On Jun 18, 12:19 pm, Ketan Patel <[EMAIL PROTECTED]> wrote: > I perfectly agree that the Security Component is doing its job and I > do understand what requirePost and requireAuth purpose is for.
Again, I really don't think you do. : / > However, in case like users registration page, you would want to have > requireAuth and requirePost only after the form is submitted not prior > to form submission. My request for enhancement was from this > perspective. Exactly. In this case you'd only use requireAuth, since the requireAuth check only happens on POST requests. Also, in your case, requirePost is by definition irrelevant, since you allow both GET and POST requests to the same action. > On Jun 18, 12:09 am, nate <[EMAIL PROTECTED]> wrote: > > > I responded to your ticket:https://trac.cakephp.org/ticket/2783 > > > On Jun 17, 10:15 pm, Ketan Patel <[EMAIL PROTECTED]> wrote: > > > > I have made a request for enhancements to Security Component > > > athttps://trac.cakephp.org/ticket/2783... The details are below and I > > > would like some open discussion on this enhancements from bakers. > > > > Ticket Details: > > > > With security component, if one ever wants to use requirePost and > > > requireAuth, then its implementation is not quite straight forward and > > > requires bit of code change to make it work. > > > > Say for an action 'register' in controller 'Users', I want to use > > > requireAuth and requirePost. Based on current implementation, I have > > > to make a post request to the 'register' action for a user to view > > > that page. This involves change and is a bit painful to implement. In > > > reality, one would never want to check whether the request is Post or > > > Get for initial view. It is only important when the form is submitted > > > to that action. Same goes with requireAuth. > > > > What I would really like to see is that, the initial visit to the > > > 'register' action should not check for the requirePost or requireAuth > > > but only check when the form is submitted. > > > > I have modified the code so that it checks if there is any > > > '$controller->data' then the requirePost and requireAuth is checked, > > > otherwise it is by-passed. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Cake PHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~----------~----~----~----~------~----~------~--~---
