Log message #113764

# At Username Text
# Aug 9th 2008, 14:13 markstory what doesn't work?
# Aug 9th 2008, 14:13 klaasjan i feel like i'm a newbie to php again but i can't get the framework to work for me
# Aug 9th 2008, 14:13 Martz Riddle me this..
# Aug 9th 2008, 14:12 klaasjan all right
# Aug 9th 2008, 14:12 markstory only in riddle form.
# Aug 9th 2008, 14:12 Martz klaasjan: fire away
# Aug 9th 2008, 14:12 klaasjan Is it normal to aks your questions here??
# Aug 9th 2008, 14:12 markstory helo
# Aug 9th 2008, 14:11 klaasjan Hello everyone
# Aug 9th 2008, 14:10 Matt1 markstory: perfect. thank you.
# Aug 9th 2008, 14:04 markstory Router::url('/');
# Aug 9th 2008, 14:02 Matt1 FULL_BASE_URL . DS . Configure::read('App.dir') not gettting it all.
# Aug 9th 2008, 14:01 Matt1 How do i get the full current url in controller ?
# Aug 9th 2008, 13:58 markstory Anon323: the component include is good.
# Aug 9th 2008, 13:57 jaredhoyt Anon323: you can whitelist in save()
# Aug 9th 2008, 13:57 Anon323 in my function?
# Aug 9th 2008, 13:57 Anon323 $this->Security->disabledFields(array("foo", "bar"));
# Aug 9th 2008, 13:57 Anon323 in my controller and
# Aug 9th 2008, 13:57 Anon323 var $components = array("Security");
# Aug 9th 2008, 13:57 Anon323 markstory: @security component: Means I have to add
# Aug 9th 2008, 13:56 Anon323 yes. i read about whitelisting. cleanUpFields() turned up as acceptable search result.
# Aug 9th 2008, 13:55 markstory are you refereing to controller::cleanUpFields?
# Aug 9th 2008, 13:54 markstory Anon323: security component stops form tampering.
# Aug 9th 2008, 13:54 Anon323 markstory: So form inputs I didn't specify will be discarded? (e.g. an attacker can't manually add an form input element which cake will automatically save?)
# Aug 9th 2008, 13:50 markstory its done automatically in Model::deconstruct
# Aug 9th 2008, 13:49 markstory cleanUpFields doesnt exist any more in 1.2
# Aug 9th 2008, 13:47 Anon323 AD7six: Thanks for the security component / whitelist hint. how does cleanUpFields() work? how does it know what to clean up?
# Aug 9th 2008, 13:43 TonkaTruck In order for the prefix routing example in the book to be reverse route compatible, the wildcard needs to be set as ...:action/* Then, it works swimmingly.
# Aug 9th 2008, 13:41 infantigniter it's mind boggling
# Aug 9th 2008, 13:41 infantigniter another weird thing, the table that has the null fields -- it only has like 5 rows. but it's displaying like 20/30 empty records on my browse pages
# Aug 9th 2008, 13:40 markstory well then I dunno.
# Aug 9th 2008, 13:40 infantigniter markstory: i don't do any of those in any view. i use some requestAction, but that's all Select * stuff
# Aug 9th 2008, 13:37 markstory anything that could be considered a save() / saveField()
# Aug 9th 2008, 13:37 infantigniter markstory: what qualifies as modifying a model? like trying to update records, etc. from a view?
# Aug 9th 2008, 13:35 markstory google analyitics is client side.
# Aug 9th 2008, 13:34 markstory if you modify a model on a page that is a view action. and a 404 occurs a new record will get inserted.
# Aug 9th 2008, 13:34 infantigniter markstory: i'm using google analytics if that is relevant
# Aug 9th 2008, 13:34 markstory infantigniter: are you doing anything like tracking views on pages?
# Aug 9th 2008, 13:33 infantigniter anybody know how this could be happening?
# Aug 9th 2008, 13:33 infantigniter it doesn't make sense because (1) the entire action is password protected and (2) all the save functions have validation rules that would prevent such null records from being created
# Aug 9th 2008, 13:32 infantigniter very strangely, though i use DarkAuth to protect all administrative actions (such as Add), i'm winding up with like 20 new rows in one of my tables every day about. all fields in these rows are null