Re: Delete confirm

2009-12-07 Thread Jeremy Burns 
I now have this working just as I wanted it. See here:
http://www.jeremy-burns.co.uk/2009/12/cakephp-adding-a-delete-confirm-function/

On Dec 1, 10:07 am, jburns  wrote:
> Thanks for the reply. I guess it is a tad unreasonable to expect two
> year old code to 'just work'! I just like stuff out of the box :-)
>
> I'll follow your suggestions and then rather than slavishly try and
> make this function I'll branch off my own way until I get something
> working. I'll post back my solution here.
>
> On Dec 1, 9:34 am, AD7six  wrote:
>
>
>
> > On 27 nov, 12:28, jburns  wrote:
>
> > > @AD7Six
>
> > > Apologies, but I am still struggling with this. I have deployed your
> > > code as is, with the following changes:
>
> > > I have removed this line:
> > > if (isset($this->params[CAKE_ADMIN]) && !$this->RequestHandler->isAjax
> > > ()) {
> > >             $this->layout = 'admin';
> > >         }
> > > ...because it errors and is not relevant to me.
>
> > > Same with this line:
> > > if ($this->javascripts) {
> > >             $this->set('javascripts', $this->javascripts);
> > >         }
>
> > > I am not using admin routing, so have changed references to
> > > admin_delete todelete.
>
> > > This line errors:
> > > $this->Security->__generateToken($this);
> > > ...but works if I change the double underscore to a single underscore.
>
> > > I have created the _generic folder and put the confirm_action view in
> > > it.
>
> > > I *think* I understand what is going on in the code. It picks up that
> > > I am calling thedeleteaction via a link (and therefore a GET). As
> > > 'delete' is in the $postActions array, I am directed to the
> > > _confirmAction function. This renders the confirm_action view, which
> > > contains a form that calls thedeleteaction via a POST. When I submit
> > > the form it ought to come back into app_controller and pass through to
> > > thedeleteaction. However, I am still being directed back to the
> > > confirm_action view.
>
> > > Stumped. I notice that it is calling Security->_generateToken. Should
> > > this be being picked up anywhere else? If not, what is its purpose?
>
> > > I appreciate your help. This is gnawing away at me and I can't work it
> > > through.
>
> > > Thanks.
>
> > Without seeing your exact code I|other people can't help much.
>
> > Yes, the core changed a little in the past 2 years, as did a few other
> > things. e.g. I personally don't use a _generic folder anymore since
> > you can just do $this->render('/elements/this_one'); - as can be seen
> > in the repo solution I linked to.
>
> > If you're being redirected to confirm_action in a loop the form token
> > that's generated 'manually' (see the form helper create function if
> > you want to see what else uses it) doesn't match what the security
> > component is expecting. Except for the period of time when I was
> > originally writing this technique - I haven't seen that happen. You'd
> > need to debug and find out why.
>
> > hth,
>
> > AD

Check out the new CakePHP Questions site http://cakeqs.org and help others with 
their CakePHP related questions.

You received this message because you are subscribed to the Google Groups 
"CakePHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to
cake-php+unsubscr...@googlegroups.com For more options, visit this group at 
http://groups.google.com/group/cake-php?hl=en

Re: Delete confirm

2009-12-04 Thread AD7six 
Martin,

I don't have a specific technique, however I use this generic
technique all the time:

function something() { debug(func_get_args()); debug(Debugger::trace
(); die; }

or the log version

function something($one, $two, $three) { $this->log(func_get_args());
$this->log(Debugger::trace(); return parent::something($one, $two,
$three); }

in your case "somethign" would be your blackhole callback, and it'd
probably point to which of the Security component's calls to it are
causing you grief. Usually IME problems with the security component
boil down to having a stale form token, or js/something manipulating
the form structure thus invalidating the form token.



On 3 dic, 15:33, Jeremy Burns  wrote:
> I thought it might be about time to jot down how I am implementing
> this (based around AD7Six's code). I have got it working *pretty much*
> as I want it, but still have a few questions. I never thought this
> would be so tough! I readily acknowledge that I am stumbling in the
> dark here at times.
>
> First, I have amended my app_controller, adding:
>
> $this->Security->blackHoleCallback = '_confirmAction';
> $this->Security->requirePost('delete');
>
> I am only really interested in trapping deletes at present, but can
> soon resort to an array of actions later if needed. This stops a
> delete request processing if it does not come from a POST. It's ideal
> for me as the delete instruction comes from a link (and hence a GET).
>
> Then I have my _confirmAction function:
>
> function _confirmAction ($reason = null) {
>         if ($reason == 'post') {
>                 $this->Security->_generateToken($this);
>                 $this->redirect(array('action' => 'deleteConfirm', 
> $this->params
> ['pass'][0]));
>         }
>         $code = 404;
>         if ($reason == 'login') {
>                 $code = 401;
>         } else {
>                 $this->Session->setFlash('Access Denied');
>         }
>         $this->redirect(null, $code, true);
>
> }
>
> This is called when a delete is attempted by anything other than a
> POST. For my part, it safely redirects the user to the "deleteConfirm"
> action. $this->params['pass'][0] refers back to $id passed in by the
> delete link, and therefore contains the id of the record that is going
> to be deleted.
>
> Then I have my deleteConfirm action (it's in my app_controller so that
> I don't have to propagate it throughout all of my controllers):
>
> function deleteConfirm($id) {
>         $this->redirect(array('action' => 'view', $id, 'delete'));
>
> }
>
> You'll notice that I am redirecting the user to the view screen. I am
> doing this because I want to present details of the record they are
> going to delete rather than a reasonably anonymous screen. I am adding
> an unnamed parameter - 'delete'. I'll explain that a bit more in a
> second.
>
> Here's where I stumble upon my first issue. I'd love to set a variable
> called 'mode' to indicate what I am going to do in my 'view'. I have
> tried $this-set('mode', 'delete'), but it seems to be cleared after
> the redirect. Is this correct, or am I doing something wrong?
>
> Back in my controller, I have amended my view function:
>
> function view($id = null, $mode=null) {
>         $this->set('mode', empty($this->params['pass'][1]) ? 'view' : 
> $this->params['pass'][1]);
>
>         ...
>
> Here I am inspecting the second passed parameter ($id first, then
> $mode). If it is empty I am doing a straightforward view. Therefore,
> the view renders without any reference to deleting. If, on the other
> hand, $mode is not empty, I am doing something else. The only other
> alternative at the moment is 'delete', so let's assume that's what's
> happening. The view renders, but with some changes to reflect the fact
> that I am deleting. This includes a health warning and a form to
> perform the actual delete via a POST:
>
> if ($mode == 'delete'):
>         echo $this->Html->tag('p', 'WARNING! You are about to delete the
> following ' . $type . '. If you proceed, this delete cannot be
> reversed.', array('class' => 'flashWarning'));
>         echo $this->Form->create(null, array('url' => array('action' =>
> 'delete', $id)));
>         echo $this->Form->input ($referer, array('type'  =>  'hidden',
> 'value' => $referer));
>         echo '';
>                 echo $this->Html->tag('li', $this->Form->submit ('Yes - 
> delete',
> array('div' => false)));
>                 echo $this->Html->tag('li', $this->Html->link ('No - cancel', 
> array
> ('controller' => $referer)));
>         echo '';
>         echo $this->Form->end();
> endif;
>
> I've also added a 'cancel' link that returns the user to where they
> came from using $this->referer(). The action on the form is 'delete'.
> As it comes from a POST the security component does not block it. So
> the delete action in app_controller triggers (again, only have it in
> app_controller as it is very standard):
>
> function delete($id) {
>         if ($this->{$this->modelClass}->del($

Re: Delete confirm

2009-12-03 Thread Jeremy Burns 
I thought it might be about time to jot down how I am implementing
this (based around AD7Six's code). I have got it working *pretty much*
as I want it, but still have a few questions. I never thought this
would be so tough! I readily acknowledge that I am stumbling in the
dark here at times.

First, I have amended my app_controller, adding:

$this->Security->blackHoleCallback = '_confirmAction';
$this->Security->requirePost('delete');

I am only really interested in trapping deletes at present, but can
soon resort to an array of actions later if needed. This stops a
delete request processing if it does not come from a POST. It's ideal
for me as the delete instruction comes from a link (and hence a GET).

