Secure a class for an hydratation from ma form POST

I use php classes for managing users accounts and I wonder if what I’m doing is correct.

I directly use the $ _POST[‘form’] for hydrate User objects. But there is some field that I don’t want user to modify (i.e. : Id_user, admin_level,… [They can be able to do it by creating a new input field called id_user or admin_level, and get admin level])

So i use an argument in each setID or setAdmin_level (a boolean called $ forcer) :

<?php Class User extends Content{ private $  _id_user; private $  _date_inscription; private $  _ip_inscription; private $  _derniere_connexion; private $  _nom_utilisateur; private $  _email; private $  _mot_de_passe; private $  _nom; private $  _prenom; private $  _role;  const USER_UNLOGGED = 0; const USER_LOGGED = 1; const USER_ADMIN = 5;  public function __construct(array $  donnees = null, $  forcer = false) {     if($  donnees){         $  this->hydrate($  donnees,$  forcer);     } }  public function hydrate(array $  donnees, $  forcer = false) {     foreach($  donnees as $  champ => $  valeur){         $  method = 'set'.ucfirst($  champ);         if(method_exists($  this,$  method))         {             if($  forcer){                 try {                     $  this->$  method($  this->securite($  valeur), true);                 }catch(Exception $  e){                     $  this->$  method($  this->securite($  valeur));                 }             }else {                 $  this->$  method($  this->securite($  valeur));             }         }     } }  public function setId_user($  id_user, $  forcer = false) {   if(is_numeric($  id_user)&&$  forcer)   {       $  this->_id_user = $  id_user;       return true;   }else {     $  this->addErreur('id_user','User ID incorrect');     return false;   }  }  public function getId_user() {     return $  this->_id_user; }  public function setDate_inscription($  date_inscription = "") {   if(is_numeric($  date_inscription))   {       $  this->_date_inscription = $  date_inscription;   }else {       $  this->_date_inscription = time();   }  }  public function getDate_inscription() {     return $  this->_date_inscription; }  public function setIp_inscription($  ip_inscription ='') {   if($  ip_inscription)   {       $  this->_ip_inscription = $  ip_inscription;   }else {       $  this->_ip_inscription = $  _SERVER['REMOTE_ADDR'];   } }  public function getIp_inscription() {     return $  this->_ip_inscription; }  public function setDerniere_connexion() {   $  this->_derniere_connexion = time()."#".$  _SERVER['REMOTE_ADDR']; }  public function getDerniere_connexion() {     return $  this->_derniere_connexion; }  public function setNom_utilisateur($  nom_utilisateur) {     $  this->_nom_utilisateur = $  nom_utilisateur; }  public function getNom_utilisateur() {     return $  this->_nom_utilisateur; }  public function setEmail($  email) {   if($  this->is_mail($  email))   {       $  this->_email = $  email;   }else {       $  this->addErreur('email','email incorrect.');       return false;   } }  public function getEmail() {     return $  this->_email; }  public function setMot_de_passe($  mot_de_passe, $  encrypted=false) {   if($  this->is_password($  mot_de_passe))   {     if($  encrypted)     {       $  this->_mot_de_passe = $  mot_de_passe;     }else {       $  this->_mot_de_passe = crypt($  mot_de_passe, $  GLOBALS['salt_crypt']);     }   }else{     $  this->addErreur('mot_de_passe','Mot de passe incorrect. Minimum 6 caractères.');     return false;   }  }  public function getMot_de_passe() {     return $  this->_mot_de_passe; }  public function setNom($  nom) {     $  this->_nom = $  nom; }  public function getNom() {     return $  this->_nom; }  public function setPrenom($  prenom) {     $  this->_prenom = $  prenom; }  public function getPrenom() {     return $  this->_prenom; }  public function setRole($  role, $  forcer = false) {   if(is_numeric($  role)&&$  forcer)   {       $  this->_role = intval($  role);   }else{     $  this->addErreur('role','Role incorrect');     return false;   }  }  public function getRole() {     return $  this->_role; } } // Fin de la classe User 

So, in order to register a new user, I hydrate a new User object with the form POST :

$  user = new User($  _POST['form'], false); 

And I need to set the $ force bool to true for create a new User from an Id or if I want to set a field protected.

$  user = $  userManager->getUserFromId(new User(['id_user' => 1], true)); 

Is this a good way ?

