Hello,
A developer found that you can call some action methods in controller.php directly.
(Japanese Blog)
For example,
if you request a following URL:
CakePHP will execute "flash" methods in the controller.php.
The site will display "any_strings_you_want_to_display".
(CakePHP will not allow any execution of <script> though...)
Can you think of any disadvantage or security problem?
----------------------------------------------------------------------------------------
S.Dozono
cakephp.jp / Japanese Tips & support for CakePHP...
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "Cake PHP" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at http://groups.google.com/group/cake-php
-~----------~----~----~----~------~----~------~--~---