Then I have my _confirmAction function:

function _confirmAction ($reason = null) {
if ($reason == 'post') {
$this->Security->_generateToken($this);
$this->redirect(array('action' => 'deleteConfirm', $this->params
['pass'][0]));
}
$code = 404;
if ($reason == 'login') {
$code = 401;
} else {
$this->Session->setFlash('Access Denied');
}
$this->redirect(null, $code, true);
}

This is called when a delete is attempted by anything other than a
POST. For my part, it safely redirects the user to the "deleteConfirm"
action. $this->params['pass'][0] refers back to $id passed in by the
delete link, and therefore contains the id of the record that is going
to be deleted.

Then I have my deleteConfirm action (it's in my app_controller so that
I don't have to propagate it throughout all of my controllers):

function deleteConfirm($id) {
$this->redirect(array('action' => 'view', $id, 'delete'));
}

You'll notice that I am redirecting the user to the view screen. I am
doing this because I want to present details of the record they are
going to delete rather than a reasonably anonymous screen. I am adding
an unnamed parameter - 'delete'. I'll explain that a bit more in a
second.

Here's where I stumble upon my first issue. I'd love to set a variable
called 'mode' to indicate what I am going to do in my 'view'. I have
tried $this-set('mode', 'delete'), but it seems to be cleared after
the redirect. Is this correct, or am I doing something wrong?

Back in my controller, I have amended my view function:

function view($id = null, $mode=null) {
$this->set('mode', empty($this->params['pass'][1]) ? 'view' : $this-
>params['pass'][1]);
...

Here I am inspecting the second passed parameter ($id first, then
$mode). If it is empty I am doing a straightforward view. Therefore,
the view renders without any reference to deleting. If, on the other
hand, $mode is not empty, I am doing something else. The only other
alternative at the moment is 'delete', so let's assume that's what's
happening. The view renders, but with some changes to reflect the fact
that I am deleting. This includes a health warning and a form to
perform the actual delete via a POST:

if ($mode == 'delete'):
echo $this->Html->tag('p', 'WARNING! You are about to delete the
following ' . $type . '. If you proceed, this delete cannot be
reversed.', array('class' => 'flashWarning'));
echo $this->Form->create(null, array('url' => array('action' =>
'delete', $id)));
echo $this->Form->input ($referer, array('type'  =>  'hidden',
'value' => $referer));
echo '';
echo $this->Html->tag('li', $this->Form->submit ('Yes - delete',
array('div' => false)));
echo $this->Html->tag('li', $this->Html->link ('No - cancel', 
array
('controller' => $referer)));
echo '';
echo $this->Form->end();
endif;

I've also added a 'cancel' link that returns the user to where they
came from using $this->referer(). The action on the form is 'delete'.
As it comes from a POST the security component does not block it. So
the delete action in app_controller triggers (again, only have it in
app_controller as it is very standard):

function delete($id) {
if ($this->{$this->modelClass}->del($id)) {
$this->Session->setFlash(__('The record was deleted.', true), 
true,
array('class' => 'flashSuccess'));
$this->set('mode', 'view');
$this->redirect(array('action' => 'index'), null, true);
}
...

Here is where I run into my next couple of problems.

First, again I'd like to set $mode back to 'view', so that my next
function knows that it is not doing a delete. The redirect *appears*
to reset it, so it's an unrecognised variable.

Second, I can use $this->referer() to send the user back to somewhere
meaningful (rather than just the index), but (i) if it is a view
screen the deleted record isn't there so it's meaningless and (Ii) it
still has the second parameter ('delete'). I *can* handle both of
these in the view, but it isn't very elegant.

It's been a long post! To sum up, this is sort of working but it is a
bit clunky. I

Re: Delete confirm

2009-12-03 Thread Martin Westin 
Really interesting thread guys.

I often resort to just disabling SecurityComponent (I know) when I run
into the "black hole of death" a few times and can't figure out why.
Is there a good way to "debug" SecurityComponent problems so that
dealing with specific issues on some forms can be less hit and miss?

For example, I'd like a log or output or something telling me exactly
why my post was denied. Was it because jQuery did the submission?
Because a field doesn't have a corresponding Model? Because...  things
like that.

I don't intend to hijack the thread but since you both (ionas and AD)
seem to have done a fair bit of work on these things I imagine you
have some technique you might be willing to share.

/Martin


On Dec 3, 1:40 pm, AD7six  wrote:
> On 2 dic, 17:27, "j0n4s.h4rtm...@googlemail.com"
>
>  wrote:
> > A mostly working solution[1][2], that you can see 
> > here:http://github.com/ionas/sna/blob/master/www/app/app_controller.php#L1...
>
> > It is based on Teknoids great information at his blog[3][4], combined
> > with a helper that triggers a javascript::confirm(), doubleposts are
> > essentially not possible due to SecurityComponent. If you really
> > require an js-free confirmation, why not add a checkbox to that helper
> > that you have to check before clicking (check if it was clicked in the
> > helper and before that onSubmit via javascript)
>
> > [1]http://code.cakephp.org/tickets/view/377
> > [2]http://code.cakephp.org/tickets/view/354
> > [3]http://teknoid.wordpress.com/2008/11/05/make-your-cakephp-forms-a-lot...
> > [4]http://teknoid.wordpress.com/2008/11/06/clearing-up-some-confusion-re...
>
> That's ... a lot of code. You also have to remember/know in the view
> if you should or should not use your helper.
>
> FWIW I prefer for things to be a lot more transparent that that.
> Here's an example:http://dl.dropbox.com/u/1027790/csrf-protect-confirm.png
>
> That's using ajax - but it doesn't have to be (it's not a requirment
> or inherant to the technique/solution).
>
> The 'magic' is 
> here:http://code.assembla.com/mi/subversion/nodes/branches/mi_plugin/views...
>
> There's no 'magic' 
> here:http://code.assembla.com/mi/subversion/nodes/branches/blog/views/entr...
>
> Anyway, good for the topic to be discussed.
>
> AD

Check out the new CakePHP Questions site http://cakeqs.org and help others with 
their CakePHP related questions.

You received this message because you are subscribed to the Google Groups 
"CakePHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to
cake-php+unsubscr...@googlegroups.com For more options, visit this group at 
http://groups.google.com/group/cake-php?hl=en

Re: Delete confirm

2009-12-03 Thread AD7six 


On 2 dic, 17:27, "j0n4s.h4rtm...@googlemail.com"
 wrote:
> A mostly working solution[1][2], that you can see 
> here:http://github.com/ionas/sna/blob/master/www/app/app_controller.php#L11http://github.com/ionas/sna/blob/master/www/app/app_error.phphttp://github.com/ionas/sna/blob/master/www/app/views/errors/possible...http://github.com/ionas/sna/blob/master/www/app/controllers/messages_...http://github.com/ionas/sna/blob/master/www/app/views/messages/send.ctphttp://github.com/ionas/sna/blob/master/www/app/views/helpers/secure.php
>
> It is based on Teknoids great information at his blog[3][4], combined
> with a helper that triggers a javascript::confirm(), doubleposts are
> essentially not possible due to SecurityComponent. If you really
> require an js-free confirmation, why not add a checkbox to that helper
> that you have to check before clicking (check if it was clicked in the
> helper and before that onSubmit via javascript)
>
> [1]http://code.cakephp.org/tickets/view/377
> [2]http://code.cakephp.org/tickets/view/354
> [3]http://teknoid.wordpress.com/2008/11/05/make-your-cakephp-forms-a-lot...
> [4]http://teknoid.wordpress.com/2008/11/06/clearing-up-some-confusion-re...
>

That's ... a lot of code. You also have to remember/know in the view
if you should or should not use your helper.

FWIW I prefer for things to be a lot more transparent that that.
Here's an example:
http://dl.dropbox.com/u/1027790/csrf-protect-confirm.png

That's using ajax - but it doesn't have to be (it's not a requirment
or inherant to the technique/solution).

The 'magic' is here:
http://code.assembla.com/mi/subversion/nodes/branches/mi_plugin/views/helpers/mi_html.php#ln170

There's no 'magic' here:
http://code.assembla.com/mi/subversion/nodes/branches/blog/views/entries/admin_index.ctp#ln21

Anyway, good for the topic to be discussed.

AD

Check out the new CakePHP Questions site http://cakeqs.org and help others with 
their CakePHP related questions.

