Hi everyone!
As I read documentation Cake automatically clean user input and we can
use save() and find() with aprameters without any worries.
But, what if we need to use sometning like this
$this->MyController->query("UPDATE photos SET profile_pic='1', status
= 'public' WHERE id=".$id." AND profile_id=".$this->Session-
>read('Profile.id'));
where $id is taking from $this->data...
Do we need to call saitize->clean() or mysql_real_escape_string() each
time to clean param, or someone knew correct way to use this globally.
Thanks
Check out the new CakePHP Questions site http://cakeqs.org and help others with
their CakePHP related questions.
You received this message because you are subscribed to the Google Groups
"CakePHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to
cake-php+unsubscr...@googlegroups.com For more options, visit this group at
http://groups.google.com/group/cake-php?hl=en
To unsubscribe, reply using "remove me" as the subject.
