if you use something like this which cake cannot automagically escape:
$foo = $this->MyModel->findAll("id='{$id}'");
you should use Sanitize::sql() on $id to prevent sql injection attacks.--~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Cake PHP" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php -~----------~----~----~----~------~----~------~--~---
