Re: Form manipulation
Hi, follow this code, if(!empty($this->data)){ $this->data['User']['user_id'] = $this->Auth->user('id'); $this->data['User']['current_date'] = date('Y-m-d'); $this->User->save($this->data); } === for get the db driven select box, use the find syntax with list attribute. ex: $this->User->find('find',array('list', array( 'conditions' => array(*** give conditions ***), 'fields' => array('User.id', 'User.name') ) )); what u give in the fields attribute, will be reflected in the options for the select box. Enjoy Cake Bake. Regards, Krishnan Nair --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
Re: Form manipulation
I figured out the problem: the key set in the form is not the same as the one in the Session.Somehow the latter one get's generated again somewhere. I have added some logging throughout the system and this is wat happens: 2007-10-19 10:16:36 Error: Dispatcher::start(Forumposts) 2007-10-19 10:16:36 Error: SecurityComponent::startup(Forumposts) 2007-10-19 10:16:36 Error: Generate Token (Forumposts): 9771489b68d380e904f0ca0033f84be7488cc315 2007-10-19 10:16:36 Error: Dispatcher::start(App) 2007-10-19 10:16:36 Error: SecurityComponent::startup(App) 2007-10-19 10:16:36 Error: Generate Token (App): 21ee75781b5616b1d2b5da03d372291e43e66cb1 So, generateToken get's called twice. The first time is the key which is written to the form, the second time it overwrites the key is the Session and after submitting the form, the keys don't match anymore. After digging further and further, I finally discovered my fault: in my layout I was calling an not-existing javascriptfile, which caused an error for non-existing JsController. The ErrorHandler then creates a new AppController, which causes the token to be overwritten. This also means that it is not possible to have two separate forms open in the same session, the last one opened will overwrite the key form the first one, which will cause an error when that is submitted. This may be a nice addition for the SecurityComponent? Anyway, I hope this helps anyone who is having the same problems :) --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Cake PHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
Re: Form manipulation
Maybe I was too quick with that conclusion. Actually somehow only the loginform works properly, but I'm still looking for the difference between that form en the others (except from the different models)... Anyone else is having problems with the Security component? On 18 okt, 16:58, 2000Man <[EMAIL PROTECTED]> wrote: > Hi larry, > > I should have don't that before starting my topic here, because the > Security-component has been greatly improved! Sorry for bothering > you.. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Cake PHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
Re: Form manipulation
Hi larry, I should have don't that before starting my topic here, because the Security-component has been greatly improved! Sorry for bothering you.. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Cake PHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
Re: Form manipulation
Hi Larry, Currently I'm using the Development: 1.2.0.5427alpha version, let me try it with the current nightly build.. On 17 okt, 13:05, "Larry E. Masters aka PhpNut" <[EMAIL PROTECTED]> wrote: > > I have indeed tested it. Adding fields isn't posible, but removing > > them is. > > If this is true, I need to see a test case for this. You can not remove any > fields in the forms when using the SecurityComponent in combination with the > FormHelper methods. You can not alter the hidden fields or their values > either. > > -- > /** > * @author Larry E. Masters > * @var string $userName > * @param string $realName > * @returns string aka PhpNut > * @access public > */ --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Cake PHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
Re: Form manipulation
> I have indeed tested it. Adding fields isn't posible, but removing > them is. If this is true, I need to see a test case for this. You can not remove any fields in the forms when using the SecurityComponent in combination with the FormHelper methods. You can not alter the hidden fields or their values either. -- /** * @author Larry E. Masters * @var string $userName * @param string $realName * @returns string aka PhpNut * @access public */ --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Cake PHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
Re: Form manipulation
Hi Larry, I have indeed tested it. Adding fields isn't posible, but removing them is. @Wayne: I care, because it makes it possible for people to skip required fields. I think can be solved by making model::validates also check for the presence of all fields in $validate in the data array. Of course I can do it manually, but was wondering if there was a trick to make Cake do it automatically.. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Cake PHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
Re: Form manipulation
Have you tested that it is in fact possible to remove fields from a form when using the SecurityComponent? -- /** * @author Larry E. Masters * @var string $userName * @param string $realName * @returns string aka PhpNut * @access public */ On 10/16/07, 2000Man <[EMAIL PROTECTED]> wrote: > > > Hi guys, > > I've been playing around with the Security-component, which is able to > prevent forms to be manipulated (fields being added to the form). This > works perfectly, but there is still another problem: by downloading > and manipulating it isn't possible to add fields, but is is still > possible to remove fields. > > This is a real problem, because when the field is removed, the > Security-component doesn't detect this, but model::validates also > doesn't, because the latter works the other way around: foreach of the > fields of $model->data is makes sure it validates. So what it doesn't > do is check if all fields specified in model->validate are really > present. > > Is there a way to solve this problem using Cake's build-in > functionality? Of course I can add this check to my > Appmodel::validates, but I think this is something the framework > should be able to do? Does anyone know how to prevent this problem? > > > > > --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Cake PHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
Re: Form manipulation
I'm curious... why do you care if fields are removed? Wayne On 10/17/07, 2000Man <[EMAIL PROTECTED]> wrote: > > Anyone? > > > > > --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Cake PHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
Re: Form manipulation
Anyone? --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Cake PHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---