You received this message because you are subscribed to the Google Groups 
"CakePHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to
cake-php+unsubscr...@googlegroups.com For more options, visit this group at 
http://groups.google.com/group/cake-php?hl=en

Re: Delete confirm

2009-12-02 Thread j0n4s.h4rtm...@googlemail.com 
A mostly working solution[1][2], that you can see here:
http://github.com/ionas/sna/blob/master/www/app/app_controller.php#L11
http://github.com/ionas/sna/blob/master/www/app/app_error.php
http://github.com/ionas/sna/blob/master/www/app/views/errors/possible_csrf_attack.ctp
http://github.com/ionas/sna/blob/master/www/app/controllers/messages_controller.php#L8
http://github.com/ionas/sna/blob/master/www/app/views/messages/send.ctp
http://github.com/ionas/sna/blob/master/www/app/views/helpers/secure.php

It is based on Teknoids great information at his blog[3][4], combined
with a helper that triggers a javascript::confirm(), doubleposts are
essentially not possible due to SecurityComponent. If you really
require an js-free confirmation, why not add a checkbox to that helper
that you have to check before clicking (check if it was clicked in the
helper and before that onSubmit via javascript)

[1] http://code.cakephp.org/tickets/view/377
[2] http://code.cakephp.org/tickets/view/354
[3] 
http://teknoid.wordpress.com/2008/11/05/make-your-cakephp-forms-a-lot-more-secure/
[4] 
http://teknoid.wordpress.com/2008/11/06/clearing-up-some-confusion-regarding-the-security-component/

On Dec 1, 11:07 am, jburns  wrote:
> Thanks for the reply. I guess it is a tad unreasonable to expect two
> year old code to 'just work'! I just like stuff out of the box :-)
>
> I'll follow your suggestions and then rather than slavishly try and
> make this function I'll branch off my own way until I get something
> working. I'll post back my solution here.
>
> On Dec 1, 9:34 am, AD7six  wrote:
>
> > On 27 nov, 12:28, jburns  wrote:
>
> > > @AD7Six
>
> > > Apologies, but I am still struggling with this. I have deployed your
> > > code as is, with the following changes:
>
> > > I have removed this line:
> > > if (isset($this->params[CAKE_ADMIN]) && !$this->RequestHandler->isAjax
> > > ()) {
> > >             $this->layout = 'admin';
> > >         }
> > > ...because it errors and is not relevant to me.
>
> > > Same with this line:
> > > if ($this->javascripts) {
> > >             $this->set('javascripts', $this->javascripts);
> > >         }
>
> > > I am not using admin routing, so have changed references to
> > > admin_delete to delete.
>
> > > This line errors:
> > > $this->Security->__generateToken($this);
> > > ...but works if I change the double underscore to a single underscore.
>
> > > I have created the _generic folder and put the confirm_action view in
> > > it.
>
> > > I *think* I understand what is going on in the code. It picks up that
> > > I am calling the delete action via a link (and therefore a GET). As
> > > 'delete' is in the $postActions array, I am directed to the
> > > _confirmAction function. This renders the confirm_action view, which
> > > contains a form that calls the delete action via a POST. When I submit
> > > the form it ought to come back into app_controller and pass through to
> > > the delete action. However, I am still being directed back to the
> > > confirm_action view.
>
> > > Stumped. I notice that it is calling Security->_generateToken. Should
> > > this be being picked up anywhere else? If not, what is its purpose?
>
> > > I appreciate your help. This is gnawing away at me and I can't work it
> > > through.
>
> > > Thanks.
>
> > Without seeing your exact code I|other people can't help much.
>
> > Yes, the core changed a little in the past 2 years, as did a few other
> > things. e.g. I personally don't use a _generic folder anymore since
> > you can just do $this->render('/elements/this_one'); - as can be seen
> > in the repo solution I linked to.
>
> > If you're being redirected to confirm_action in a loop the form token
> > that's generated 'manually' (see the form helper create function if
> > you want to see what else uses it) doesn't match what the security
> > component is expecting. Except for the period of time when I was
> > originally writing this technique - I haven't seen that happen. You'd
> > need to debug and find out why.
>
> > hth,
>
> > AD

Check out the new CakePHP Questions site http://cakeqs.org and help others with 
their CakePHP related questions.

You received this message because you are subscribed to the Google Groups 
"CakePHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to
cake-php+unsubscr...@googlegroups.com For more options, visit this group at 
http://groups.google.com/group/cake-php?hl=en

Re: Delete confirm

2009-12-01 Thread jburns 
Thanks for the reply. I guess it is a tad unreasonable to expect two
year old code to 'just work'! I just like stuff out of the box :-)

I'll follow your suggestions and then rather than slavishly try and
make this function I'll branch off my own way until I get something
working. I'll post back my solution here.

On Dec 1, 9:34 am, AD7six  wrote:
> On 27 nov, 12:28, jburns  wrote:
>
>
>
>
>
> > @AD7Six
>
> > Apologies, but I am still struggling with this. I have deployed your
> > code as is, with the following changes:
>
> > I have removed this line:
> > if (isset($this->params[CAKE_ADMIN]) && !$this->RequestHandler->isAjax
> > ()) {
> >             $this->layout = 'admin';
> >         }
> > ...because it errors and is not relevant to me.
>
> > Same with this line:
> > if ($this->javascripts) {
> >             $this->set('javascripts', $this->javascripts);
> >         }
>
> > I am not using admin routing, so have changed references to
> > admin_delete to delete.
>
> > This line errors:
> > $this->Security->__generateToken($this);
> > ...but works if I change the double underscore to a single underscore.
>
> > I have created the _generic folder and put the confirm_action view in
> > it.
>
> > I *think* I understand what is going on in the code. It picks up that
> > I am calling the delete action via a link (and therefore a GET). As
> > 'delete' is in the $postActions array, I am directed to the
> > _confirmAction function. This renders the confirm_action view, which
> > contains a form that calls the delete action via a POST. When I submit
> > the form it ought to come back into app_controller and pass through to
> > the delete action. However, I am still being directed back to the
> > confirm_action view.
>
> > Stumped. I notice that it is calling Security->_generateToken. Should
> > this be being picked up anywhere else? If not, what is its purpose?
>
> > I appreciate your help. This is gnawing away at me and I can't work it
> > through.
>
> > Thanks.
>
> Without seeing your exact code I|other people can't help much.
>
> Yes, the core changed a little in the past 2 years, as did a few other
> things. e.g. I personally don't use a _generic folder anymore since
> you can just do $this->render('/elements/this_one'); - as can be seen
> in the repo solution I linked to.
>
> If you're being redirected to confirm_action in a loop the form token
> that's generated 'manually' (see the form helper create function if
> you want to see what else uses it) doesn't match what the security
> component is expecting. Except for the period of time when I was
> originally writing this technique - I haven't seen that happen. You'd
> need to debug and find out why.
>
> hth,
>
> AD

Check out the new CakePHP Questions site http://cakeqs.org and help others with 
their CakePHP related questions.

You received this message because you are subscribed to the Google Groups 
"CakePHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to
cake-php+unsubscr...@googlegroups.com For more options, visit this group at 
http://groups.google.com/group/cake-php?hl=en

Re: Delete confirm

2009-12-01 Thread AD7six 


On 27 nov, 12:28, jburns  wrote:
> @AD7Six
>
> Apologies, but I am still struggling with this. I have deployed your
> code as is, with the following changes:
>
> I have removed this line:
> if (isset($this->params[CAKE_ADMIN]) && !$this->RequestHandler->isAjax
> ()) {
>             $this->layout = 'admin';
>         }
> ...because it errors and is not relevant to me.
>
> Same with this line:
> if ($this->javascripts) {
>             $this->set('javascripts', $this->javascripts);
>         }
>
> I am not using admin routing, so have changed references to
> admin_delete to delete.
>
> This line errors:
> $this->Security->__generateToken($this);
> ...but works if I change the double underscore to a single underscore.
>
> I have created the _generic folder and put the confirm_action view in
> it.
>
> I *think* I understand what is going on in the code. It picks up that
> I am calling the delete action via a link (and therefore a GET). As
> 'delete' is in the $postActions array, I am directed to the
> _confirmAction function. This renders the confirm_action view, which
> contains a form that calls the delete action via a POST. When I submit
> the form it ought to come back into app_controller and pass through to
> the delete action. However, I am still being directed back to the
> confirm_action view.
>
> Stumped. I notice that it is calling Security->_generateToken. Should
> this be being picked up anywhere else? If not, what is its purpose?
>
> I appreciate your help. This is gnawing away at me and I can't work it
> through.
>
> Thanks.

