Outils pour utilisateurs
Table des matières
Laravel
Laravel The PHP Framework For Web Artisans.
Voir aussi Lumen une version micro-framework de Laravel 5.
Documentation
Handbooks & Cheats sheets
Tutoriels/Tutorials
Tutoriels:
- http://laravel.sillo.org quelques tutoriels avec Laravel 5 et aussi Vue.js
Apprentissage de la version 5 de Laravel : un blog avec frontend et backend, avec bootstrap.
Exemples:
- bestmomo/laravel5-3-example with: Home page ; Custom error pages 403, 404 and 503 ; Authentication (registration, login, logout, password reset, mail confirmation, throttle) ; Users roles : administrator (all access), redactor (create and edit post, upload and use medias in personnal directory), and user (create comment in blog) ; Blog with comments ; Search in posts ; Tags on posts ; Contact us page ; Admin dashboard with messages, users, posts, roles and comments ; Users admin (roles filter, show, edit, delete, create, blog report) ; Posts admin (list with dynamic order, show, edit, delete, create) ; Multi users medias gestion ; Localization ; Application tests ; Use of new notifications to send emails and notify redactors for new comments
Tutorials:
- Intermediate Task List (Laravel 5.2)
- Laravel 5 tutorials : GEO Spatial MySQL in Laravel 5, Laravel 5 REST Api Basic Authentication, Laravel 5 and AngularJS, Laravel 5 and Socket.io
- de bon articles récents sur des sujets pertinents
- culttt.com, notamment sur Elixir
- Créer des packages pour Laravel:
- voir Laravel et VUE.js
- How To Process Tweets in Real-Time with Laravel that implements Job, Command, Queue and of course Twitter streaming api with Phirehose
- Handling Intensive Tasks with Laravel (async queue processing, Excel)
Fait avec ou pour Laravel
- php-tmdb/laravel A Laraval Package for use together with the php-tmdb/api TMDB Wrapper
- summerblue/phphub5 PHPHub Ver 5 is a Forum project Powered by Laravel 5.1
- A Roundup of Laravel CMS Packages (October, Statamic, Pyro, …)
Packages:
- Packalyst is a directory of Packages for your Laravel projects
Starters:
CMS on top of Laravel
- Lavalite Multilingual CMS built on Laravel 5.3 (Multiauth & API enabled)
- PyroCMS
Validation
Voir aussi model validation
- Form array validation in Laravel 5.2
CSRF, XSS, SQL ...
Excluding Routes from the CSRF Middleware in Laravel 5.1
Dans la documentation: routing csrf-excluding-uris
It's now super easy to exclude specific routes from your CSRF middleware:
source: https://mattstauffer.co/blog/excluding-routes-from-the-csrf-middleware-in-laravel-5.1
Plus d'information : Excluding Routes from the CSRF Middleware
// app/Http/Middleware/VerifyCsrfToken protected $except = [ 'webhook/*' ];
Data, ORM, Eloquent
Model validation
- Peut-être moins complets (moins bien ?)
-
- an deprecated Laravel 5's fork aziz/smartmodel
- WaaviModel uses Laravel's Validator class, therefore validation rules, custom messages and custom validation methods are all available.
-
On client side (javascript)
Utiliser côté client les règles de validation et messages d'erreurs définis pour les Models.
- Laravel 5 Javascript Validation (source code) allows to reuse your Laravel Validation Rules, Messages, FormRequest and Validators to validate forms transparently in client side without need to write any Javascript code or use HTML Builder Class. You can validate forms automatically referencing it to your defined validations. The messages are loaded from your validators and translated according your Localization preferences.
