Check out the HttpSocket class in 1.2, particularly the post method, which will allow you to pull from and push to the remote servers. The same library also provides easy access to the headers if and when the remote servers push data. Cake automatically sanitizes form input for SQL automatically, so you should be covered there. Javascript/HTML sanitization can be done automatically as well, but this doesn't happen by default. You usually have to submit an additional parameter in the relevant function calls and occasionally make use of the Javascript helper (as in $clean = JavascriptHelper::escapeScript($dirty) ). For your XML, check out the XML helper and layout and the XMLNode class.
If you're looking for security by obscurity, you can always create a dedicated method in your controller to handle these requests as well. Auth and ACL should work for your programatically assigned permissions, but ACL's are complicated and good tutorials aren't really out there yet. The coverage in the new manual seems decent. Of course, although I've read it, I haven't tried working with that documentation yet. If you're working with 1.2, your best resources are the manual and the API. On Jun 3, 4:31 am, Infinite Knight <[EMAIL PROTECTED]> wrote: > You are only scratching the surface of what I need, leo... My entire > app DEPENDS on the outside data it recieves, so if I can't find an > efficent way to get that into the system to be processed, and results > returned, as quickly, preferably faster then I presently can do, then > there is no point in me using it... I don't want to have to run a > custom framework along side CakePHP... I will either run a variant of > my in-house Shield system, which was built upon the aforementioned > libraries, with specialized classes for sanitizing incoming and > outgoing data, so nothing is ever entered into either the filesystem, > or database / logic side that isn't cleaned first, even if it is > comming from the DB / Filesystem, or I will use Cake... But not > both... Running both is just stupid, as it would be incredibly > redundant... Long story short I am in the process of developing a > platform system that will facilitate data to be aggrated from a number > of sources (four different websites), and a number of specialized > "servers" and "clients" deployed across a semi-private intranet > grid... The system has to support this arrangement with a fairly high > throughput, and be able to maintain it... Maximum user load, should > everyone possible take advantage of the system numbers well into the > millons, and given that each user can utilize as many clients and > servers as they desire once they are a member of the system, it has to > be able to take a beating and mirror the functions of other systems I > have deployed for other businesses... The only reason I am willing to > listen to my friend's suggestion to use Cake is that this deployment > is a personal project, not a commercial one at the moment, so I have > room to play with... > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~----------~----~----~----~------~----~------~--~---
