On May 5, 2006, at 2:33 PM, roberts.sean wrote:
> > The blog tutorial was great, but I think it left out a crucial step: > securing it from malicious users who want nothing more than to make a > series of "hahaha lol owned you" posts on your blog. The section in > the manual on ACL was interesting, but it said that you should already > have your own user authentication setup. The rdAuth tutorial in the > Wiki was confusing at best. The Blog tute is meant to be extremely simple. While security is an important part of any application, the Blog in the tute isn't a real application, but a tool for teaching folks about Cake. > Does anyone know of a tutorial that extends the blog tutorial to > include a minimal amount of security? I've gotten as far as writing a > small script to determine whether or not a user's login credentials > are > any good, but when it comes down to making this persistent among my > pages I'm pretty lost! Cake automatically starts a session, you just need to read up on sessions in PHP. That's how you manage persistent information using the system. You can use sessions however you want, but Cake has some helps there, too. There's sections in the manual that address those helps, but read the PHP docs (and Google) for info about using Sessions first. > If anyone knows of a tutorial like this, or can explain to me how I > would go about maintaining a persistent "logged in" status for a user > among different models and controllers I would really appreciate it. Depends what you want to do I guess. The beforeFilter in controllers is a great place to put access checking functions. But that all depends on how you're using your sessions. --- J --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Cake PHP" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php -~----------~----~----~----~------~----~------~--~---
