Hi,
I'm trying out the requireAuth functionality for the Security
component. I use requirePost and requireAuth as stated in the Manual.
But even cutting out the token key it always passes through even
though it shouldn't, the request should be blackholed. After adding
some debug()s in the SecurityComponent around line 165 I discovered im
never entering the check. The reason is the !empty($controller-
>params['form'] check on line 165. This key is empty using the cake
1.2 forms. All the data from the post is in the params['data]. The
['form'] never seems to get anything for me.
I'm obviously overlooking something or is the functionality broken in
1.2?
my form code looks like this:
<form action="/contact/sendanfrage" method="post"
id="ContactAddForm">
<?php //echo $form->hidden('_Token/key') ?>
<?php echo $form->input('Contact/name', array('label'=>'Name')) ?>
<?php echo $form->input('Contact/vorname',
array('label'=>'Vorname')) ?>
<?php echo $form->input('Contact/email', array('label'=>'Email')) ?>
<?php echo $form->submit('Abschicken');?>
</form>
I commented the tokenkey out for testing. I needed to manually put the
token hidden field in, because I couldn't use the "normal" $form-
>create() method of 1.2, because that is in turn broken for models
without a db (as I posted here earlier today)
Anyone any ideas of how to patch the problem or work around it?
:jc
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "Cake
PHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/cake-php?hl=en
-~----------~----~----~----~------~----~------~--~---
