I think this is what you are looking for http://manual.cakephp.org/chapter/security
Geoff -- http://lemoncake.wordpress.com On Sep 1, 12:14 am, "Marcus T. Jaschen" <[EMAIL PROTECTED]> wrote: > MarcusTerasa wrote: > > But if a user manipulates the form and posts a different id, another > > entry would be updated or created. So in a real world app it would be > > a great security risk. > > > What could I do to prevent it? > > Simply check in your Controller action if the user which requests the > change is allowed to ... ("is the client the owner of the dataabse > record he wants to change?") > > Marcus --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Cake PHP" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~----------~----~----~----~------~----~------~--~---