- Laravel Validation For Client Side https://github.com/bllim/laravalid
Autres
ModelForm, Laravel implementation of Django Forms, is a PHP Form Abstraction for Laravel based on Django Forms and Formset.
versions des données
Gérer les versions des données
-
- store in a “versions” table
-
- store in a “versions” table
Divers
Nested tree
Gestion d'arborescence (Nested tree structure, Nested category) :
import/export & bulk
Doctrine
Doctrine avec Laravel: http://www.laraveldoctrine.org - Problème: à cause de la forte dépendance de Laravel avec Eloquent, les packages externes continueront d'utiliser Eloquent.
SQL View
Authentification
Multi-Auth
Laravel 5.2, you may define additional authentication drivers as well define multiple authenticatable models or user tables, and control their authentication process separately from each other. For example, if your application has one database table for “admin” users and one database table for “student” users, you may now use the Auth methods to authenticate against each of these tables separately.
Authentication Scaffolding
Laravel 5.2: This command will generate plain, Bootstrap compatible views for user login, registration, and password reset. The command will also update your routes file with the appropriate routes.
Note: This feature is only meant to be used on new applications, not during application upgrades.
php artisan make:auth
OAuth
Passing parameters to Middleware
source: https://mattstauffer.co/blog/passing-parameters-to-middleware-in-laravel-5.1
Using parameterized middleware in the route defintion. When you're adding middleware to a route definition, you'd normally set it like this:
Route::get('company', ['middleware' => 'auth', function () { return view('company.admin'); }]);
So, let's add in our parameter to show that the user must have the owner role:
Route::get('company', ['middleware' => 'auth:owner', function () { return view('company.admin'); }]);
Note that you can also pass multiple parameters as a comma-separated list:
Route::get('company', ['middleware' => 'auth:owner,view', function () { return view('company.admin'); }]);
How to disable remember me token ?
Simply overload some methods:
class User extends BaseModel implements UserInterface, RemindableInterface { ... public function getRememberToken(){ return null; // not supported } public function setRememberToken($value){ // not supported } public function getRememberTokenName(){ return null; // not supported } /** * Overrides the method to ignore the remember token. */ public function setAttribute($key, $value) { $isRememberTokenAttribute = $key == $this->getRememberTokenName(); if (!$isRememberTokenAttribute) { parent::setAttribute($key, $value); } } ...
Sentinel
https://cartalyst.com/manual/sentinel
A modern and framework agnostic authorization and authentication package featuring:
- roles, permissions,
- custom hashing algorithms and additional security features.
The package follows the FIG standard PSR-4 (Autoloader) to ensure a high level of interoperability between shared PHP code.
The package requires PHP 5.4+ and comes bundled with a Laravel 5 Facade and a Service Provider to simplify the optional framework integration.
- Centaurprovides an opinionated implementation of Cartalyst Sentinel for Laravel.
Route
Implicit Model Binding
Laravel 5.2: Implicit Model Binding
use AppUser; Route::get('/user/{user}', function (User $user) { return $user; });
REST API
Simple but usefull RestControllerTrait
Dingo https://github.com/dingo/api/
- A RESTful API package for the Laravel and Lumen frameworks.
JWT-auth provides a simple means of authentication within Laravel using JSON Web Tokens
Views
Components
- StydeNet is an extension to the Laravel Collective HTML package.
- Menus, Alert messages, Form fields, Collection of radios and checkboxes
Component Pull
La documentation View Composers présente l'insertion automatique de données dans des vues que je vois comme du “Component Push”. Ça manque d'exemple, notamment le paradigm du “Component Pull” : Exprimer l'insertion d'un composant depuis une vue.
Appeler le “composant” depuis une vue Blade:
@inject('navstage', 'NavStage')
{{ echo $navstage->render() }}.
L'appel @inject() demande au “Service Container” de trouver l'instance d'un objet référencé sous le nom NavStage. Il faut donc que cet objet ai été créer et référencé:
// dans App/Providers/AppServiceProvider.php public function boot() { $this->app->singleton('NavStage', function ($app) { return new \App\Services\NavStage(); }); }
Il faut bien sûr qu'existe la classe \App\Services\NavStage avec une méthode render() (cf. la vue Blade).
