Hi, I'm trying out the requireAuth functionality for the Security component. I use requirePost and requireAuth as stated in the Manual. But even cutting out the token key it always passes through even though it shouldn't, the request should be blackholed. After adding some debug()s in the SecurityComponent around line 165 I discovered im never entering the check. The reason is the !empty($controller- >params['form'] check on line 165. This key is empty using the cake 1.2 forms. All the data from the post is in the params['data]. The ['form'] never seems to get anything for me.
I'm obviously overlooking something or is the functionality broken in 1.2? my form code looks like this: <form action="/contact/sendanfrage" method="post" id="ContactAddForm"> <?php //echo $form->hidden('_Token/key') ?> <?php echo $form->input('Contact/name', array('label'=>'Name')) ?> <?php echo $form->input('Contact/vorname', array('label'=>'Vorname')) ?> <?php echo $form->input('Contact/email', array('label'=>'Email')) ?> <?php echo $form->submit('Abschicken');?> </form> I commented the tokenkey out for testing. I needed to manually put the token hidden field in, because I couldn't use the "normal" $form- >create() method of 1.2, because that is in turn broken for models without a db (as I posted here earlier today) Anyone any ideas of how to patch the problem or work around it? :jc --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Cake PHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~----------~----~----~----~------~----~------~--~---