Without seeing your exact code I|other people can't help much.

Yes, the core changed a little in the past 2 years, as did a few other
things. e.g. I personally don't use a _generic folder anymore since
you can just do $this->render('/elements/this_one'); - as can be seen
in the repo solution I linked to.

If you're being redirected to confirm_action in a loop the form token
that's generated 'manually' (see the form helper create function if
you want to see what else uses it) doesn't match what the security
component is expecting. Except for the period of time when I was
originally writing this technique - I haven't seen that happen. You'd
need to debug and find out why.

hth,

AD

Check out the new CakePHP Questions site http://cakeqs.org and help others with 
their CakePHP related questions.

You received this message because you are subscribed to the Google Groups 
"CakePHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to
cake-php+unsubscr...@googlegroups.com For more options, visit this group at 
http://groups.google.com/group/cake-php?hl=en

Re: Delete confirm

2009-11-27 Thread jburns 
@AD7Six

Apologies, but I am still struggling with this. I have deployed your
code as is, with the following changes:

I have removed this line:
if (isset($this->params[CAKE_ADMIN]) && !$this->RequestHandler->isAjax
()) {
$this->layout = 'admin';
}
...because it errors and is not relevant to me.

Same with this line:
if ($this->javascripts) {
$this->set('javascripts', $this->javascripts);
}

I am not using admin routing, so have changed references to
admin_delete to delete.

This line errors:
$this->Security->__generateToken($this);
...but works if I change the double underscore to a single underscore.

I have created the _generic folder and put the confirm_action view in
it.

I *think* I understand what is going on in the code. It picks up that
I am calling the delete action via a link (and therefore a GET). As
'delete' is in the $postActions array, I am directed to the
_confirmAction function. This renders the confirm_action view, which
contains a form that calls the delete action via a POST. When I submit
the form it ought to come back into app_controller and pass through to
the delete action. However, I am still being directed back to the
confirm_action view.

Stumped. I notice that it is calling Security->_generateToken. Should
this be being picked up anywhere else? If not, what is its purpose?

I appreciate your help. This is gnawing away at me and I can't work it
through.

Thanks.

On Nov 25, 12:48 pm, AD7six  wrote:
> On 25 nov, 13:39, jburns  wrote:
>
> > This is failing before thedeletehappens. I just can't track down
> > where thedeleteis failing, when the direct is happening and why it
> > is trying to direct to adeleteview. As far as I know you never have
> > adeleteview - the model function does its job and then redirects you
> > to the view you prescribe in your controller. Just stumped really.
>
> I'm confused why after asking "I want to ask the user toconfirmthat
> he wants todelete
> a record" you're confused that the solution you're following looks for
> a view - the view for the confirmation message & form to present the
> user.
>
> I can guess you've copied and pasted the code from the article I
> linked to without understanding what it does - it prevents yourdelete
> function from running on a get request - by making use of the security
> component's blackhole to  prompt the user with a form toconfirm
> whatever function it is they asked for is really what they want to do.
>
> If the error message is exactly as you typed -deleteyour
> minimalistic app-overriden missing view error, refresh the page and
> look for the text "Confirmyou have 
> created"http://code.cakephp.org/source/branches/1.3/cake/libs/view/errors/mis...
>
>  - The error message tells you /exactly/ where cake is looking for the
> view file you directly or indirectly asked to render - and by some
> nifty Ctrl+F action in your controller(s) you can find out where in
> the code it's triggering that.
>
> hth,
>
> AD

Check out the new CakePHP Questions site http://cakeqs.org and help others with 
their CakePHP related questions.

You received this message because you are subscribed to the Google Groups 
"CakePHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to
cake-php+unsubscr...@googlegroups.com For more options, visit this group at 
http://groups.google.com/group/cake-php?hl=en

Re: Delete confirm

2009-11-25 Thread AD7six 


On 25 nov, 13:39, jburns  wrote:
> This is failing before the delete happens. I just can't track down
> where the delete is failing, when the direct is happening and why it
> is trying to direct to a delete view. As far as I know you never have
> a delete view - the model function does its job and then redirects you
> to the view you prescribe in your controller. Just stumped really.

I'm confused why after asking "I want to ask the user to confirm that
he wants to delete
a record" you're confused that the solution you're following looks for
a view - the view for the confirmation message & form to present the
user.

I can guess you've copied and pasted the code from the article I
linked to without understanding what it does - it prevents your delete
function from running on a get request - by making use of the security
component's blackhole to  prompt the user with a form to confirm
whatever function it is they asked for is really what they want to do.

If the error message is exactly as you typed - delete your
minimalistic app-overriden missing view error, refresh the page and
look for the text "Confirm you have created"
http://code.cakephp.org/source/branches/1.3/cake/libs/view/errors/missing_view.ctp

 - The error message tells you /exactly/ where cake is looking for the
view file you directly or indirectly asked to render - and by some
nifty Ctrl+F action in your controller(s) you can find out where in
the code it's triggering that.

hth,

AD

Check out the new CakePHP Questions site http://cakeqs.org and help others with 
their CakePHP related questions.

You received this message because you are subscribed to the Google Groups 
"CakePHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to
cake-php+unsubscr...@googlegroups.com For more options, visit this group at 
http://groups.google.com/group/cake-php?hl=en

Re: Delete confirm

2009-11-25 Thread jburns 
This is failing before the delete happens. I just can't track down
where the delete is failing, when the direct is happening and why it
is trying to direct to a delete view. As far as I know you never have
a delete view - the model function does its job and then redirects you
to the view you prescribe in your controller. Just stumped really.

On Nov 25, 12:25 pm, Fran Iglesias  wrote:
> Hi,
>
> If you don't have a delete view (or don't want to have) I guess you  
> need to redirect to the index action after deleting.
>
> El 25/11/2009, a las 13:22, jburns escribió:
>
>
>
> > The delete view, I presume. The error message is as I typed it.

Check out the new CakePHP Questions site http://cakeqs.org and help others with 
their CakePHP related questions.

You received this message because you are subscribed to the Google Groups 
"CakePHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to
cake-php+unsubscr...@googlegroups.com For more options, visit this group at 
http://groups.google.com/group/cake-php?hl=en

Re: Delete confirm

2009-11-25 Thread jburns 
English and literary skills are not what I am grappling with. It is
understanding why it is trying to direct me to the delete view. The
entire message is as I typed - it is being presented in an error view
so there is no more for me to read.

I have removed the delete function from my controllers and added it to
my app_controller:

function delete($id) {
if ($this->{$this->modelClass}->del($id)) {
$this->Session->setFlash($this->modelClass . ' with id ' . $id .
'deleted');
}

$this->redirect($this->data[$this->modelClass]['referer'], null,
true);
}

Somewhere along the line it is trying to direct me to the delete view.
I'd appreciate some pointers, please.

On Nov 25, 12:25 pm, Fran Iglesias  wrote:
> Hi,
>
> If you don't have a delete view (or don't want to have) I guess you  
> need to redirect to the index action after deleting.
>
> El 25/11/2009, a las 13:22, jburns escribió:
>
>
>
> > The delete view, I presume. The error message is as I typed it.

Check out the new CakePHP Questions site http://cakeqs.org and help others with 
their CakePHP related questions.

You received this message because you are subscribed to the Google Groups 
"CakePHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to
cake-php+unsubscr...@googlegroups.com For more options, visit this group at 
http://groups.google.com/group/cake-php?hl=en

Re: Delete confirm

2009-11-25 Thread Fran Iglesias 
Hi,

If you don't have a delete view (or don't want to have) I guess you  
need to redirect to the index action after deleting.

El 25/11/2009, a las 13:22, jburns escribió:

> The delete view, I presume. The error message is as I typed it.

Check out the new CakePHP Questions site http://cakeqs.org and help others with 
their CakePHP related questions.

You received this message because you are subscribed to the Google Groups 
"CakePHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to
cake-php+unsubscr...@googlegroups.com For more options, visit this group at 
http://groups.google.com/group/cake-php?hl=en

Re: Delete confirm

2009-11-25 Thread AD7six 


On 25 nov, 13:22, jburns  wrote:
> The delete view, I presume. The error message is as I typed it.

Try reading the rest of the error message.

Check out the new CakePHP Questions site http://cakeqs.org and help others with 
their CakePHP related questions.

