@ Miles J: How does your AJAX Request look like, did you do any
adjustments till it worked?
@captain_geek: I don't use ACL!
@Brendon Kozlowski: Thats seems to be a big security-issue, cause my
app admin panel should be completly with ajax....
thx
Aurelius
On 4 Apr., 20:54, Brendon Kozlowski <brendon...@hotmail.com> wrote:
> I haven't tried this out yet, but I will soon have to be implementing
> something like this. I don't know for certain if the Session
> information is being sent along with the AJAX request - and if it's
> not, we need to make an exception in the controller for Auth to
> behave.
>
> Using the RequestHandler's isAjax() method, along with the Auth allow
> () might be a nice direction. Will it open some possible security
> issues? Yes. In this case it's the user experience over
> security...assuming my theoretical solution is in fact the only
> solution. (But from what Miles has done, it sounds like it might not
> be.)
>
> On Apr 4, 12:13 pm, captain_geek <landon.brads...@gmail.com> wrote:
>
> > You might want to check your aros_acos table to make sure the Group/
> > User has rights to the controller action ... otherwise the Auth
> > component will throw you at the login screen ...
>
> > step 1: select * from acos where parent_id=(select id from acos where
> > alias='Blogs');
> > step 2: find the id of the row matching 'index'
> > step 3: select * from aros_acos where aco_id=#;
> > if you don't have any rows returned then you'll need to
> > insert the values manually
>
> > insert into aros_acos values('',[user/group id from aros table],[id
> > from acos (step 2)],1,1,1,1);
>
> > On Apr 4, 3:55 am, Aurelius <aurel...@temporaryinbox.com> wrote:
>
> > > No, that does the RequesHandler with ther Parse Extention .json
> > > That can't be the Problem, after a second login in the other
> > > Controller
> > > the Content is delivered right!
>
> > > thx
> > > Aurelius
>
> > > On 4 Apr., 03:47, Alfredo Quiroga-Villamil <laww...@gmail.com> wrote:
>
> > > > How are you defining you layout for the methods?
>
> > > > Do you have ?
>
> > > > $this->layout = 'ajax';
>
> > > > Regards,
>
> > > > Alfredo
>
> > > > On Fri, Apr 3, 2009 at 8:30 PM, Aurelius <aurel...@temporaryinbox.com>
> > > > wrote:
>
> > > > > I already tried making the Blogs/edit/ Output static (in the edit.ctp-
> > > > > file is only "I'm working"), the BlogsController Method is as well
> > > > > empty, but still there's nothing coming from the Server other than an
> > > > > empty Document with an working header and StatusCode 200. When opening
> > > > > that link in the brwoser I get redirected to a login form :-/
> > > > > The AJAX url looks like that:
> > > > >http://myhost.com/Blogs/edit/Content.json?_dc=1238803628586&languages...
>
> > > > > I've the same problem with another Controller which gets called
> > > > > through AJAX, so it can't be because of an endless loop or something
> > > > > like that ...
>
> > > > > Any more Ideas?
>
> > > > > thx
> > > > > Aurelius
>
> > > > > On 3 Apr., 22:40, Miles J <mileswjohn...@gmail.com> wrote:
> > > > >> Im doing the same thing but have not run into this problem. A few
> > > > >> questions:
>
> > > > >> 1 - Are the controllers in the same folder, or different apps?
>
> > > > >> 2 - Are you calling parent::beforeFilter() in both controllers?
>
> > > > >> 3 - What lever is your security setting at? Try medium.
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"CakePHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to
cake-php+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/cake-php?hl=en
-~----------~----~----~----~------~----~------~--~---
