Disable the CSRF token in Laravel 5

Just a #HTH

Often when you’re devving’ forms in Laravel a quick refresh of the page rightly errors on the CSRF token. This is a bit of a bummer if you want to keep testing the same request, so all I do is…

Goto App/Http/Kernel.php and comment out,

// 'App\Http\Middleware\VerifyCsrfToken',

Then you can dev to your heart’s content, just remember to un-comment it! Maybe write a unit test to check it’s on before allowing you to push or create a merge request. Like one that alters the hidden field and submits.

The missing route in Laravel Route::resource…

The Route::resource method in routes.php Laravel 5 is brilliant. It saves time setting up simple CRUD routes and consolidates lots of routes into one method.

However, I’m not sure the Create and Update route both have a pre-route for the form however Destroy doesn’t?

I know the Store and Update commands both need to have a form of data fed to them, however… all my Destroy commands need a page to check the user is sure they want to delete the resource. So all my routes resource calls have this “delete” GET with them,

Route::resource('taxonomy', 'TaxonomyController');
Route::get('taxonomy/{id}/delete', [
'as' => 'taxonomy.delete', 'uses' => 'TaxonomyController@delete'
]);

Otherwise, people are tempted to use a Javascript confirm box as the only way to check people want to delete something first. However, that’s a bit dumb :) JS alert boxes are fiddly, also don’t fit with most site’s design styles and if your browser has JS off, your user is screwed.

Putting Global Middleware in your Laravel routes.php or Kernel.php?

I’ve been using Laravel Middleware for checking a certain user has been authenticated with the Uni’s SSO.

As a rule, anyone darkening our servers HAS to be a Warwick University Student and so, should be Auth’d by Shibboleth to the Uni’s Single Sign On.

The Laravel docs suggest that for “Global Middleware” you should put it in the app/Http/Kernel.php class and it will run on everything,

If you want a middleware to be run during every HTTP request to your application, simply list the middleware class in the $middleware property of your app/Http/Kernel.php class.

http://laravel.com/docs/5.0/middleware#registering-middleware

However, whilst that’s fine there is a good argument for putting it in the routes.php file, so it’s clear to any non-laravellers what Middleware is protecting the routes.

Route::group(['middleware' => ['IsUniSSOd']], function()

To be honest either’s fine. I started using the Route::group protection initially, however, it indents everything and starts to make it look a bit like a horrific massive if statement from days of old.

So now we’re putting it in our Kernel.php file to smarten it up as everyone gets more used to Laravel.

protected $middleware = [
...
'App\Http\Middleware\IsUniSSOdMiddleware'
]

Setting up similar factories with Laracasts/TestDummy

I’ve been using laracasts/Testdummy a lot recently which is a great tool for setting up any testing you’re doing. It auto-generates your Laravel 5 models with faker data.

However, sometimes when you’re setting up a very similar named model it becomes laborious copying and pasting the same things across multiple instances with the same default data.

So here’s my super easy “pattern” so you’re not creating too much. All it relies on is using the array_merge to overwrite the default set.

Should you allow clients into your bug tracking software?

I believe yes, you should. With the proper caveats and training, your client should be able to see what’s going on.

The client has fewer surprises, is in on the problems and #FTW’s. They feel more connected to the product and weirdly will start to feel more “onside”.

Sure it might seem scary at first, but after the initial storming, the process does begin forming!

It’s all about improving process through transparency.

Dropping SASS for LESS

I’ve been asked in interviews, “which one I prefer and why?”, however I’ve never really had a reason for choosing SASS over LESS apart from I found SASS first! They’re both pretty similar and they’re both really useful.

However, now I’m starting to find reasons with the packages I’m using more frequently.

As I’m moving forward with my Laravel work, I’m finding it an annoying process to administer installing RVM (ruby version manager) and then run gem install sass. With LESS, I can install it with npm (Node Package Manager) and boom, I can code on.

Also, it’s what Twitter Bootstrap is built in, so I can use LESS with “less” pain.

So, for simplicity’s sake, I’m moving to LESS, but thank you SASS, it’s been great.

The Tory party is a party for the people (ie. super rich people)

The Tory party is a party of super rich people, which is fine, it’s just important to know. Its leadership is made up of very rich donors from very rich companies and as such, their policies, we need to remember are policies which support those donors. That’s fine. It’s a party made for super rich people.

Are you a super rich “people”, do imagine what they talk about at their banquests are the same as you talk about over dinner?

Nothing about this should surprise anyone by the way, it is a party lead by people who want to protect themselves being super rich.

But, never be mistaken into thinking a Tory party person means YOU when they say, “We’re a party for the people”. Because, they mean for those super rich people who can pay £50,000 to bend the policy makers’ ears.

Do you want to vote for the super rich boys club? Do you think their ideas and values align with yours?

Professional alternatives to Facebook groups or Moodle Forums

You will find many different tools used for business collaboration, and new ones pop up every year.

Here are some we know of that you could use to replace your Moodle Forums and Facebook problem and be more on the “pulse”.

Google Drive

https://www.google.co.uk/drive/

Share Documents, Spreadsheets with version control. Also a tool to have hangouts (video conference) and have group text chats. Free service.

  • Documents
  • Spreadsheets
  • Group text chat
  • Hangouts (Vid. Conference)
  • File Sharing

DropBox

https://db.tt/FvHtPln

A repository for files, it will automatically push any saved files to all the other members with the shared DropBox. Good for saving large files and sharing with each other, less useful for versioning without an account. Free service.

  • Shared folder (you still need Office apps)

SharePoint

http://products.office.com/en-us/sharepoint/collaboration

Microsoft’s offering, share documents and more. Takes setting up and costs, however it’s an industry standard.

  • Documents
  • Spreadsheets
  • Group chat
  • File Sharing
  • Versioning

Facebook

http://facebook.com

You can setup a group and hold a chat on the network you’re always on. But, we doubt an organisation would handle all their business discussion here. Also, would you want to mix work and online socialising? Free service.

  • Group chat
  • File emailing (No versioning)

Wiki

http://www.wikidot.com/

The technology that runs Wikipedia, gives the ability to create shared pages and thoughts and revisions. You can share, collaborate, update and see revisions. Free services available.

  • File sharing
  • Text versioning

Versioning?

Some services come with versioning on documents, which means you can see the updates and text changes on files. This allows users to work collaboratively and see what changes the group have made, and discuss them. Also, it stops the need to keep naming files like, “copy 1″, “copy 2″, “Final Version”, “final version 2.3″ as it’s just one continues file.

Free?

Lots of companies advertise their products as “Free”, however that comes at a cost not associated with money. They effectively own your data, and probably have free reign to sell it on, use it to advertise with or if they shut down, your data goes to the highest bidder.

Other services may offer you a limited time access or file number limit before you need to pay.