Thomas,
It is a VERY bad idea to accept data via GET that you are going to
write into your database. Please do not do it, you should only accept
POST data and as such your function should go back to the standard:
if(!empty($this->data)) {
} else {
}
CakePHP has built in security and takes anything submitted via POST
and transfers it into $this->data for you so the above code
essentially says "only save data if submitted by a form". If you use
the form helper it creates the data array in exactly the right format
so you can simply call $this->Model->save(); Ideally you should also
enable the security component which will insert a token into your
forms too ensure your forms are being submitted from your site and not
being tampered with before submission.
The main thing to learn is, if you are going to use CakePHP, stick to
it's conventions. Those conventions were created by a bunch of very
clever people, as soon as you try doing things differently you are
making your life sooo much harder and most probably weakening various
aspects of your application.
HTH, Paul
@phpMagpie
On Sep 3, 4:01 pm, Thomas <thomas...@gmail.com> wrote:
> I found that just created a post when I clicked "Add" without giving a
> screen to create it. :(
--
Our newest site for the community: CakePHP Video Tutorials
http://tv.cakephp.org
Check out the new CakePHP Questions site http://ask.cakephp.org and help others
with their CakePHP related questions.
To unsubscribe from this group, send email to
cake-php+unsubscr...@googlegroups.com For more options, visit this group at
http://groups.google.com/group/cake-php
