| # |
Aug 9th 2008, 14:14 |
Anon323 |
@security component: I implemented it this way http://bin.cakephp.org/view/757377840 , but it doesnt work (Fatal error). whats wrong? |
| # |
Aug 9th 2008, 14:14 |
klaasjan |
I've red the manual and I onderstand most of it |
| # |
Aug 9th 2008, 14:13 |
markstory |
what doesn't work? |
| # |
Aug 9th 2008, 14:13 |
klaasjan |
i feel like i'm a newbie to php again but i can't get the framework to work for me |
| # |
Aug 9th 2008, 14:13 |
Martz |
Riddle me this.. |
| # |
Aug 9th 2008, 14:12 |
klaasjan |
all right |
| # |
Aug 9th 2008, 14:12 |
markstory |
only in riddle form. |
| # |
Aug 9th 2008, 14:12 |
Martz |
klaasjan: fire away |
| # |
Aug 9th 2008, 14:12 |
klaasjan |
Is it normal to aks your questions here?? |
| # |
Aug 9th 2008, 14:12 |
markstory |
helo |
| # |
Aug 9th 2008, 14:11 |
klaasjan |
Hello everyone |
| # |
Aug 9th 2008, 14:10 |
Matt1 |
markstory: perfect. thank you. |
| # |
Aug 9th 2008, 14:04 |
markstory |
Router::url('/'); |
| # |
Aug 9th 2008, 14:02 |
Matt1 |
FULL_BASE_URL . DS . Configure::read('App.dir') not gettting it all. |
| # |
Aug 9th 2008, 14:01 |
Matt1 |
How do i get the full current url in controller ? |
| # |
Aug 9th 2008, 13:58 |
markstory |
Anon323: the component include is good. |
| # |
Aug 9th 2008, 13:57 |
jaredhoyt |
Anon323: you can whitelist in save() |
| # |
Aug 9th 2008, 13:57 |
Anon323 |
in my function? |
| # |
Aug 9th 2008, 13:57 |
Anon323 |
$this->Security->disabledFields(array("foo", "bar")); |
| # |
Aug 9th 2008, 13:57 |
Anon323 |
in my controller and |
| # |
Aug 9th 2008, 13:57 |
Anon323 |
var $components = array("Security"); |
| # |
Aug 9th 2008, 13:57 |
Anon323 |
markstory: @security component: Means I have to add |
| # |
Aug 9th 2008, 13:56 |
Anon323 |
yes. i read about whitelisting. cleanUpFields() turned up as acceptable search result. |
| # |
Aug 9th 2008, 13:55 |
markstory |
are you refereing to controller::cleanUpFields? |
| # |
Aug 9th 2008, 13:54 |
markstory |
Anon323: security component stops form tampering. |
| # |
Aug 9th 2008, 13:54 |
Anon323 |
markstory: So form inputs I didn't specify will be discarded? (e.g. an attacker can't manually add an form input element which cake will automatically save?) |
| # |
Aug 9th 2008, 13:50 |
markstory |
its done automatically in Model::deconstruct |
| # |
Aug 9th 2008, 13:49 |
markstory |
cleanUpFields doesnt exist any more in 1.2 |
| # |
Aug 9th 2008, 13:47 |
Anon323 |
AD7six: Thanks for the security component / whitelist hint. how does cleanUpFields() work? how does it know what to clean up? |
| # |
Aug 9th 2008, 13:43 |
TonkaTruck |
In order for the prefix routing example in the book to be reverse route compatible, the wildcard needs to be set as ...:action/* Then, it works swimmingly. |
| # |
Aug 9th 2008, 13:41 |
infantigniter |
it's mind boggling |
| # |
Aug 9th 2008, 13:41 |
infantigniter |
another weird thing, the table that has the null fields -- it only has like 5 rows. but it's displaying like 20/30 empty records on my browse pages |
| # |
Aug 9th 2008, 13:40 |
markstory |
well then I dunno. |
| # |
Aug 9th 2008, 13:40 |
infantigniter |
markstory: i don't do any of those in any view. i use some requestAction, but that's all Select * stuff |
| # |
Aug 9th 2008, 13:37 |
markstory |
anything that could be considered a save() / saveField() |
| # |
Aug 9th 2008, 13:37 |
infantigniter |
markstory: what qualifies as modifying a model? like trying to update records, etc. from a view? |
| # |
Aug 9th 2008, 13:35 |
markstory |
google analyitics is client side. |
| # |
Aug 9th 2008, 13:34 |
markstory |
if you modify a model on a page that is a view action. and a 404 occurs a new record will get inserted. |
| # |
Aug 9th 2008, 13:34 |
infantigniter |
markstory: i'm using google analytics if that is relevant |
| # |
Aug 9th 2008, 13:34 |
markstory |
infantigniter: are you doing anything like tracking views on pages? |
| # |
Aug 9th 2008, 13:33 |
infantigniter |
anybody know how this could be happening? |