Hi there I have added a two-dimensional array to each model which for each action states the fields that are allowed to be saved in this action. When I call $this->model->save() in an action, I supply the respective array entry as second parameter to the save() function which limits the fields that are used during the save.
I don't know whether there is a cake specific way to do this, so if you find one, please post it here. @RichardAtHome: If you just remove the form fields from the ctp file a malicious user could still post to the form action using his own form and thus his own form fields. You could of course add some checks to verify the integrity of the form but this can get complicated really quick. Claudia --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Cake PHP" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~----------~----~----~----~------~----~------~--~---
