Web Development

Top 10 reasons why webdesign, web development and programming in general really suck

The longer I program or do anything with webdesign the more I absolutely hate it with a passion. Here is why.

  1. Nothing works
  2. Nothing works
  3. Nothing is documented worth the shit so it takes forever to figure out how the hell the idiot authors system works. Nothing but hours of frustrating trial and error. But their marketing sounds so damn awesome that everyone just has to learn and use it.
  4. Bugs galore and then more bugs. NOTHING WORKS
  5. Nothing works
  6. Browsers really suck at CSS/Javascript each does it’s own thing, how and when it wants. Screw you if you know how it should work the team at browser x has different ideas. NOTHING WORKS
  7. The tools suck and the industry jumps ship to new tools monthly, tools that do the same shit in a different fail ass bug filled way NOTHING WORKS
  8. Too many clueless amateurs pumping out shitty undocumented spaghetti code… NOTHING WORKS!!!
  9. Most tools are dysfunctional chaos at best NOTHING WORKS!!!
  10. You learn the same shit over and over and over every time a new Library or framework comes out or some new Amateur has a great idea that other Amateurs think sounds great.. NOTHING WORKS!
Programming sucks because nothing works

I swear if a mechanic had to deal with the same shit developers deal with then their day would go like this

  1. Get to work 1/3 the tools are broken  and you must order new tools and learn to use them. But these tools even with the same name and function are a new version and work totally different. And you must learn how to use them through trial and error because the docs are totally  off and missing steps.
  2. Some of the tools that worked one way the other day now work totally different today. Got to learn the changes before work begins
  3.  Another 1/3 of all the tools were stolen got to order new tools and well some of those new tools changed so you got to re-learn how to use them. and about 1/3 of the new tools you ordered will be totally fubar broken and never function
  4. You finally got all your tools ordered and relearned now you have enough time to remove 1 bolt
  5. Manufacturer can’t write steps of how to use their product. It requires 10 steps, but lame brain in doc department leaves out 4 so you get 6 steps and are left saying WTF!!!

Next day you start all over again and get bolt 2 off.

Seriously what other industry do you have people just intelligent enough to create things but not intelligent enough to explain how the hell their invention works? NONE NO OTHER DAMN INDUSTRY. There is no other industry full of so much time wasting bullshit and chaos. NONE NOT ONE.

It is like trying to put together furniture where the manufacturer gives you 1 picture of the final product which takes 20 steps to complete and they decide you only need to know 11 of them FFS.

The more people who start web development and programming the worse the industry gets. This shit takes knowledge and organization. At the current rate I predict soon computers won’t even start in 10 years.

Web Development

How to get the user id in a service in Symfony 5

You might try UserInterface but I know that Security will work. You type hint aka Dependency Inject your service constructor with Security but not just any Security will do there is also one by Sensio labs and another. You want this Security

use Symfony\Component\Security\Core\Security;

Then your id wont show it or will warn something about a polymorphic call blah blah, but apparently there is a getId() method of the user returned from Security and you can get a user id like this.

 $userId = $this->security->getUser()->getId();

That is how you can get the current logged in users user id; My IDE PHPStorm doesn’t even know getId() exists so I had to do some digging.

Resources Web Development

How does login and authentication work in Symfony 5.*

This is mostly for myself as a reminder, as the info is scattered to hell wont have it, because that is the dysfunctional symfony way.   The most frustrating part of Symfony is Authentication because the information is scattered all over between articles, symfonycasts etc. just all over, like you couldn’t scatter it more all over, all, all over like a unicorn farting out rainbow sprinkles.You won’t find shittier documentation on any subject anywhere on the internet.

There are two versions of authentication an old one and a new one. The old one uses Authentication providers the new one users just Authetincators. No one but the authors of Symfony know WTF the difference is though.

Note : to add confusion Symfony refers to what you usually call Sessions as Tokens FFS.

First off a list of files involved in the login process :

  1. The login form obviously app/templates/security/login.html.twig
  2. A security controller app/src/Controller/SecurityController.php
  3. A user Provider aka the User entity class app/src/Entity/User.php
  4. An Authenticator app/src/Security/LoginFormAuthenticator.php

When a user requests /login Symfony first calls LoginFormAuthenticator.php to check to see if the user is logged in/authenticated so the work is not done in the controller like most other actions. To change, add, remove anything from the authentication process you make changes in the LoginFormAuthenticator.php methods.

There is a new experimental Authentication system it still uses authenticators but a slightly different process.

