Re: Prepared Statement (Custom SQL) always returns bool(true) instead of results

That was a typo, should be $db = $this->getDataSource(); Still having the issue though On Friday, August 16, 2013 4:43:34 PM UTC-7, Xtagon wrote: > > Hi, > > I know that it is always recommended to use find() instead of custom SQL, > but I have a use case where I need to use a custom prepared st

RE: Data validation: Client or Server?

Once you have a registered member I think js validation is ok. But from a front end point any user can manipulate the from, security component does noting for js / ajax. So be aware of that. I had an ajax validation method but all it did was expose user names and passwords by manipulation the f

Re: install cakephp with on a sub-domain

Change your RewriteBase /client RewriteEngine On RewriteBase /client/ RewriteCond %{REQUEST_FILENAME} !-d RewriteCond %{REQUEST_FILENAME} !-f RewriteRule ^(.*)$ index.php [QSA,L] Your /login route would be root SPIP directory. If you have full con

Re: Data validation: Client or Server?

Dave, I agree you can over expose but its still valid data by the time it gets to the database. We are constantly trying to build a better mousetrap to stop people from using servers to submit signups for sites like Voodoo.com. So I built a two stage form that asks your name ,company, and

RE: Data validation: Client or Server?

Good stuff, but just think about how it can be manipulated. Filed, for example you mighr be validating Susans hair colur down the road. Few tweeks with Firebug and I change to input to [user].. presto now I can see if you have a valid user, password. Sure I have to try over and over but i

Re: Data validation: Client or Server?

We always use both if not both server-side Eric Haskins High Octane Brands http://highoctanebrands.com On Friday, August 16, 2013 7:32:29 AM UTC-4, jer...@anthemwebsolutions.com wrote: > > I wanted to get some opinions on this. Cake's validation structure is easy > to apply and works flawle

Prepared Statement (Custom SQL) always returns bool(true) instead of results

Hi, I know that it is always recommended to use find() instead of custom SQL, but I have a use case where I need to use a custom prepared statement. Problem is, it always returns bool(true) instead of a results array, even if I'm just doing a very basic SELECT with nothing complex going on in t

Ajax / CRSF / Security

I created a plugin that handles all security issues with Cake / Ajax requests. Simply add a $this>_secureForm() which adds a _key and it adds a token to the form and on request the _key matches the users _lock Controller will generate a new key on every request. All though it will not

RE: live validation

Live validation exposes all your users. Its too easy to just change filed named and presto you can see if a valid email / username and a hacker can get to do whatever. Never ever return info to a user. I made a live validation component then hacked it, If you hit the database you give up all v

Re: Extend a core behavoir

Where did you find / get the idea that App::uses('ModelBehavior', 'TreeBehavior', 'Model'); is a valid method call? It is App::uses('TreeBehavior', 'Model/Behavior'); as you can easily find out opening some of the core test files Then you can easily extend it in your own app. Am Freitag, 16

Re: bootstrap twitter typeahead , dont work for me in cakephp

Never create a new response object there is already one available in your controller just use $this->response->body($content); as documented Am Freitag, 16. August 2013 19:16:32 UTC+2 schrieb cesar calvo: > > I use this in my AppController > > public function jsonResponse($array) { >

Re: bootstrap twitter typeahead , dont work for me in cakephp

I use this in my AppController public function jsonResponse($array) { return new CakeResponse(array('body' => json_encode($array))); } Then on a controller call jsonResponse Note: if you are usin Security component on beforeFilter: if ($this->request->is('ajax')) $this->Security->u

RE: Data validation: Client or Server?

Always validate data server-side. User disables js then what? Best bet is to always Dave Maharaj Freelance Designer | Developer Description: header_logo www.movepixels.com | d...@movepixels.com | 709.800.0852 From: cake-php@googlegroups.com [mailto:cak

Re: Data validation: Client or Server?

I still view jQuery as progressive enhancement. Even if it is mostly on it can still be turned off, which would - if you relied only on client side code - skip your validation. You also never know how your site will be accessed; what if (remote, I know) you wanted to open it up as a web service

Data validation: Client or Server?

I wanted to get some opinions on this. Cake's validation structure is easy to apply and works flawlessly (so far, wink,wink). But I've also written some data validation with jQuery which is activated at the client side. Is there still a need to validate at the server if most browsers support j

Captcha Image Issues

Hi there, I am hoping that someone could possibly assist me or offer some advice on some captcha issues I am having with my site. For some time now the captcha images on forms on the site have been a bit temperamental. They work on some browsers without a problem, but on other machines simply

Re: Extend a core behavoir

thanks, I tried to use App:uses but I got a fatal error "Class 'TreeBehavior' not found in..." I had this following line: App::uses('ModelBehavior', 'TreeBehavior', 'Model'); but anyway using App::import it works as it should. thanks, MN Java & C# deskto