On Tue, Nov 17, 2009 at 7:07 PM, Dave <make.cake.b...@gmail.com> wrote: > I have asked a few questions about data sanitization and got different > responses. > Some people say just don't sanitize and use echo h() other say always > sanitize. > Books say never trust what the user enters so always clean data before > saving.
I think you said all. Never trust data from the user. I vote for always sanitize. You never know when you'll face a "Bobby Tables" user. http://xkcd.com/327/ Best regards. -- MARCELO DE F. ANDRADE Belem, PA, Amazonia, Brazil Linux User #221105 -- You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-...@googlegroups.com. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/cake-php?hl=.