Publish Guest Post On Thriveglobal for $5

Well welcome to are high quality guest post service this site already get’s good traffic amount and has good link strength from it so when you use are service you can rest assured it will be good . Permanent backlink from Thriveglobal.com but even though It’s Do follow, we all know It’s still a really powerful backlink to have pointing towards your money site. ADVANTAGES This is a premium domain with very high Domain Authority, Trust Flow. It can be brainstorm and create an exclusive SEO optimized, attention grabbing, unique article with potential “do follow” link. Why You Should Try My Service: 1. Backlinks to high profile site that increase your SEO ranking. 2. Epic Article 500+, Will be Written and Published By an US Native English writer 3. Permanent Post 4. Google Indexed

by: graphixocean
Created: —
Category: Guest Posts
Viewed: 217


High Authority finance & Business guest post DA 34 for $15

Looking to help boost authority on your website? This gig is just for you! I will publish your content on my high-quality business blog. This blog contains various posts with topics such as: Business Finance How To Investment Marketing Sales Earn & Save money What are the benefits of this gig? – This gig will help pass an authority link straight to your website. This is very powerful as the article will be on the home page of my blog. This is where most of the link’s power comes from. -Getting guest posts such as this one can help boost your search engine rankings for targeted keywords as well as long tail keywords. How does this gig work? 1. Simply send me your article and include 2 keywords you would like to use as your anchor text. 2. I will publish it on the site and add video, images and make sure it is formatted properly. 3. I will then send you the URL of the post once it’s published.

by: alex3882
Created: —
Category: Guest Posts
Viewed: 245


SharePoint POST REST API returning error code 400

I’m attempting to create an item in SharePoint on premise 2016 list using Java and SharePoint API. Forgive me if I missed it – I see a few related questions but they do not seem to really answer my question.

I’m able to do GET and fetch digest value. I am getting error code 400 when attempting to create a list item.

Questions:

  1. Do I still need to worry about authentication? As added complication, I’m attempting to do this using a chatbot attached to internal company messaging system. The sharepoint list is also internal and I never really had to worry about authentication when doing GET or fetching digest value. I’m hoping not because the code is 400, as opposed to 401 or 403
  2. If I do not – from what I’ve read error 400 could be caused because of incorrect data format to be written into the list or some Java peculiarities with respect to setting Content-Length for output stream. Hoping to find clarity on this.

This is my data:

data = {"__metadata":{"type":"SP.Data.MyListTitleListItem"},"Title ":"New Title"} 

My code:

URL url = new URL("https://[SharePoint site]/_api/web/lists/GetByTitle('MyListTitle')/items? HttpURLConnection urlConnection = (HttpURLConnection) url.openConnection(); urlConnection.setRequestProperty("Accept", "application/json;odata=verbose"); urlConnection.setRequestProperty("POST"); urlConnection.setRequestProperty("Content-Type", "application/json;odata=verbose"); urlConnection.setRequestProperty("X-RequestDigest", formDigestValue);  urlConnection.setDoOutput(true); urlConnection.setDoInput(true);  OutputStream os = urlConnection.getOutputStream(); OutputStreamWriter osw = new OutputStreamWriter(os, "UTF-8"); osw.write(data); urlConnection.connect(); 

Is there a reason why you can like your own post?

Facebook, Instagram, and Twitter all enable you to like/favorite your own post. Is there a reason behind why they allow you to favorite your own post? Should it be done an alternate way?

There doesn’t seem to be any real negative since you don’t gain anything from the like directly. At the same time, the purpose of a like is to either help filter content for your preferences, share stuff you like with the people who follow you, and to show support to the poster. None of these apply when you like your own post. Why is this a feature?

How to post embedded YouTube video on Facebook?

In the past, when I shared a YouTube link, it was showing as embedded content. Which allowed the user to watch the video from within Facebook.

Now, when I share a YouTube link it doesn’t embed it anymore (only in comments).

Is there anyway to share the YouTube video as embedded content on Facebook?


I checked this question and the suggested solution is similar to what I used to do before – but it’s 7 years old, so it makes sense that a lot has changed since then.

Mint 19.1: No POST screen visible with new graphic card

My work computer (i7-7700, 64GB RAM) runs Linux Mint 19.1 and Windows 10 in dual boot. This used to work fine, it normally booted Mint unless I pressed F12 during startup and told it to boot windows.

A while ago, the internal graphic chip reached it’s limits, so I received a “Sapphire GPRO 4200 4G GDDR5 PCI-E QUAD MINI DP” graphic card from our IT guy and installed it myself. Without needing to install any drivers, Linux booted properly and all three screens work.

The only problem: There is no more POST screen. All displays stay black until the linux mint bootscreen shows and boot is halfway done. Therefore, I don’t get the opportunity to press F12 and boot into Windows anymore. Could anybody please point me in the right direction of how to solve this?

So far I tried:

  • googling the problem

  • trying two slightly different drivers (amdgpu-pro-18.20, two versions, one from sapphire, one directly from AMD). the install seems to work, however the Graphics card is called “Advanced Micro Devices, Inc. [AMD/ATI] Venus LE / Tropo PRO-L [Radeon HD 8830M / R7 M465X]” in the system info, not sure if this is right

  • I removed the graphics card and went back to using the normal graphics chip, this worked fine, I get my post screen back and can boot windows

  • Practicing when to press F12 and how to select windows using the graphic chip. I then tried the same with the card installed, didn’t work, if I press F12, then down+enter like I normally would to select windows, it somehow aborts the boot process and I am stuck with a blank screen.

Any help would be greatly appreciated. I do 95% of my work in Mint, but sometimes need Windows (mainly for office stuff). I have been using linux for quite a while, but I am still fairly new to many aspects of it.