rather than the exact second a record just happens to be created in your database.

What will wasChanged() show for Product A? What about for Product B?

How about just try it out yourself? In tinker or some test artisan command.

@fireblade No one can assist without seeing the actual error, or the code where you try and include Alpine.

@lordzeus As @glukinho says, this is something that would be handled at the web server level, not in application code. The web server (Apache, nginx, etc) honours the request if the certificate is present, and rejects the request if the certificate is missing or invalid.

@mikelmedina Yes, my advice is to use a single table for users. If some users can be trainers, then you could either have some sort of TrainerProfile model that is attached to those users, or just inherently determine if a user is a trainer via the existence of related models, e.g. if they have defined any workouts.

For the associations between users and trainers, I’d create a separate pivot table with two foreign keys, both pointing to a user record. One pointing to the trainer, and one pointing to the user that’s appointed that trainer. If a user can only appoint one trainer at a time, then you can make that foreign key unique.

If when a user selects a trainer, that appointment is temporary (i.e, has a start date and end date) then you can add those as columns on the pivot table. By doing this, you’d also get a historic record of what trainers a user has worked with, and vice versa.

@fireblade If this is a fresh new project, then why are you using Laravel 9? Laravel 9 is so old it’s no longer in the version support table on the Laravel website: https://laravel.com/docs/13.x/releases#support-policy

It Depends™.

@shivamyadav I gave up reading it because of the emoji vomit sprinkled through it, which is a clear indication of it being LLM-generated. I’m sure I must have some form of dyslexia, as whenever emoji is sprinkled in text, I just find it 10× harder to follow and comprehend.

I prefer to spend my time reading and replying to questions written by humans; not LLMs.

@laracoft You _have _set the status? It clear shows it’s set the status to 400 as requested:

HTTP/2 400 

@armanhozyn I’ll never understand why Laravel removed this, as it was great for applying to policy methods to resourceful controller actions.

Nevertheless, you can get it back by importing the AuthorizesRequests trait in your controller:

+ use Illuminate\Foundation\Auth\Access\AuthorizesRequests;

  class CommentController extends Controller
  {
+     use AuthorizesRequests;

      public function __construct()
      {
          $this->authorizeResource(Comment::class);
      }
  }

@shivamyadav Use an LLM to write this post by any chance…?

@swez_k Did you look at the Forge docs? It has a section on zero-downtime deployments: https://forge.laravel.com/docs/sites/deployments#zero-downtime-deployments

@geodro-289809 I’ve been using Docker for years now. How does Podman compare? What does it do differently to Docker?

@vincent15000 You’ve already asked about this multiple times before. I know because I’ve replied to at least two threads on this very topic from you. What was wrong with those suggestions…?

Using a cheap shared hosting package purely for email.

@devharm And you don’t think the IP addresses of shared servers are going to trash your deliverability rates…?

To be honest, I want absolutely nothing to do with email sending so yes, I will use a third-party service (specifically Amazon SES). They handle the infrastructure, the IP address reputation building, etc so I don’t have to worry about it.

@min_khant_saw You don’t want a Laravel package, though. You want to do this client-side, i.e. upload the file direct to S3 using a pre-signed URL. Otherwise you’ve got to upload the file to your server, and then transfer it from your server to Amazon’s server, doubling the upload time (and increasing your storage and transfer costs). This is why I specifically mentioned JavaScript libraries.

@min_khant_saw You’ll need to use multi-part uploading. There are a number of JavaScript libraries that can handle this for you, including AWS’s own JS SDK. The AWS JS SDK repository even has sample code for such: https://github.com/awsdocs/aws-doc-sdk-examples/blob/main/javascriptv3/example_code/s3/scenarios/multipart-upload.js

@sandraalmassri OK? Do that, then?

@developer654079525 Yes, you can create additional files in the config directory.

Personally, I put any configuration for third-party services (like API keys etc) in the existing config/services.php file. But for opcodes, I would define an enum rather than putting it in a configuration file:

namespace App\Enumerations;

enum Opcode: int
{
    case Good = 0;
    case Bad = 1;
}

You could then reference the values using Opcode::Good or Opcode::Bad.

Use enums to define possible values like this.

Yeah it makes sense, thanks for the feedback.