I have just been messing around with my app and changing values in Ajax
links with Firebug to see what happens...sure enough I can be logged in as
user 1 and thru an Ajax form delete a post by User 2. Been reading about the
Security Component but seems from what I have found is that it does not work
with AJAX requests. Is this true? What is the best way to secure an app by
preventing people from using Firebug to edit the code and submit/edit/delete
info?
I have general if this Auth User('id') = $this type setup for users/owners
and so on but how can you prevent the data in forms from being manipulated?
Thanks,
Dave
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"CakePHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to
cake-php+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/cake-php?hl=en
-~----------~----~----~----~------~----~------~--~---
