Re: sanitize and redirect

2010-02-12 Thread Nicolas Maleve 
Thanks. If I get the principle right, there are two moments where
sanitizing must take place:
- before sending parameters in custom queries
- before output in the views with h()

,n
Le Jeu 11 février 2010 19:48, anl hp a écrit :
 Not you don't ... because you should not worry about that, if an id is
 invalid and you want handle the situation elegant, you could do something
 like this:
 if (!is_numeric($id)) {
   $this-setFlash('ooopss, dont do that!');
   $this-redirect();
 }


 anl


 On Thu, Feb 11, 2010 at 7:05 PM, Nicolas Maleve
 nico...@constantvzw.comwrote:

 Hello,

 Just a doubt. It looks like Cake takes care of sanitizing data in save
 and
 find, ie. Do I need to sanitize $id when using
 $this-redirect(array('action'='edit','id'=$id)); Or is there some
 cleaning happening inside redirect?

 Thanks

 nicolas


 *
*
  *
  *
   *
 *
   *
  *
  *
  C O N S T A N T
   V Z W




 Check out the new CakePHP Questions site http://cakeqs.org and help
 others
 with their CakePHP related questions.

 You received this message because you are subscribed to the Google
 Groups
 CakePHP group.
 To post to this group, send email to cake-php@googlegroups.com
 To unsubscribe from this group, send email to
 cake-php+unsubscr...@googlegroups.comcake-php%2bunsubscr...@googlegroups.comFor
 more options, visit this group at
 http://groups.google.com/group/cake-php?hl=en


 Check out the new CakePHP Questions site http://cakeqs.org and help others
 with their CakePHP related questions.

 You received this message because you are subscribed to the Google Groups
 CakePHP group.
 To post to this group, send email to cake-php@googlegroups.com
 To unsubscribe from this group, send email to
 cake-php+unsubscr...@googlegroups.com For more options, visit this group
 at http://groups.google.com/group/cake-php?hl=en



 *
*
  *
  *
   *
 *
   *
  *
  *
  C O N S T A N T
   V Z W




Check out the new CakePHP Questions site http://cakeqs.org and help others with 
their CakePHP related questions.

You received this message because you are subscribed to the Google Groups 
CakePHP group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to
cake-php+unsubscr...@googlegroups.com For more options, visit this group at 
http://groups.google.com/group/cake-php?hl=en

Re: sanitize and redirect

2010-02-11 Thread anl hp 
Not you don't ... because you should not worry about that, if an id is
invalid and you want handle the situation elegant, you could do something
like this:
if (!is_numeric($id)) {
  $this-setFlash('ooopss, dont do that!');
  $this-redirect();
}


anl


On Thu, Feb 11, 2010 at 7:05 PM, Nicolas Maleve nico...@constantvzw.comwrote:

 Hello,

 Just a doubt. It looks like Cake takes care of sanitizing data in save and
 find, ie. Do I need to sanitize $id when using
 $this-redirect(array('action'='edit','id'=$id)); Or is there some
 cleaning happening inside redirect?

 Thanks

 nicolas


 *
*
  *
  *
   *
 *
   *
  *
  *
  C O N S T A N T
   V Z W




 Check out the new CakePHP Questions site http://cakeqs.org and help others
 with their CakePHP related questions.

 You received this message because you are subscribed to the Google Groups
 CakePHP group.
 To post to this group, send email to cake-php@googlegroups.com
 To unsubscribe from this group, send email to
 cake-php+unsubscr...@googlegroups.comcake-php%2bunsubscr...@googlegroups.comFor
  more options, visit this group at
 http://groups.google.com/group/cake-php?hl=en


Check out the new CakePHP Questions site http://cakeqs.org and help others with 
their CakePHP related questions.

You received this message because you are subscribed to the Google Groups 
CakePHP group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to
cake-php+unsubscr...@googlegroups.com For more options, visit this group at 
http://groups.google.com/group/cake-php?hl=en