You received this message because you are subscribed to the Google Groups 
"CakePHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to
cake-php+unsubscr...@googlegroups.com For more options, visit this group at 
http://groups.google.com/group/cake-php?hl=en

Re: Delete confirm

2009-11-25 Thread jburns 
The delete view, I presume. The error message is as I typed it.

On Nov 25, 12:10 pm, AD7six  wrote:
> On 25 nov, 12:55, jburns  wrote:
>
> > @AD7Six
>
> > Any ideas why this code errors:
>
> > The view for xxxController::delete() was not found.
>
> > There isn't usually a delete view, of course. I'm not clever enough to
> > work out why it is trying to direct me to this view.
>
> To what view, you keep forgetting to say what view it's looking for :)
>
> AD

Check out the new CakePHP Questions site http://cakeqs.org and help others with 
their CakePHP related questions.

You received this message because you are subscribed to the Google Groups 
"CakePHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to
cake-php+unsubscr...@googlegroups.com For more options, visit this group at 
http://groups.google.com/group/cake-php?hl=en

Re: Delete confirm

2009-11-25 Thread AD7six 


On 25 nov, 12:55, jburns  wrote:
> @AD7Six
>
> Any ideas why this code errors:
>
> The view for xxxController::delete() was not found.
>
> There isn't usually a delete view, of course. I'm not clever enough to
> work out why it is trying to direct me to this view.

To what view, you keep forgetting to say what view it's looking for :)

AD

Check out the new CakePHP Questions site http://cakeqs.org and help others with 
their CakePHP related questions.

You received this message because you are subscribed to the Google Groups 
"CakePHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to
cake-php+unsubscr...@googlegroups.com For more options, visit this group at 
http://groups.google.com/group/cake-php?hl=en

Re: Delete confirm

2009-11-25 Thread jburns 
@AD7Six

Any ideas why this code errors:

The view for xxxController::delete() was not found.

There isn't usually a delete view, of course. I'm not clever enough to
work out why it is trying to direct me to this view.

On Nov 18, 7:50 pm, Amit  wrote:
> I know this sounds basic but it was a mistake I've made before. Make
> sure you got the spelling right and make sure you don't have the
> function defined in another function. I once accidentally wrote my
> isAuthoized() inside of another function (I got lost in curly braces)
> and hit the same issue.
>
> @AD7six - I went through your tutorial and was wondering if the
> SecurityComponent handled protection against CSRF? I'm using
> requireAuth and requirePost to address CSRF.
>
> On Nov 18, 1:11 pm, jburns  wrote:
>
>
>
> > Any takers on this please?
>
> > On Nov 17, 6:25 am, Jeremy Burns  wrote:
>
> > > I am trying to apply this to my site but whenever I access my 'delete' 
> > > action (I have removed references to 'admin_' in the sample code as I am 
> > > not using admin_delete yet) I get the error message "The view for 
> > > XXXController::delete() was not found" (where XXX is my controller). The 
> > > controller doesn't have a 'delete' function in it as I am using the 
> > > genericdeletefunction in the app_controller. What am I doing wrong?
>
> > > Jeremy Burns
> > > On 13 Nov 2009, at 15:44, AD7six wrote:
>
> > > > On 13 nov, 16:30, jburns  wrote:
> > > >> No responses on this - any takers?
>
> > > > Try this for background:http://www.ad7six.com/e/67
> > > > This (the component is in the mi_plugin branch) for a ~pnp solution,
> > > > but probably a bit too integrated/dependent:
> > > >http://code.assembla.com/mi/subversion/nodes/branches/mi_plugin/contr...
>
> > > > or simply:
>
> > > > functiondelete($id) {
> > > > if (!$this->data) {
> > > >  $this->set('referer', $this->referer()); // pick this up in the
> > > > view, and add it to the form
> > > >  return $this->render('/elements/confirm_delete');
> > > > }
> > > > ... actuallydelete..
> > > > $this->redirect($this->data[$this->modelAlias]['referer']); // where
> > > > they came from
> > > > }
>
> > > > hth,
>
> > > > AD
>
> > > > --
>
> > > > You received this message because you are subscribed to the Google 
> > > > Groups "CakePHP" group.
> > > > To post to this group, send email to cake-...@googlegroups.com.
> > > > To unsubscribe from this group, send email to 
> > > > cake-php+unsubscr...@googlegroups.com.
> > > > For more options, visit this group 
> > > > athttp://groups.google.com/group/cake-php?hl=.

Check out the new CakePHP Questions site http://cakeqs.org and help others with 
their CakePHP related questions.

You received this message because you are subscribed to the Google Groups 
"CakePHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to
cake-php+unsubscr...@googlegroups.com For more options, visit this group at 
http://groups.google.com/group/cake-php?hl=en

Re: Delete confirm

2009-11-20 Thread Dave 
@Amit: requireAuth and requirePost are part of the security component...

@jburns: I have never tried to call a function from app_controller.  You can
try placing a function like this in your controller which you are trying to
delete from.

function delete() {
parent::delete();
}

On Wed, Nov 18, 2009 at 2:50 PM, Amit  wrote:

> I know this sounds basic but it was a mistake I've made before. Make
> sure you got the spelling right and make sure you don't have the
> function defined in another function. I once accidentally wrote my
> isAuthoized() inside of another function (I got lost in curly braces)
> and hit the same issue.
>
> @AD7six - I went through your tutorial and was wondering if the
> SecurityComponent handled protection against CSRF? I'm using
> requireAuth and requirePost to address CSRF.
>
> On Nov 18, 1:11 pm, jburns  wrote:
> > Any takers on this please?
> >
> > On Nov 17, 6:25 am, Jeremy Burns  wrote:
> >
> >
> >
> > > I am trying to apply this to my site but whenever I access my 'delete'
> action (I have removed references to 'admin_' in the sample code as I am not
> using admin_delete yet) I get the error message "The view for
> XXXController::delete() was not found" (where XXX is my controller). The
> controller doesn't have a 'delete' function in it as I am using the generic
> delete function in the app_controller. What am I doing wrong?
> >
> > > Jeremy Burns
>
> > > On 13 Nov 2009, at 15:44, AD7six wrote:
> >
> > > > On 13 nov, 16:30, jburns  wrote:
> > > >> No responses on this - any takers?
> >
> > > > Try this for background:http://www.ad7six.com/e/67
> > > > This (the component is in the mi_plugin branch) for a ~pnp solution,
> > > > but probably a bit too integrated/dependent:
> > > >
> http://code.assembla.com/mi/subversion/nodes/branches/mi_plugin/contr...
> >
> > > > or simply:
> >
> > > > function delete($id) {
> > > > if (!$this->data) {
> > > >  $this->set('referer', $this->referer()); // pick this up in the
> > > > view, and add it to the form
> > > >  return $this->render('/elements/confirm_delete');
> > > > }
> > > > ... actually delete ..
> > > > $this->redirect($this->data[$this->modelAlias]['referer']); // where
> > > > they came from
> > > > }
> >
> > > > hth,
> >
> > > > AD
> >
> > > > --
> >
> > > > You received this message because you are subscribed to the Google
> Groups "CakePHP" group.
> > > > To post to this group, send email to cake-...@googlegroups.com.
> > > > To unsubscribe from this group, send email to
> cake-php+unsubscr...@googlegroups.com
> .
> > > > For more options, visit this group athttp://
> groups.google.com/group/cake-php?hl=.
>
> --
>
> You received this message because you are subscribed to the Google Groups
> "CakePHP" group.
> To post to this group, send email to cake-...@googlegroups.com.
> To unsubscribe from this group, send email to
> cake-php+unsubscr...@googlegroups.com
> .
> For more options, visit this group at
> http://groups.google.com/group/cake-php?hl=en.
>
>
>

--

You received this message because you are subscribed to the Google Groups 
"CakePHP" group.
To post to this group, send email to cake-...@googlegroups.com.
To unsubscribe from this group, send email to 
cake-php+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/cake-php?hl=.

Re: Delete confirm

2009-11-18 Thread Amit 
I know this sounds basic but it was a mistake I've made before. Make
sure you got the spelling right and make sure you don't have the
function defined in another function. I once accidentally wrote my
isAuthoized() inside of another function (I got lost in curly braces)
and hit the same issue.

@AD7six - I went through your tutorial and was wondering if the
SecurityComponent handled protection against CSRF? I'm using
requireAuth and requirePost to address CSRF.

