Thank you very much, you are most kind ! All the best, Milos
On Sep 9, 4:54 pm, Thomas Ploch <profipl...@googlemail.com> wrote: > 1.) The Auth component is safe. It uses a salted SHA1 encrypted pw by > default. It auto-escapes the fields already, so you don't have to bother > with it. Just use SSL to encrypt the connection to sensitive parts of > the application to be on the (very) safe side. > > 2.) Well, if you use the Apache web server, and you configured it > correctly to write the access.log file, you got everything you need > there. (Other web servers have this feature too) > > Kind regards > Thomas > > Am 09.09.2011 16:44, schrieb Miloš Vučinić: > > > > > > > > > Hi, > > I have two questions and I hope someone can help me.. > > > I am making application which needs to be relatively safe. So here are > > questions I have for you: > > > 1. I am using auth component from cakephp , but I cannot escape the > > login fields because login component works for itself and I cannot > > edit it's code.. I am wondering is it sql injection safe and are there > > any possible problems with it regarding security ? > > > 2. I need to log every http request made to my website (so that if > > someone tries to hack the web site that I have info about his IP > > address and what exactly they tried to do). I need exact link which > > was typed and ip address of a computer which made the request. A whole > > http request would be nice but at least these two. Is there any way to > > do this (like a pre build component), or where in my source code > > should I place the code for this .. ? > > > Thank you , > > all the best > > > Milos -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php