Re: cant use saveAll() to edit $this-data
On Apr 20, 10:02 am, fain182 fain...@gmail.com wrote:
did you put a hidden field with the id in the view of edit?
something like:
echo $form-input('id', array('type'='hidden'));
Don't do this!!!
When you depend on client side values to update records they can be
changed by malicious users!
I could just changed the ID value in a local copy of the html to the
ID of an element I shouldn't have access to and set the remaining
values to anything I want.
This will allow me to overwrite things I shouldn't.
Instead use server side logic to insert the ID into the data before
saving.
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
CakePHP group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to
cake-php+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/cake-php?hl=en
-~--~~~~--~~--~--~---
Re: cant use saveAll() to edit $this-data
did you put a hidden field with the id in the view of edit?
something like:
echo $form-input('id', array('type'='hidden'));
Don't do this!!!
this is used in the cake book... for an administration page in
absolutely secure IMHO...
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
CakePHP group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to
cake-php+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/cake-php?hl=en
-~--~~~~--~~--~--~---
Re: cant use saveAll() to edit $this-data
I need help in using saveAll() method for editing, I have a form that
needs to save data to 2 different models, Subscriber and Individual
subscriber. But everytime i edit data, a new data is being created
instead. The following is my codes:
did you put a hidden field with the id in the view of edit?
something like:
echo $form-input('id', array('type'='hidden'));
if you don't send the id, cakephp believe that you want add a new row..
( http://book.cakephp.org/view/340/Editing-Posts )
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
CakePHP group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to
cake-php+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/cake-php?hl=en
-~--~~~~--~~--~--~---