On Nov 18, 1:11 pm, jburns  wrote:
> Any takers on this please?
>
> On Nov 17, 6:25 am, Jeremy Burns  wrote:
>
>
>
> > I am trying to apply this to my site but whenever I access my 'delete' 
> > action (I have removed references to 'admin_' in the sample code as I am 
> > not using admin_delete yet) I get the error message "The view for 
> > XXXController::delete() was not found" (where XXX is my controller). The 
> > controller doesn't have a 'delete' function in it as I am using the generic 
> > delete function in the app_controller. What am I doing wrong?
>
> > Jeremy Burns

> > On 13 Nov 2009, at 15:44, AD7six wrote:
>
> > > On 13 nov, 16:30, jburns  wrote:
> > >> No responses on this - any takers?
>
> > > Try this for background:http://www.ad7six.com/e/67
> > > This (the component is in the mi_plugin branch) for a ~pnp solution,
> > > but probably a bit too integrated/dependent:
> > >http://code.assembla.com/mi/subversion/nodes/branches/mi_plugin/contr...
>
> > > or simply:
>
> > > function delete($id) {
> > > if (!$this->data) {
> > >  $this->set('referer', $this->referer()); // pick this up in the
> > > view, and add it to the form
> > >  return $this->render('/elements/confirm_delete');
> > > }
> > > ... actually delete ..
> > > $this->redirect($this->data[$this->modelAlias]['referer']); // where
> > > they came from
> > > }
>
> > > hth,
>
> > > AD
>
> > > --
>
> > > You received this message because you are subscribed to the Google Groups 
> > > "CakePHP" group.
> > > To post to this group, send email to cake-...@googlegroups.com.
> > > To unsubscribe from this group, send email to 
> > > cake-php+unsubscr...@googlegroups.com.
> > > For more options, visit this group 
> > > athttp://groups.google.com/group/cake-php?hl=.

--

You received this message because you are subscribed to the Google Groups 
"CakePHP" group.
To post to this group, send email to cake-...@googlegroups.com.
To unsubscribe from this group, send email to 
cake-php+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/cake-php?hl=en.

Re: Delete confirm

2009-11-18 Thread jburns 
Any takers on this please?

On Nov 17, 6:25 am, Jeremy Burns  wrote:
> I am trying to apply this to my site but whenever I access my 'delete' action 
> (I have removed references to 'admin_' in the sample code as I am not using 
> admin_delete yet) I get the error message "The view for 
> XXXController::delete() was not found" (where XXX is my controller). The 
> controller doesn't have a 'delete' function in it as I am using the generic 
> delete function in the app_controller. What am I doing wrong?
>
> Jeremy Burns
>
> On 13 Nov 2009, at 15:44, AD7six wrote:
>
>
>
>
>
> > On 13 nov, 16:30, jburns  wrote:
> >> No responses on this - any takers?
>
> > Try this for background:http://www.ad7six.com/e/67
> > This (the component is in the mi_plugin branch) for a ~pnp solution,
> > but probably a bit too integrated/dependent:
> >http://code.assembla.com/mi/subversion/nodes/branches/mi_plugin/contr...
>
> > or simply:
>
> > function delete($id) {
> > if (!$this->data) {
> >  $this->set('referer', $this->referer()); // pick this up in the
> > view, and add it to the form
> >  return $this->render('/elements/confirm_delete');
> > }
> > ... actually delete ..
> > $this->redirect($this->data[$this->modelAlias]['referer']); // where
> > they came from
> > }
>
> > hth,
>
> > AD
>
> > --
>
> > You received this message because you are subscribed to the Google Groups 
> > "CakePHP" group.
> > To post to this group, send email to cake-...@googlegroups.com.
> > To unsubscribe from this group, send email to 
> > cake-php+unsubscr...@googlegroups.com.
> > For more options, visit this group 
> > athttp://groups.google.com/group/cake-php?hl=.

--

You received this message because you are subscribed to the Google Groups 
"CakePHP" group.
To post to this group, send email to cake-...@googlegroups.com.
To unsubscribe from this group, send email to 
cake-php+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/cake-php?hl=en.

Re: Delete confirm

2009-11-16 Thread Jeremy Burns 
I am trying to apply this to my site but whenever I access my 'delete' action 
(I have removed references to 'admin_' in the sample code as I am not using 
admin_delete yet) I get the error message "The view for XXXController::delete() 
was not found" (where XXX is my controller). The controller doesn't have a 
'delete' function in it as I am using the generic delete function in the 
app_controller. What am I doing wrong?

Jeremy Burns


On 13 Nov 2009, at 15:44, AD7six wrote:

> 
> 
> On 13 nov, 16:30, jburns  wrote:
>> No responses on this - any takers?
> 
> Try this for background: http://www.ad7six.com/e/67
> This (the component is in the mi_plugin branch) for a ~pnp solution,
> but probably a bit too integrated/dependent:
> http://code.assembla.com/mi/subversion/nodes/branches/mi_plugin/controllers/components/swiss_army.php#ln302
> 
> or simply:
> 
> function delete($id) {
> if (!$this->data) {
>  $this->set('referer', $this->referer()); // pick this up in the
> view, and add it to the form
>  return $this->render('/elements/confirm_delete');
> }
> ... actually delete ..
> $this->redirect($this->data[$this->modelAlias]['referer']); // where
> they came from
> }
> 
> hth,
> 
> AD
> 
> --
> 
> You received this message because you are subscribed to the Google Groups 
> "CakePHP" group.
> To post to this group, send email to cake-...@googlegroups.com.
> To unsubscribe from this group, send email to 
> cake-php+unsubscr...@googlegroups.com.
> For more options, visit this group at 
> http://groups.google.com/group/cake-php?hl=.
> 
> 

--

You received this message because you are subscribed to the Google Groups 
"CakePHP" group.
To post to this group, send email to cake-...@googlegroups.com.
To unsubscribe from this group, send email to 
cake-php+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/cake-php?hl=.

Re: Delete confirm

2009-11-14 Thread Jeremy Burns 
Thanks to everyone for their input. AD&six's post is indeed comprehensive and I 
am just picking my through it now. I will post back my final implentation here.

Jeremy Burns
jeremybu...@me.com
(Skype) +44 208 123 3822 (jeremy_burns)
(m) +44 7973 481949
(h) +44 208 530 7573

On 14 Nov 2009, at 12:35, j0n4s.h4rtm...@googlemail.com wrote:

> Nevermind, AD7six post explains it well and very better (and included
> my note, but post alone seems not to be sufficient anyway)
> 
> On Nov 14, 1:27 pm, "j0n4s.h4rtm...@googlemail.com"
>  wrote:
>> Another possibility is adding delete links within a  that has
>> method = post,
>> check the request method (if its POST) on the action as well.
>> 
>> in addition: give that form a class and css stylize it down to a link
>> (though why not keep it a button, buttons = post, links = get paradigm
>> works well too)
>> 
>> On Nov 13, 4:55 pm, Jeremy Burns  wrote:
>> 
>>> Thanks - good approach.
>> 
>>> Jeremy Burns
>>> jeremybu...@me.com
>>> (Skype) +44 208 123 3822 (jeremy_burns)
>>> (m) +44 7973 481949
>>> (h) +44 208 530 7573
>> 
>>> On 13 Nov 2009, at 15:44, Marcelo Andrade wrote:
>> 
>>>> On Fri, Nov 13, 2009 at 4:14 AM, jburns  wrote:
>>>>> I am not happy with the javascript delete confirm method, as it
>>>>> doesn't appear if javascript is disabled and the delete happens with
>>>>> no checking. I want to ask the user to confirm that he wants to delete
>>>>> a record, and would like to do something like this:
>> 
>>>>> 1. User clicks a delete link, which points at the delete action.
>>>>> 2. The delete action redirects the user to the view screen for the
>>>>> record with a flash message asking him to confirm the delete, and
>>>>> links to confirm or reject the deletion.
>>>>> 3. If the user clicks the confirm link they are redirected back to the
>>>>> delete action but this time with a parameter that shows the action has
>>>>> been confirmed, and the deletion takes place.
>>>>> 4. The parameter identified in (3) is not present in stage (2), which
>>>>> is how (2) knows to direct to the view screen and ask for
>>>>> confirmation, rather than just processing the delete.
>>>>> 5. I am reusing the view screen and action in (2) so that I don't have
>>>>> to build new confirm_delete screens and actions (I would need to build
>>>>> about 60 of them).
>> 
>>>> It's not so hard to do it with ordinary $html->link.
>>>> Point the delete link to a question action that do what
>>>> you want (a link to the real delete action and another
>>>> to go back).
>> 
>>>> If you can realize how to do it this way, so you could
>>>> encapsulate the all stuff creating your own helper,
>>>> overriding the $html->link method.
>> 
>>>> Best regards.
>> 
>>>> --
>>>> MARCELO DE F. ANDRADE
>>>> Belem, PA, Amazonia, Brazil
>>>> Linux User #221105
>> 
>>>> --
>> 
>>>> You received this message because you are subscribed to the Google Groups 
>>>> "CakePHP" group.
>>>> To post to this group, send email to cake-...@googlegroups.com.
>>>> To unsubscribe from this group, send email to 
>>>> cake-php+unsubscr...@googlegroups.com.
>>>> For more options, visit this group 
>>>> athttp://groups.google.com/group/cake-php?hl=.
> 
> --
> 
> You received this message because you are subscribed to the Google Groups 
> "CakePHP" group.
> To post to this group, send email to cake-...@googlegroups.com.
> To unsubscribe from this group, send email to 
> cake-php+unsubscr...@googlegroups.com.
> For more options, visit this group at 
> http://groups.google.com/group/cake-php?hl=.
> 
> 

