why would you even bother trying to find that out? as long as you use h() you dont need to worry about those users they cant do anything
if you still want to find that out you would need to check the post data match them against "known" hazard-strings but this is time-consuming and very hard to check on anyway so if i was you i'd drop this idea On 4 Jan., 19:16, "Dave" <make.cake.b...@gmail.com> wrote: > I have asked various questions about data sanitization and I came across > teknoids blog post about the same subject > > read it here:http://teknoid.wordpress.com/2009/08/06/save-now-sanitize-later/ > > I did get the same answer from fellow bakers "no need to sanitize, use h() > and see users trying to do stuff they should not be doing". > > My only question is how do you track users who are attempting to add scripts > or what not? If you have a site with say 2000 users making changes everyday > how do you possibly monitor each edit? How do you find these users other > than going thru everything daily / hourly? Just wondering how would you find > such a user easily in endless list of possible users? > > Thanks, > > Dave Check out the new CakePHP Questions site http://cakeqs.org and help others with their CakePHP related questions. You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en
