> Can anyone tell me how can we prevent the sql injection and cross site > scripting with CakePHP?
Have you attempted to do an Sql injection or just assume it can be done? If you follow conventions are are not writing your own Sql, which is the suggested way to do things around here ;) you will not have to write any of the code you are using above since cake takes care of making data safe for insertion into the database. -- /** * @author Larry E. Masters * @var string $userName * @param string $realName * @returns string aka PhpNut * @access public */ --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Cake PHP" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~----------~----~----~----~------~----~------~--~---
