All of the various database frontends are in cake/libs/model/datasources/dbo/
On Fri, Jun 6, 2008 at 4:18 PM, Turnquist, Jonah <[EMAIL PROTECTED]> wrote: > > Thank you! That was exactally what I was looking for. That should > work nicely. > > Still looking for the answer to this question though: > > Also, does cakephp take care of mysql injection checking automagically > or do I have to call mysql_real_escape_string for everything > manually? Or is there something else? > > Thanks, > Jonah > > On Jun 6, 7:02 am, Daniel Hofstetter <[EMAIL PROTECTED]> wrote: >> Hi Jonah, >> >> > Problem: >> > What if data is sent through that should NOT be stored in table? How >> > do I stop that? For example, say I had a column named >> > "do_not_store_data_here" in the table. For some reason I do not want >> > any data stored there. I can't think of any particular cases where I >> > would want to do that at the moment but just go with me. >> >> > I am asking how can I stop people from injecting data into there? I >> > mean, they could easily inject it by sending post data with the key >> > data[Script][do_not_store_data_here]. >> >> Have a look at the third parameter of Model::save(), it allows you to >> specify the fields which can be written. >> >> Hope that helps! >> >> -- >> Daniel Hofstetterhttp://cakebaker.42dh.com > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~----------~----~----~----~------~----~------~--~---
