Assuming you have reasonable security in your database (strong
passwords with normal expiration periods, hard to guess user names,
updated db software), I don't know why you'd care about this.
Would it *really* be a big problem if you were forced to publish your
data model on your website? What does this do for someone who has no
ability to access the database?
Wayne
On 10/9/07, Comida411 <[EMAIL PROTECTED]> wrote:
>
> I am a new bee to cake PHP and I have a concern on the way cake expses
> the data model of the application in the view.Since we have to follow
> a naming convention for cake to update the model automatically from
> the view. I see there is a risk of exposing once's data model.
>
> Example:
> I have a user table "users" with fields 1) email_address 2)
> password
>
> On my view when I use cake sysntax like below
> <?php echo $html->input('User/email_address', array('size' => '40'))?
> >
>
>
> When the page is rendered if some one does a view source he can
> clearly see the table name and the coloum name.
>
> Is it not a security risk?
>
> thank you for your response..
> Sincerely
> Comida411
>
>
> >
>
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "Cake
PHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/cake-php?hl=en
-~----------~----~----~----~------~----~------~--~---