--

You received this message because you are subscribed to the Google Groups 
"CakePHP" group.
To post to this group, send email to cake-...@googlegroups.com.
To unsubscribe from this group, send email to 
cake-php+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/cake-php?hl=.

Re: Delete confirm

2009-11-14 Thread j0n4s.h4rtm...@googlemail.com 
Nevermind, AD7six post explains it well and very better (and included
my note, but post alone seems not to be sufficient anyway)

On Nov 14, 1:27 pm, "j0n4s.h4rtm...@googlemail.com"
 wrote:
> Another possibility is adding delete links within a  that has
> method = post,
> check the request method (if its POST) on the action as well.
>
> in addition: give that form a class and css stylize it down to a link
> (though why not keep it a button, buttons = post, links = get paradigm
> works well too)
>
> On Nov 13, 4:55 pm, Jeremy Burns  wrote:
>
> > Thanks - good approach.
>
> > Jeremy Burns
> > jeremybu...@me.com
> > (Skype) +44 208 123 3822 (jeremy_burns)
> > (m) +44 7973 481949
> > (h) +44 208 530 7573
>
> > On 13 Nov 2009, at 15:44, Marcelo Andrade wrote:
>
> > > On Fri, Nov 13, 2009 at 4:14 AM, jburns  wrote:
> > >> I am not happy with the javascript delete confirm method, as it
> > >> doesn't appear if javascript is disabled and the delete happens with
> > >> no checking. I want to ask the user to confirm that he wants to delete
> > >> a record, and would like to do something like this:
>
> > >> 1. User clicks a delete link, which points at the delete action.
> > >> 2. The delete action redirects the user to the view screen for the
> > >> record with a flash message asking him to confirm the delete, and
> > >> links to confirm or reject the deletion.
> > >> 3. If the user clicks the confirm link they are redirected back to the
> > >> delete action but this time with a parameter that shows the action has
> > >> been confirmed, and the deletion takes place.
> > >> 4. The parameter identified in (3) is not present in stage (2), which
> > >> is how (2) knows to direct to the view screen and ask for
> > >> confirmation, rather than just processing the delete.
> > >> 5. I am reusing the view screen and action in (2) so that I don't have
> > >> to build new confirm_delete screens and actions (I would need to build
> > >> about 60 of them).
>
> > > It's not so hard to do it with ordinary $html->link.
> > > Point the delete link to a question action that do what
> > > you want (a link to the real delete action and another
> > > to go back).
>
> > > If you can realize how to do it this way, so you could
> > > encapsulate the all stuff creating your own helper,
> > > overriding the $html->link method.
>
> > > Best regards.
>
> > > --
> > > MARCELO DE F. ANDRADE
> > > Belem, PA, Amazonia, Brazil
> > > Linux User #221105
>
> > > --
>
> > > You received this message because you are subscribed to the Google Groups 
> > > "CakePHP" group.
> > > To post to this group, send email to cake-...@googlegroups.com.
> > > To unsubscribe from this group, send email to 
> > > cake-php+unsubscr...@googlegroups.com.
> > > For more options, visit this group 
> > > athttp://groups.google.com/group/cake-php?hl=.

--

You received this message because you are subscribed to the Google Groups 
"CakePHP" group.
To post to this group, send email to cake-...@googlegroups.com.
To unsubscribe from this group, send email to 
cake-php+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/cake-php?hl=.

Re: Delete confirm

2009-11-14 Thread j0n4s.h4rtm...@googlemail.com 
Another possibility is adding delete links within a  that has
method = post,
check the request method (if its POST) on the action as well.

in addition: give that form a class and css stylize it down to a link
(though why not keep it a button, buttons = post, links = get paradigm
works well too)


On Nov 13, 4:55 pm, Jeremy Burns  wrote:
> Thanks - good approach.
>
> Jeremy Burns
> jeremybu...@me.com
> (Skype) +44 208 123 3822 (jeremy_burns)
> (m) +44 7973 481949
> (h) +44 208 530 7573
>
> On 13 Nov 2009, at 15:44, Marcelo Andrade wrote:
>
> > On Fri, Nov 13, 2009 at 4:14 AM, jburns  wrote:
> >> I am not happy with the javascript delete confirm method, as it
> >> doesn't appear if javascript is disabled and the delete happens with
> >> no checking. I want to ask the user to confirm that he wants to delete
> >> a record, and would like to do something like this:
>
> >> 1. User clicks a delete link, which points at the delete action.
> >> 2. The delete action redirects the user to the view screen for the
> >> record with a flash message asking him to confirm the delete, and
> >> links to confirm or reject the deletion.
> >> 3. If the user clicks the confirm link they are redirected back to the
> >> delete action but this time with a parameter that shows the action has
> >> been confirmed, and the deletion takes place.
> >> 4. The parameter identified in (3) is not present in stage (2), which
> >> is how (2) knows to direct to the view screen and ask for
> >> confirmation, rather than just processing the delete.
> >> 5. I am reusing the view screen and action in (2) so that I don't have
> >> to build new confirm_delete screens and actions (I would need to build
> >> about 60 of them).
>
> > It's not so hard to do it with ordinary $html->link.
> > Point the delete link to a question action that do what
> > you want (a link to the real delete action and another
> > to go back).
>
> > If you can realize how to do it this way, so you could
> > encapsulate the all stuff creating your own helper,
> > overriding the $html->link method.
>
> > Best regards.
>
> > --
> > MARCELO DE F. ANDRADE
> > Belem, PA, Amazonia, Brazil
> > Linux User #221105
>
> > --
>
> > You received this message because you are subscribed to the Google Groups 
> > "CakePHP" group.
> > To post to this group, send email to cake-...@googlegroups.com.
> > To unsubscribe from this group, send email to 
> > cake-php+unsubscr...@googlegroups.com.
> > For more options, visit this group 
> > athttp://groups.google.com/group/cake-php?hl=.

--

You received this message because you are subscribed to the Google Groups 
"CakePHP" group.
To post to this group, send email to cake-...@googlegroups.com.
To unsubscribe from this group, send email to 
cake-php+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/cake-php?hl=.

Re: Delete confirm

2009-11-13 Thread Jeremy Burns 
Thanks - good approach.

