Hi all I am fairly new to CakePHP, I am trying to only allow those users who created an event to be able to edit or delete an event, so I am comparing the current user id, with the 'user_id' field of the event the current event (saved when a user creates an event). Any help would be appreciated thanks, my code(Andrew Perk) is as follows:
public function isAuthorized($user) { $this->loadModel('User'); if ($user['role'] == 'admin') { return true; } if (in_array($this->action, array('edit', 'delete'))) { if ($user['id'] != $this->request->data['Event']['user_id']) { //////////////////// THIS IS THE LINE I FEEL IS WRONG - PLEASE ADVISE //echo debug($event['user_id']); //$this->Session->setFlash(__('You are not allowed to edit someones event')); return false; } } return true; } -- Like Us on FaceBook https://www.facebook.com/CakePHP Find us on Twitter http://twitter.com/CakePHP --- You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com. Visit this group at http://groups.google.com/group/cake-php?hl=en.