Re: sanitize and redirect

Fri, 12 Feb 2010 00:17:52 -0800 

Thanks. If I get the principle right, there are two moments where
sanitizing must take place:
- before sending parameters in custom queries
- before output in the views with h()

,n
Le Jeu 11 février 2010 19:48, anl hp a écrit :
> Not you don't ... because you should not worry about that, if an id is
> invalid and you want handle the situation elegant, you could do something
> like this:
> if (!is_numeric($id)) {
>       $this->setFlash('ooopss, dont do that!');
>       $this->redirect();
> }
>
>
> anl
>
>
> On Thu, Feb 11, 2010 at 7:05 PM, Nicolas Maleve
> <nico...@constantvzw.com>wrote:
>
>> Hello,
>>
>> Just a doubt. It looks like Cake takes care of sanitizing data in save
>> and
>> find, ie. Do I need to sanitize $id when using
>> $this->redirect(array('action'=>'edit','id'=>$id)); Or is there some
>> cleaning happening inside redirect?
>>
>> Thanks
>>
>> nicolas
>>
>>
>>         *
>>    *
>>  *
>>  *
>>   *
>>     *
>>       *
>>          *
>>              *
>>                  C O N S T A N T
>>                       V Z W
>>
>>
>>
>>
>> Check out the new CakePHP Questions site http://cakeqs.org and help
>> others
>> with their CakePHP related questions.
>>
>> You received this message because you are subscribed to the Google
>> Groups
>> "CakePHP" group.
>> To post to this group, send email to cake-php@googlegroups.com
>> To unsubscribe from this group, send email to
>> cake-php+unsubscr...@googlegroups.com<cake-php%2bunsubscr...@googlegroups.com>For
>> more options, visit this group at
>> http://groups.google.com/group/cake-php?hl=en
>>
>
> Check out the new CakePHP Questions site http://cakeqs.org and help others
> with their CakePHP related questions.
>
> You received this message because you are subscribed to the Google Groups
> "CakePHP" group.
> To post to this group, send email to cake-php@googlegroups.com
> To unsubscribe from this group, send email to
> cake-php+unsubscr...@googlegroups.com For more options, visit this group
> at http://groups.google.com/group/cake-php?hl=en
>


         *
    *
  *
  *
   *
     *
       *
          *
              *
                  C O N S T A N T
                       V Z W




Check out the new CakePHP Questions site http://cakeqs.org and help others with 
their CakePHP related questions.

You received this message because you are subscribed to the Google Groups 
"CakePHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to
cake-php+unsubscr...@googlegroups.com For more options, visit this group at 
http://groups.google.com/group/cake-php?hl=en

Reply via email to