On 2 dic, 17:27, "j0n4s.h4rtm...@googlemail.com" <j0n4s.h4rtm...@googlemail.com> wrote: > A mostly working solution[1][2], that you can see > here:http://github.com/ionas/sna/blob/master/www/app/app_controller.php#L11http://github.com/ionas/sna/blob/master/www/app/app_error.phphttp://github.com/ionas/sna/blob/master/www/app/views/errors/possible...http://github.com/ionas/sna/blob/master/www/app/controllers/messages_...http://github.com/ionas/sna/blob/master/www/app/views/messages/send.ctphttp://github.com/ionas/sna/blob/master/www/app/views/helpers/secure.php > > It is based on Teknoids great information at his blog[3][4], combined > with a helper that triggers a javascript::confirm(), doubleposts are > essentially not possible due to SecurityComponent. If you really > require an js-free confirmation, why not add a checkbox to that helper > that you have to check before clicking (check if it was clicked in the > helper and before that onSubmit via javascript) > > [1]http://code.cakephp.org/tickets/view/377 > [2]http://code.cakephp.org/tickets/view/354 > [3]http://teknoid.wordpress.com/2008/11/05/make-your-cakephp-forms-a-lot... > [4]http://teknoid.wordpress.com/2008/11/06/clearing-up-some-confusion-re... >
That's ... a lot of code. You also have to remember/know in the view if you should or should not use your helper. FWIW I prefer for things to be a lot more transparent that that. Here's an example: http://dl.dropbox.com/u/1027790/csrf-protect-confirm.png That's using ajax - but it doesn't have to be (it's not a requirment or inherant to the technique/solution). The 'magic' is here: http://code.assembla.com/mi/subversion/nodes/branches/mi_plugin/views/helpers/mi_html.php#ln170 There's no 'magic' here: http://code.assembla.com/mi/subversion/nodes/branches/blog/views/entries/admin_index.ctp#ln21 Anyway, good for the topic to be discussed. AD Check out the new CakePHP Questions site http://cakeqs.org and help others with their CakePHP related questions. You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en
