Re: get method validation
Hi! U can use the php function: is_numeric (http://de.php.net/manual/en/ function.is-numeric.php) kinda: function (id = null) { if (empty ($id) || !is_numeric ($id)) // error!!! else // save/update/delete } Regards! mono. On Jan 18, 8:32 pm, Delirium tremens wrote: > Do you know > > > > > and > > http://www.asite.com/script.php?id=a > > ? > > Valid IDs are numbers. How do I prevent my script from assigning > invalid values to id? > > On 18 jan, 17:18, Webweave wrote: > > > Not clear on what your question means, are you asking about validation > > rules? > > > On Jan 18, 7:30 am, Delirium tremens wrote: > > > > How to validate an id passed not by post, but by get? I do not have to > > > output an error message to hackers and crackers, do I? I tested using / > > > ^[0-9]{1,10}$/ as rule, nothing as message and passing an "a", but it > > > did not output an error message. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
Re: get method validation
It should be noted that the GET Request is not designed for this ;-) Hypertext Transfer Protocol (HTTP) Request methods GET Requests a representation of the specified resource. Note that GET should not be used for operations that cause side-effects, such as using it for taking actions in web applications. One reason for this is that GET may be used arbitrarily by robots or crawlers, which should not need to consider the side effects that a request should cause. http://en.wikipedia.org/wiki/Hypertext_Transfer_Protocol Or at least it should be seen as Best Pratice not to do so. On Jan 19, 1:53 am, Webweave wrote: > Not sure I do, looks like you got a partial post. The validate > 'numeric' for id, will validate the data for your id column as > numeric. > > You don't even need that if the field is numeric as there wouldn't be > allowed automatically. > > IF on the other hand you are asking how do I detect if a value was > passed by GET or POST, that's an entirely different thing. > > POST data is passed in $this->data, GET data is passed in $this- > > >passedArgs or $this->params['url']. > > Seehttp://book.cakephp.org/view/55/The-Parameters-Attribute-params > > On Jan 18, 11:43 am, Delirium tremens wrote: > > > Are you still not understanding the question? > > > On 18 jan, 15:38, Delirium tremens wrote: > > > > How come nobody knows??? > > > > On 18 jan, 13:30, Delirium tremens wrote: > > > > > How to validate an id passed not by post, but by get? I do not have to > > > > output an error message to hackers and crackers, do I? I tested using / > > > > ^[0-9]{1,10}$/ as rule, nothing as message and passing an "a", but it > > > > did not output an error message. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
Re: get method validation
Not sure I do, looks like you got a partial post. The validate 'numeric' for id, will validate the data for your id column as numeric. You don't even need that if the field is numeric as there wouldn't be allowed automatically. IF on the other hand you are asking how do I detect if a value was passed by GET or POST, that's an entirely different thing. POST data is passed in $this->data, GET data is passed in $this- >passedArgs or $this->params['url']. See http://book.cakephp.org/view/55/The-Parameters-Attribute-params On Jan 18, 11:43 am, Delirium tremens wrote: > Are you still not understanding the question? > > On 18 jan, 15:38, Delirium tremens wrote: > > > How come nobody knows??? > > > On 18 jan, 13:30, Delirium tremens wrote: > > > > How to validate an id passed not by post, but by get? I do not have to > > > output an error message to hackers and crackers, do I? I tested using / > > > ^[0-9]{1,10}$/ as rule, nothing as message and passing an "a", but it > > > did not output an error message. > > --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
Re: get method validation
Are you still not understanding the question? On 18 jan, 15:38, Delirium tremens wrote: > How come nobody knows??? > > On 18 jan, 13:30, Delirium tremens wrote: > > > How to validate an id passed not by post, but by get? I do not have to > > output an error message to hackers and crackers, do I? I tested using / > > ^[0-9]{1,10}$/ as rule, nothing as message and passing an "a", but it > > did not output an error message. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
Re: get method validation
Do you know and http://www.asite.com/script.php?id=a ? Valid IDs are numbers. How do I prevent my script from assigning invalid values to id? On 18 jan, 17:18, Webweave wrote: > Not clear on what your question means, are you asking about validation > rules? > > On Jan 18, 7:30 am, Delirium tremens wrote: > > > How to validate an id passed not by post, but by get? I do not have to > > output an error message to hackers and crackers, do I? I tested using / > > ^[0-9]{1,10}$/ as rule, nothing as message and passing an "a", but it > > did not output an error message. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
Re: get method validation
update link readall view echo $html->link('Update', '/articles/update/'.$articleid); update method articles controller function update($id = null) { validate var articles model 'id' => 'numeric' update link articles controller echo $form->input('id', array('type'=>'hidden')); How do I prevent my script from trying to delete id = not a number? On 18 jan, 17:07, brian wrote: > Well, I don't know quite what the question is. What does your test > look like, exactly? What data are you posting? Post some code. > > On Sun, Jan 18, 2009 at 12:38 PM, Delirium tremens wrote: > > > How come nobody knows??? > > > On 18 jan, 13:30, Delirium tremens wrote: > >> How to validate an id passed not by post, but by get? I do not have to > >> output an error message to hackers and crackers, do I? I tested using / > >> ^[0-9]{1,10}$/ as rule, nothing as message and passing an "a", but it > >> did not output an error message. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
Re: get method validation
Not clear on what your question means, are you asking about validation rules? On Jan 18, 7:30 am, Delirium tremens wrote: > How to validate an id passed not by post, but by get? I do not have to > output an error message to hackers and crackers, do I? I tested using / > ^[0-9]{1,10}$/ as rule, nothing as message and passing an "a", but it > did not output an error message. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
Re: get method validation
Well, I don't know quite what the question is. What does your test look like, exactly? What data are you posting? Post some code. On Sun, Jan 18, 2009 at 12:38 PM, Delirium tremens wrote: > > How come nobody knows??? > > On 18 jan, 13:30, Delirium tremens wrote: >> How to validate an id passed not by post, but by get? I do not have to >> output an error message to hackers and crackers, do I? I tested using / >> ^[0-9]{1,10}$/ as rule, nothing as message and passing an "a", but it >> did not output an error message. > > > --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
Re: get method validation
How come nobody knows??? On 18 jan, 13:30, Delirium tremens wrote: > How to validate an id passed not by post, but by get? I do not have to > output an error message to hackers and crackers, do I? I tested using / > ^[0-9]{1,10}$/ as rule, nothing as message and passing an "a", but it > did not output an error message. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
get method validation
How to validate an id passed not by post, but by get? I do not have to output an error message to hackers and crackers, do I? I tested using / ^[0-9]{1,10}$/ as rule, nothing as message and passing an "a", but it did not output an error message. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---