Quite a conundrum... If the function is called beforeSave() then the input is not sanitized before being used for validation. Could be an issue when using isUnique() as the database is queried at validation time using unsanitized input data. Could this be a candidate for SQL injection?
--~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Cake PHP" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~----------~----~----~----~------~----~------~--~---
