No.
http://us.php.net/json_decode
On Jun 27, 2:54 pm, "[EMAIL PROTECTED]"
<[EMAIL PROTECTED]> wrote:
> > Data is escaped properly when it is inserted into the db which
> > prevents sql injection. You then escape output so to remove unexpected/
> > malicious output.
>
> Is there any chance of mal
> Data is escaped properly when it is inserted into the db which
> prevents sql injection. You then escape output so to remove unexpected/
> malicious output.
Is there any chance of malicious PHP code inserted as input that would
get executed during the massaging of data to get it into $this->dat
Data is escaped properly when it is inserted into the db which
prevents sql injection. You then escape output so to remove unexpected/
malicious output.
1. function beforeFilter() {
2. if(isset($this->params['form']['json'])) {
3. $this->data = json_decode($this->params['form'
> you dont need to sanitize. I can see the beforeFilter being about 4
> lines of code max. Seems pretty painless to me
1) Why don't I need to sanitize. I don't trust this data as it is
coming from a form.
2) Would you mind posting these "4 lines of code" or pseudo code?
--~--~-~--~~
you dont need to sanitize. I can see the beforeFilter being about 4
lines of code max. Seems pretty painless to me
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups "Cake
PHP" group.
To post to this group, send email
Hi,
I'm considering using GWT for my UI with my existing cakephp backend.
To communicate with the server I encode all my post variables into one
JSON variable and perform an asynchronous post. I would then like
cakephp to decode the JSON and assign it to $_POST before it does
anything else. This