> > On 14 Dez., 16:01, euromark <[email protected]> wrote: >> you can GUESS - if you actually need to ask you will most certainly >> always get "IE6"^^ >> and in this case as well >> >> and yes, unfortunately it is still widely used (mainly cooperations >> and unskilled home users)
IE6! No, that's still on my still-care-about list. I'll have to test for this problem there and see it for myself. On Dec 14, 2010, at 09:05, euromark wrote: > and you shouldnt use those templates for productive websites where > users can input data or anything else for that matter > you should escape plain text with h() > > <?php echo h($category['Category']['id']); ?> Oh I know, I read your article. But I wanted to just ask one question at a time. :) But that was going to be another question later: why aren't the baked files better suited for real-world use? As a newcomer to CakePHP, I assumed CakePHP would make the best default choices and give me something that works that I just need to modify a little, but having to go through and h() everything in every view, and having to implement 404 errors in every controller, is tiresome and repetitive and exactly the kind of thing I would have expected a framework to do for me. I'm an experienced PHP programmer so I can see that these things steps are missing and need to be done, but I fear many less-experienced PHP programmers will take CakePHP at its word and put its baked files into production use. So, what's the deal with that? Have you reported your observations from your article to the CakePHP developers, and what have they said in response? Check out the new CakePHP Questions site http://cakeqs.org and help others with their CakePHP related questions. You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en
