evening all, just something i was pondering...
you might have pondered previously... i had a quick search through the groups and found this post (and paste) which was of interest. http://groups.google.com/group/cake-php/browse_thread/thread/8094b744e256066d/aac9cb60e3bc4a93?lnk=gst&q=beforesave+sanitize&rnum=1#aac9cb60e3bc4a93 http://www.cakephp.org/pastes/show/eb23edaac3bd13381b467669d2bd291a Basically, I'm thinking about the option of sanitizing any and all input from the user in a method of my app_controller. i'm just trying to think about the positives and negatives, advantages and possible problems that may arise. I mean, pretty much, any input from the user I would feel more comfortable if it had been sanitized before it touched my database - and I mean everything; save, find, etc. Even parameters passed to actions that users have access to (e.g. querystring) I would feel safer if it had been sanitized first. Now, I know it would be best practice to do this on a case by case basis... but i was just curious if it would be possible and if anyone currently employs it. and obviously if they did, what trouble they ran in to along the way. please, share your thoughts. cheers, freedom --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Cake PHP" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php -~----------~----~----~----~------~----~------~--~---