This authenticator is listed in the app/config/packages/security.yaml file under firewalls:main:guard:athenticators as

- App\Security\LoginFormAuthenticator

symfony firewall authenticator section

Every time a request is made the firewall will use the authenticator listed to try to authenticate the user. If authentication fails Symfony secretly behind the scenes tries other ways to authenticate the user as you can see in the image below.

symfony guards
Secret guards attack

As you can see in the image above Symfony will try your guard you listed in the configuration file, but it also tries it’s own secret list of default authenticators.

For information about the login form see this article in the scatterdocs. A little more info about the login form and process from the Symfony Spaghetti docs.

Resources Web Development

Symfony Session resources list

Plain session docs – This is the symfony documentation page about Sessions alone. This link shows the basic configuration and use of Sessions in Symfony. This also mentions not starting a session for Anonymous users and has links to other info about sessions.

Configuring Sessions and Save handlers – Symfony documentation link. This covers more about how to configure sessions and their Save Handlers. This is some of the better information about Sessions and how they work in Symfony. It covers the save handlers and more of the configuration information.

Session proxy examples – Symfony Documentation link. This covers how to create your own session handler. It also discusses how to encrypt session data with an example.

Framework configuration – Symfony documentation link. This covers many of the options for the security component of Symfony.

Store sessions in a database – Symfony documentation link that describes how to store session data in a database or Redis.

Session Management – Symfony documentation link. Explains how sessions are managed in symfony. Gives a good overview and important information about how symfony functions. It covers the functions symfony uses to replace PHP session functions and how to use them. This also covers the ways to work with sessions in Symfony. Oddly this covers Flash messages too.



Symfony events resources, links and videos

To see a list of all events use this command

 php bin/console debug:event-dispatcher

Built-in Symfony Events – this covers some of how events work in Symfony and the basic default events that fire with every request.

The HTTP kernel component – This gets to the core of Symfony and it’s event system. The kernel is driven by events. This also covers the basic flow of events that symfony follows when a request enters the system.

Events and event listeners – More information about symfony events.

The EventDispacher component – This is more about the symfony system events.

An example of how to use the EventDispacher component


This video covers how to create a custom event subscriber

Software Development Web Development Web Security

Authentication vs Authorization what is the difference?

Authentication/Authorization these terms are often confused. Here I will clarify them.

Authentication — Login, proving who a user is one way or another. After a user is logged into a system a session cookie is usually created to re-authenticate the user so they don’t have to login every single page view.

Authorization — Can a user view or access something once Authenticated? Authorization includes things like administration panel access, viewing a users profile or post or media etc.

Resources Web Development

Symfony errors and exception handling resources

How to customize error pages – Documentation page about how to create custom error pages.
How to Customize Access Denied Responses – specifically about how to customize access denied responses. This is useful for when you use voters to authorize a users access to content.

Resources Software Development

Ethereum Solidity programming links and resources.

Links and resources about Ethereum Solidity programming language.



Links and resources about Symfony firewall and authentication system

One thing you will want to do is view your current security settings to do so you use this command.
php bin/console debug:config security

Old symfony cookbook security entry – This is an ancient link to nearly the very beginning of symfony. This explains the mechanics of the Symfony security system if you are like me and just want to know how the hell this functions so you can feel confident in the system and be able to diagnose and fix issues.

More on Security – this is another ancient link like above, it explains the system.

Symfony cast covering
firewall and authentication and how it works. This has lots of info that should be directly in the documentation.

Security configuration reference -> not complete listing of some of the values you can set. If you run the debug:config command above you will see more values you can set, but good luck figuring out what they do.

How to restrict firewalls to a request -> symfony docs. This talks about using multiple firewalls and how the Symfony firewall system works like a waterfall trying one firewall after another until it finds one that works or uses the last  firewall listed. This also explains some of the options to the firewall. This basically shows how to use multiple firewalls.

Symfony cast about security – this covers the entire system. Some things have changed in version 5 but this is mostly correct and serves as a starting point.

Security user providers – Part of the Firewall/Authentication/Authorization system is something called security providers. User providers check the users identity from a session cookie to verify the user. This part of the documentation talks about how the firewall uses the User providers to authenticate the user after they have logged in.

Custom Authentication System with Guard (API Token Example) – talks about how to create a custom API token

Built-in Authentication Providers – documentation about the built in service providers.

Symfony Cast about gaurds – this is ancient from version 3, but it is helpful because it covers how the system is supposed to work or was supposed to.

The firewall and authorization – this covers how authorization works in the firewall system. It has a section at the bottom that explains how the firewall/authentication/authorization flow works.

Using the form_login Authentication Provider  – This explains how to create a login form and how the system processes it and authenticates the user.


A good video explaining how multiple authenticators work


Links and resources about Symfony Doctrine fixtures

Symfony cast page about fixtures.