Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
    Michael Zischka
    @michaelzischka
    @iunknownly_twitter Do you get a valid $response object? You can call getBody() on the $response object and receive an object of type StreamInterface. If the response returns application/json as response type, you can json_decode the body and receive the json response as an array. Pretty straight forward.
    Zachary Smith
    @zachisit
    I've added an Encryption trait to a class, saving all data encyrpted and ecrypted when I pull from the database. However when I try to pull old data that wasn't previously encrypted I'm getting 'The payload is invalid.' Is there a way to handle legacy data not encrypted?
    I guess this is a dumb question, because if I have data important enough to encrypt at rest then I should encrypt all legacy data values?
    Ben Johnson
    @cbj4074
    @zachisit Yeah, exactly. My advice is to use a try / catch to handle this scenario. "Try to decrypt, and on failure, encrypt and attempt decryption again". :wink:
    Zachary Smith
    @zachisit
    @cbj4074 extremely smart as always. would this try/catch happen in the trait itself?
    Ben Johnson
    @cbj4074
    That's entirely up to you, and it depends on whether you want to encrypt the legacy data proactively and all at once, or as it's requested. It sounds like the former approach is preferable, given that the data should probably be encrypted.
    So, in other words, you may want to loop over every record and use that try/catch apporach to fix/encrypt any that fail as you're looping.
    Zachary Smith
    @zachisit
    yeah makes sense. i can encyrpt all that way
    is there another way to encrypt 5,000+ records manually in a laravel db?
    Ben Johnson
    @cbj4074
    If you do that, then it probably doesn't make sense to add that behavior to the trait, as you'd want to know if an exception was thrown on the first decryption attempt going forward.
    No, there's no other way to encrypt all the legacy records, beyond looping over them.
    (at least not in a way that you'll be able to retrieve them, hehe)
    Zachary Smith
    @zachisit
    ok. so sounds like this is best way, and i can just do a search to return the results between a date string
    ah yeah good point. because i encrypt using the key in laravel at the time
    so i have to decrypt using same key
    Ben Johnson
    @cbj4074
    Exactly.
    (i.e., you couldn't just use some generic encryption function on the CLI / DB, outside of Laravel)
    Zachary Smith
    @zachisit
    if i build this locally, save all the data in my db locally, have it encrypted:
    then i move everything from local (files + db) to a stand alone server, will that mess anything up w/this encyrption (the key, the data, etc) that i'm not aware of?
    Ben Johnson
    @cbj4074
    Yes, it will! The same key needs to be used for both encryption and decryption.
    Zachary Smith
    @zachisit
    but i'm using same key i have on local. i'm just picking everything up and moving to a server. won't that codebase have the same key?
    Ben Johnson
    @cbj4074
    Not necessarily, because that key should be stored in your .env, which is environment-specific and isn't generally ported-around with the code.
    (that file should never be committed to version-control, and therefore should never end-up in a "build", whatever that entails for you)
    Zachary Smith
    @zachisit
    ok. so the key i am using in my .env won't be able to work when i copy the files (and the .env file) to a new server?
    Ben Johnson
    @cbj4074
    It will. I suppose I'm just saying that using the same key in more than one environment is a "bad practice".
    Your use-case here is unique, though, and it should be fine to do that.
    Zachary Smith
    @zachisit
    ok just making sure
    having to introduce encryption on a 10 year old database w/over 100k of records
    i'm adding laravel on top of it for reporting, and as a result have to encrypt it all for HIPPA
    building on local to get it ready to move
    i guess from the prod server i can generate a new key
    Ben Johnson
    @cbj4074
    If you encrypt the data locally, using the key in your local .env, and then you move that data into production, you must use that same key in your production .env. You can never change it.
    If you ever had to change the key, you would have to decrypt all the records first, change the key, then re-encrypt them.
    I'm subject to HIPAA, too, so I feel your pain with all of this.
    Does that make sense, re: the key? Whatever key is used to encrypt the data is the only key that can be used to decrypt it, period.
    Now, given that there isn't an existing deployment in production, you can just do everything locally (assuming your local environment is secure and that key is safe there!), deploy the app, use that same key in production, and call it good.
    Zachary Smith
    @zachisit
    yes that makes total sense. in theory i thought i could just pick up the codebase and move wherever as long as i have the same key. once i lose that key i am FUBAR'd
    ok makes sense
    Ben Johnson
    @cbj4074
    Yeah, okay, it sounds like you're with me here.
    Lol, exactly... print a hard-copy of the key and store it in a vault or something.
    Zachary Smith
    @zachisit
    smart idea actually
    private github repo fine?
    Ben Johnson
    @cbj4074
    I wouldn't put it online on any server to which you don't have exclusive access.
    (the .env file, that is)
    I would store only your production .env on your own server, and then a paper copy, printed and stored in a secure location (safe, vault, safe deposit box, etc.)
    I would also write tests to ensure that the encrypt/decryption is working as intended.
    AFK a few.
    mpixelz
    @mpixelz
    hi
    has anyone worked with Maatwebsite/Laravel-Excel? i really need some urgent help :(
    mpixelz
    @mpixelz
    ive created a class and done with the query method.. but now i want to allow my users to select what information to export.. like user can select if they want dob or age in the export using checkboxes..
    Ben Johnson
    @cbj4074
    @mpixelz Seems pretty straightforward. Just implement some conditional logic that adds to your query depending on which boxes are checked.
    Josh Reeter
    @jreeter
    hmmm, does contextual binding/injection not work with method injection?
    Josh Reeter
    @jreeter
    gonna go with a yes on that heh
    flyingL123
    @flyingL123
    @jreeter pretty sure I ran into this issue before as well. I think it only works on constructor injection.