Sorry for the double post! My previous post seemed lost until after I posted this one!
On Wednesday, October 9, 2013 12:48:03 PM UTC-4, schenke...@gmail.com wrote: > > Greetings, > I am new to CakePHP. I've tested several other frameworks (Laravel, > CodeIgniter, Symfony, Yii, and even a clever little one called PHPixie). > My choice is to go with CakePHP for various reasons, but mostly because it > makes sense to me. > > I like everything I see about CakePHP, but I am wondering how experienced > Cake developers handle security. I know that this is a big topic and there > is no single answer, but what are the general steps you take to secure an > app in CakePHP? I am talking about an app where I will be accepting form > inputs from logged-in users. > > Here's what I understand so far: > 1. I really like the Cake Data Validation > class<http://book.cakephp.org/2.0/en/models/data-validation.html>. > This seems to allow very nice control of form inputs. > 2. I'm confused about the removal of the Data Sanitization > tool<http://book.cakephp.org/2.0/en/core-utility-libraries/sanitize.html>. > Was this done because there are better built-in methods for this, or is it > because the framework no longer handles sanitization? > > Can anyone please shed some light on general "good practices" on securing > CakePHP apps? > > Thank you! > > Matthew > -- Like Us on FaceBook https://www.facebook.com/CakePHP Find us on Twitter http://twitter.com/CakePHP --- You received this message because you are subscribed to the Google Groups "CakePHP" group. To unsubscribe from this group and stop receiving emails from it, send an email to cake-php+unsubscr...@googlegroups.com. To post to this group, send email to cake-php@googlegroups.com. Visit this group at http://groups.google.com/group/cake-php. For more options, visit https://groups.google.com/groups/opt_out.