Laravel 5.7 Guest User Gates

In Laravel 5.6 and below authorization gates and policies automatically return `false` for unauthenticated users. New in Laravel 5.7, you can now allow guests to go through authorization checks by using a nullable type-hint or setting the default value as null. Learn how to use guest-enabled gates in Laravel 5.7!

Visit Laravel News for the full post.

The post Laravel 5.7 Guest User Gates appeared first on Laravel News.

Source: Laravel News

Email Verification

First up, we have email verification support out of the box in Laravel 5.7. It’s as simple as adding implements MustVerifyEmail to your User class. Seriously.
Source: Laracasts

Polymorphic Relations

We’ve made it to the scariest of Eloquent relations: polymorphic. Don’t worry! As with most things, the word is scarier than the technique. A polymorphic relationship allows a model to belong to any number of models on a single association. Let’s demonstrate this with a practical example.
Source: Laracasts

Has Many Through

While not nearly as common, the hasManyThrough relationship, when necessary, can prove to be incredibly useful. This relationship type allows you to perform queries across long-distance relationships.
Source: Laracasts

Many to Many

Many to many relationships are a bit more confusing to understand. Let’s break it down by reviewing the common "posts" and "tags" relationship. A one-to-one or one-to-many relationship isn’t quite right here. A post will never own a tag. It can be associated with one, sure, but it doesn’t own the tag. The same is true in reverse. When we encounter situations such as this, a "many-to-many" relationship is exactly what we need.
Source: Laracasts

Notepad++ v7.5.8 bug-fixes

1. Remove annoying “no update” notification.
2. Fix Folder as Workspace not updating regression.
3. Fixed crash issue by checking & unchecking “Disable extension column” option in preferences dialog.
4. Fixed a crash when trying to launch a secondary instance with command line arguments.
5. Fix “Explorer Here” from “Folder as Workspace” problem if folder name contains comma.

Included plugins:

1. NppExport v0.2.8 (32-bit x86 only)
2. Converter 4.2.1
3. Mime Tool 2.1
4. DSpellCheck 1.3.5

Updater (Installer only):

* WinGup (for Notepad++) v5.0.2

ZF2018-01: URL rewrite vulnerability

ZF2018-01: URL Rewrite vulnerability

zend-diactoros (and, by
extension, Expressive),
zend-http (and, by extension,
Zend Framework MVC projects),
and zend-feed (specifically, its
PubSubHubbub sub-component) each contain a potential URL rewrite exploit. In
each case, marshaling a request URI includes logic that introspects HTTP request
headers that are specific to a given server-side URL rewrite mechanism.

When these headers are present on systems not running the specific URL rewriting
mechanism, the logic would still trigger, allowing a malicious client or proxy
to emulate the headers to request arbitrary content.

Action Taken

In each of the affected components, we have removed support for the specific
request headers. Users can provide support within their applications to
re-instate the logic if they are using the specific URL rewrite mechanism; users
are encouraged to filter these headers in their web server prior to any rewrites
to ensure their validity.

The patch resolving the vulnerability is available in:

  • zend-diactoros, 1.8.4
  • zend-http, 2.8.1
  • zend-feed, 2.10.3

Zend Framework MVC, Apigility, and Expressive users will receive relevant
updated components via composer update.

We highly recommend all users of affected projects update immediately.

Acknowledgments

The Zend Framework team thanks the following for identifying the issues and
working with us to help protect its users:

Source: Zend security feed

1 2 3 4 66