Ah, okay I understand what you mean now. It looks like you're doing this in the model; am I correct on that? It should probably be set as a custom validation for the particular field(s) you are concerned about. Since you didn't paste all of your code (you don't need to) I'll just hope that's what you're doing. :) If not, you can find that information in the cookbook: http://book.cakephp.org/view/150/Custom-Validation-Rules
If you're not already, you may also want to use the Security Component. On Apr 29, 10:11 pm, "Dave Maharaj :: WidePixels.com" <d...@widepixels.com> wrote: > No no...not giving them the ability to edit the form...install Firebug and > anyone can edit a form...I am trying to prevent them from editing the form. > > I can see the form and use firebug to see the vales in the form > checkboxes...value = 1 =3 = so on..... I can change the values with Firebug > to 599 799 899 or what ever ...so what I am doing is verify that if someone > is being cleaver and changes the values to something that it could not > possably be then it will not save anything and the logged in users account > is supspended because the ony way the form would not save is if someone was > messing with it and submited bad data.(the form is only checkboxes) > > > > -----Original Message----- > From: Brendon Kozlowski [mailto:brendon...@hotmail.com] > Sent: April-29-09 11:15 PM > To: CakePHP > Subject: Re: Compare Array - GOT IT! > > I don't believe this is necessary in the first place. Why are you giving > someone the ability to edit the form that shouldn't be? That's the first > issue I see. Secondly, why are you passing values to be saved if you don't > want them overwritten? That's the 2nd issue. > Thirdly, why are you even rendering them as form elements rather than simple > text within a paragraph tag instead? That'd be the third issue I see. > > Although you are accomplishing what you want to do, I don't believe you > should be trying to do it in the first place as a more elegant (albeit > possibly more difficult to grasp?) solution is available. > > On Apr 29, 4:52 pm, "Dave Maharaj :: WidePixels.com" > <d...@widepixels.com> wrote: > > I figured it out. > > > //list of possible keys > > $keys = > > $this->User->$model_name->find('list', array('fields' => 'id', 'order' > > => 'id ASC')); > > debug($keys); > > > $submitted = > > $this->data[$model_name][$model_name]; > > > debug($this->data[$model_name][$model_name]); > > > $results = array_diff($submitted, > > $keys); > > debug($results); > > > So if a "evil" user tries to change the value in a form and submits, > > the value is checked against possible values in the databsae....if not > > found we know someone was doing something they should not have been doing. > > > I am using this for a form that only has checkboxes so it works for me. > > > Any flaws? > > > Thanks, > > > Dave > > > -----Original Message----- > > From: Dave Maharaj :: WidePixels.com [mailto:d...@widepixels.com] > > Sent: April-29-09 6:14 PM > > To: cake-php@googlegroups.com > > Subject: re: Compare Array > > > I am trying to do the same type thing with comparing an array. I am > > using this for a security set up so a user can not change values of a > > form so I get the list of possible keys > > > //list of possible keys > > $keys = $this->User->$model_name->find('list', array('fields' => > > 'id', 'order' => 'id ASC')); > > debug($keys); > > > Array > > ( > > [1] => 1 > > [2] => 2 > > [3] => 3 > > [4] => 4 > > [5] => 5 > > [6] => 6 > > ) > > > // values submitted by user > > $submitted = $this->data[$model_name][$model_name]; > > debug($this->data[$model_name][$model_name]); > > > Array > > ( > > [0] => 3 > > [1] => 5 > > [2] => 6 > > [3] => 1 > > ) > > > //how to compare vales against submitted values? > > $results = array_udiff_assoc($keys, array($submitted)); > > debug($results); > > > But i need to compare the keys with the submitted data and that where > > i am stuck. I need to check that the submitted values have a match > > with the possible values in the database. > > > Can someone point out my error or suggestions? > > > Thanks, > > > Dave- Hide quoted text - > > - Show quoted text - --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~----------~----~----~----~------~----~------~--~---