Nota bene: l'appel {{ $navstage→render() }} n'imprime pas le résultat de l'appel à render(), il faut donc faire un echo dans la méthode.
Nota bene Dans le cas d'un composant qui n'est pas utilisé dans toutes les requêtes, on va préférer le charger que si besoin : Deferred Providers (aka lazy loading)
Twig template engine with Laravel
Wysiwyg editor
CKeditor laravel package:
Laravel file manager (for CKEditor and TinyMCE) with multi-users support
VUE.js
voir Vue.js
- Simple guestbook example https://github.com/laracasts/Laravel-and-Vue/
Since many JavaScript frameworks also use “curly” braces to indicate a given expression should be displayed in the browser, you may use the @ symbol to inform the Blade … Blade & JavaScript Frameworks
Divers
- Menu: The spatie/menu package provides a fluent interface to build menus of any size in your php application. If you're building your app with Laravel, the spatie/laravel-menu provides some extra treats.
Localization
Messages de validation en 52 langues pour Laravel4/5: https://github.com/caouecs/Laravel-lang
Manage translation in database:
- hpolthof/laravel-translations-db a Laravel translations from Database;
- store translations in the database and default load from files, cache translation, comes with a crud-interface and can perform translations via Google Translate.
- waavi/translation translation management for Laravel with files, database and cache.
- spatie/laravel-translation-loader offers a driver based way to store and retrieve translations and ships with a default driver that stores translations in the db.
Manage translation files:
- barryvdh/laravel-translation-manager is a package to manage Laravel translation files. It does not replace the Translation system, only import/export the php files to a database and make them editable through a webinterface.
Translation in Eloquent ORM
- A Laravel package for multilingual models dimsav/laravel-translatable
Tests & Testing
Others
Security
Throttle
Le middleware Illuminate\Routing\Middleware\ThrottleRequests retourne un code HTTP 429 quand le nombre de requêtes dans un nombre de minutes est dépassé.
Il utilise le cache Illuminate\Cache\RateLimiter. Pour identifier le client il utilise la méthode fingerprint() de Illuminate\Http\Request.
Malheureusement cette méthode fingerprint() n'utilise que l'IP comme données du client.
Bien qu'il soit impossible de calculer une empreinte sure, j'ai demandé l'ajout du remote port #12872.
Laravel cookie forgery
Ce bug n'est-il pas réapparu ? Un test unitaire existe-t-il ?
Laravel cookie forgery, decryption, and RCE MWR, 11 April 2014
Infrastructure & serveur
To make default prefixed route working, like /admin or /foo, while a folder with the same name exists, like public/admin or public/foo, should remove the $uri/ from nginx rewriting:
replace
location / {
try_files $uri $uri/ /index.php?$query_string ;
}
by
location / {
try_files $uri /index.php?$query_string ;
}
Error catcher
Avec Sentry.io :
Wordpress and Laravel
Charts & graphs
- Charts is a multi-library chart package to create interactive charts using laravel (chartjs, highcharts, material, morris …).
Admin panel
-
- Menus & CRUD
- https://silverbux.github.io/laravel-angular-admin/ Laravel + Angularjs + Bootstrap + AdminLTE binded by Gulp workflow Admin Dashboard Boilerplate. Plus Oauth and JWT authentication on the side.
- Laravel Generator - Get your APIs and Admin Panel ready in minutes, Laravel Generator to generate CRUD, APIs, Test Cases and Swagger Documentation (read http://laravel.sillo.org/infyom/).
Not free:
- Josh - Laravel Admin Template + Front End + CRUD
- Builders: Form, Button, Page
- BackpackForLaravel but open source https://github.com/Laravel-Backpack
Tools
- Laravel 5 IDE Helper Generator generates correct PHPDocs for all Facade classes, to improve auto-completion.
- A docker compose for Laravel (example) : https://github.com/edbizarro/ambientum
