No no...not giving them the ability to edit the form...install Firebug and anyone can edit a form...I am trying to prevent them from editing the form.
I can see the form and use firebug to see the vales in the form checkboxes...value = 1 =3 = so on..... I can change the values with Firebug to 599 799 899 or what ever ...so what I am doing is verify that if someone is being cleaver and changes the values to something that it could not possably be then it will not save anything and the logged in users account is supspended because the ony way the form would not save is if someone was messing with it and submited bad data.(the form is only checkboxes) -----Original Message----- From: Brendon Kozlowski [mailto:brendon...@hotmail.com] Sent: April-29-09 11:15 PM To: CakePHP Subject: Re: Compare Array - GOT IT! I don't believe this is necessary in the first place. Why are you giving someone the ability to edit the form that shouldn't be? That's the first issue I see. Secondly, why are you passing values to be saved if you don't want them overwritten? That's the 2nd issue. Thirdly, why are you even rendering them as form elements rather than simple text within a paragraph tag instead? That'd be the third issue I see. Although you are accomplishing what you want to do, I don't believe you should be trying to do it in the first place as a more elegant (albeit possibly more difficult to grasp?) solution is available. On Apr 29, 4:52 pm, "Dave Maharaj :: WidePixels.com" <d...@widepixels.com> wrote: > I figured it out. > > //list of possible keys > $keys = > $this->User->$model_name->find('list', array('fields' => 'id', 'order' > => 'id ASC')); > debug($keys); > > $submitted = > $this->data[$model_name][$model_name]; > > debug($this->data[$model_name][$model_name]); > > $results = array_diff($submitted, > $keys); > debug($results); > > So if a "evil" user tries to change the value in a form and submits, > the value is checked against possible values in the databsae....if not > found we know someone was doing something they should not have been doing. > > I am using this for a form that only has checkboxes so it works for me. > > Any flaws? > > Thanks, > > Dave > > -----Original Message----- > From: Dave Maharaj :: WidePixels.com [mailto:d...@widepixels.com] > Sent: April-29-09 6:14 PM > To: cake-php@googlegroups.com > Subject: re: Compare Array > > I am trying to do the same type thing with comparing an array. I am > using this for a security set up so a user can not change values of a > form so I get the list of possible keys > > //list of possible keys > $keys = $this->User->$model_name->find('list', array('fields' => > 'id', 'order' => 'id ASC')); > debug($keys); > > Array > ( > [1] => 1 > [2] => 2 > [3] => 3 > [4] => 4 > [5] => 5 > [6] => 6 > ) > > // values submitted by user > $submitted = $this->data[$model_name][$model_name]; > debug($this->data[$model_name][$model_name]); > > Array > ( > [0] => 3 > [1] => 5 > [2] => 6 > [3] => 1 > ) > > //how to compare vales against submitted values? > $results = array_udiff_assoc($keys, array($submitted)); > debug($results); > > But i need to compare the keys with the submitted data and that where > i am stuck. I need to check that the submitted values have a match > with the possible values in the database. > > Can someone point out my error or suggestions? > > Thanks, > > Dave --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~----------~----~----~----~------~----~------~--~---