Jeremy Burns
jeremybu...@me.com
(Skype) +44 208 123 3822 (jeremy_burns)
(m) +44 7973 481949
(h) +44 208 530 7573

On 13 Nov 2009, at 15:44, Marcelo Andrade wrote:

> On Fri, Nov 13, 2009 at 4:14 AM, jburns  wrote:
>> I am not happy with the javascript delete confirm method, as it
>> doesn't appear if javascript is disabled and the delete happens with
>> no checking. I want to ask the user to confirm that he wants to delete
>> a record, and would like to do something like this:
>> 
>> 1. User clicks a delete link, which points at the delete action.
>> 2. The delete action redirects the user to the view screen for the
>> record with a flash message asking him to confirm the delete, and
>> links to confirm or reject the deletion.
>> 3. If the user clicks the confirm link they are redirected back to the
>> delete action but this time with a parameter that shows the action has
>> been confirmed, and the deletion takes place.
>> 4. The parameter identified in (3) is not present in stage (2), which
>> is how (2) knows to direct to the view screen and ask for
>> confirmation, rather than just processing the delete.
>> 5. I am reusing the view screen and action in (2) so that I don't have
>> to build new confirm_delete screens and actions (I would need to build
>> about 60 of them).
> 
> It's not so hard to do it with ordinary $html->link.
> Point the delete link to a question action that do what
> you want (a link to the real delete action and another
> to go back).
> 
> If you can realize how to do it this way, so you could
> encapsulate the all stuff creating your own helper,
> overriding the $html->link method.
> 
> Best regards.
> 
> --
> MARCELO DE F. ANDRADE
> Belem, PA, Amazonia, Brazil
> Linux User #221105
> 
> --
> 
> You received this message because you are subscribed to the Google Groups 
> "CakePHP" group.
> To post to this group, send email to cake-...@googlegroups.com.
> To unsubscribe from this group, send email to 
> cake-php+unsubscr...@googlegroups.com.
> For more options, visit this group at 
> http://groups.google.com/group/cake-php?hl=.
> 
> 

--

You received this message because you are subscribed to the Google Groups 
"CakePHP" group.
To post to this group, send email to cake-...@googlegroups.com.
To unsubscribe from this group, send email to 
cake-php+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/cake-php?hl=.

Re: Delete confirm

2009-11-13 Thread Jeremy Burns 
Thanks very much - I'll do some reading.

Jeremy Burns
jeremybu...@me.com
(Skype) +44 208 123 3822 (jeremy_burns)
(m) +44 7973 481949
(h) +44 208 530 7573

On 13 Nov 2009, at 15:44, AD7six wrote:

> 
> 
> On 13 nov, 16:30, jburns  wrote:
>> No responses on this - any takers?
> 
> Try this for background: http://www.ad7six.com/e/67
> This (the component is in the mi_plugin branch) for a ~pnp solution,
> but probably a bit too integrated/dependent:
> http://code.assembla.com/mi/subversion/nodes/branches/mi_plugin/controllers/components/swiss_army.php#ln302
> 
> or simply:
> 
> function delete($id) {
> if (!$this->data) {
>  $this->set('referer', $this->referer()); // pick this up in the
> view, and add it to the form
>  return $this->render('/elements/confirm_delete');
> }
> ... actually delete ..
> $this->redirect($this->data[$this->modelAlias]['referer']); // where
> they came from
> }
> 
> hth,
> 
> AD
> 
> --
> 
> You received this message because you are subscribed to the Google Groups 
> "CakePHP" group.
> To post to this group, send email to cake-...@googlegroups.com.
> To unsubscribe from this group, send email to 
> cake-php+unsubscr...@googlegroups.com.
> For more options, visit this group at 
> http://groups.google.com/group/cake-php?hl=.
> 
> 

--

You received this message because you are subscribed to the Google Groups 
"CakePHP" group.
To post to this group, send email to cake-...@googlegroups.com.
To unsubscribe from this group, send email to 
cake-php+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/cake-php?hl=.

Re: Delete confirm

2009-11-13 Thread Marcelo Andrade 
On Fri, Nov 13, 2009 at 4:14 AM, jburns  wrote:
> I am not happy with the javascript delete confirm method, as it
> doesn't appear if javascript is disabled and the delete happens with
> no checking. I want to ask the user to confirm that he wants to delete
> a record, and would like to do something like this:
>
> 1. User clicks a delete link, which points at the delete action.
> 2. The delete action redirects the user to the view screen for the
> record with a flash message asking him to confirm the delete, and
> links to confirm or reject the deletion.
> 3. If the user clicks the confirm link they are redirected back to the
> delete action but this time with a parameter that shows the action has
> been confirmed, and the deletion takes place.
> 4. The parameter identified in (3) is not present in stage (2), which
> is how (2) knows to direct to the view screen and ask for
> confirmation, rather than just processing the delete.
> 5. I am reusing the view screen and action in (2) so that I don't have
> to build new confirm_delete screens and actions (I would need to build
> about 60 of them).

It's not so hard to do it with ordinary $html->link.
Point the delete link to a question action that do what
you want (a link to the real delete action and another
to go back).

If you can realize how to do it this way, so you could
encapsulate the all stuff creating your own helper,
overriding the $html->link method.

Best regards.

--
MARCELO DE F. ANDRADE
Belem, PA, Amazonia, Brazil
Linux User #221105

--

You received this message because you are subscribed to the Google Groups 
"CakePHP" group.
To post to this group, send email to cake-...@googlegroups.com.
To unsubscribe from this group, send email to 
cake-php+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/cake-php?hl=.

Re: Delete confirm

2009-11-13 Thread AD7six 


On 13 nov, 16:30, jburns  wrote:
> No responses on this - any takers?

Try this for background: http://www.ad7six.com/e/67
This (the component is in the mi_plugin branch) for a ~pnp solution,
but probably a bit too integrated/dependent:
http://code.assembla.com/mi/subversion/nodes/branches/mi_plugin/controllers/components/swiss_army.php#ln302

or simply:

function delete($id) {
 if (!$this->data) {
  $this->set('referer', $this->referer()); // pick this up in the
view, and add it to the form
  return $this->render('/elements/confirm_delete');
 }
 ... actually delete ..
 $this->redirect($this->data[$this->modelAlias]['referer']); // where
they came from
}

hth,

AD

--

You received this message because you are subscribed to the Google Groups 
"CakePHP" group.
To post to this group, send email to cake-...@googlegroups.com.
To unsubscribe from this group, send email to 
cake-php+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/cake-php?hl=.

Re: Delete confirm

2009-11-13 Thread AD7six 


On 13 nov, 16:30, jburns  wrote:
> No responses on this - any takers?

ps no response in 8 hours - I'll remember that the next time I ask you
for something for free ;)

--

You received this message because you are subscribed to the Google Groups 
"CakePHP" group.
To post to this group, send email to cake-...@googlegroups.com.
To unsubscribe from this group, send email to 
cake-php+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/cake-php?hl=.

Re: Delete confirm

2009-11-13 Thread jburns 
No responses on this - any takers?

On Nov 13, 7:14 am, jburns  wrote:
> I am not happy with the javascript delete confirm method, as it
> doesn't appear if javascript is disabled and the delete happens with
> no checking. I want to ask the user to confirm that he wants to delete
> a record, and would like to do something like this:
>
> 1. User clicks a delete link, which points at the delete action.
> 2. The delete action redirects the user to the view screen for the
> record with a flash message asking him to confirm the delete, and
> links to confirm or reject the deletion.
> 3. If the user clicks the confirm link they are redirected back to the
> delete action but this time with a parameter that shows the action has
> been confirmed, and the deletion takes place.
> 4. The parameter identified in (3) is not present in stage (2), which
> is how (2) knows to direct to the view screen and ask for
> confirmation, rather than just processing the delete.
> 5. I am reusing the view screen and action in (2) so that I don't have
> to build new confirm_delete screens and actions (I would need to build
> about 60 of them).
>
> I have looked for help on adding a parameter to the redirect action,
> but can't find an answer. I'd be grateful for some advice and
> recommendations, please.

--

You received this message because you are subscribed to the Google Groups 
"CakePHP" group.
To post to this group, send email to cake-...@googlegroups.com.
To unsubscribe from this group, send email to 
cake-php+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/cake-php?hl=.

Delete confirm

2009-11-12 Thread jburns 
I am not happy with the javascript delete confirm method, as it
doesn't appear if javascript is disabled and the delete happens with
no checking. I want to ask the user to confirm that he wants to delete
a record, and would like to do something like this:

1. User clicks a delete link, which points at the delete action.
2. The delete action redirects the user to the view screen for the
record with a flash message asking him to confirm the delete, and
links to confirm or reject the deletion.
3. If the user clicks the confirm link they are redirected back to the
delete action but this time with a parameter that shows the action has
been confirmed, and the deletion takes place.
4. The parameter identified in (3) is not present in stage (2), which
is how (2) knows to direct to the view screen and ask for
confirmation, rather than just processing the delete.
5. I am reusing the view screen and action in (2) so that I don't have
to build new confirm_delete screens and actions (I would need to build
about 60 of them).

I have looked for help on adding a parameter to the redirect action,
but can't find an answer. I'd be grateful for some advice and
recommendations, please.

--

You received this message because you are subscribed to the Google Groups 
"CakePHP" group.
To post to this group, send email to cake-...@googlegroups.com.
To unsubscribe from this group, send email to 
cake-php+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/cake-php?hl=.