Okay, I added this:
if ($secretid != /* What Goes Here? */ ) {
$this->flash(__('Invalid Secret Identification Code', true),
array('action'=>'index'));
}
Tried several different things, but I'm a noob, which is why I
couldn't get it to work in the first place, I was just messing around
with some of the code that was baked up for me but it's not working.
How do you call a single item from the database?
On Oct 16, 1:28 am, "David C. Zentgraf" <[EMAIL PROTECTED]> wrote:
> Think twice about what's actually going on in that code...
>
> If no $id or $secretid were supplied, you redirect somewhere else.
> If $this->data is not empty... doesn't matter.
> Then, last case that always gets triggered if there's ANY $id or
> $secretid, you fetch the data from the DB and present it to the user.
>
> There's no validation of the $secretid going on whatsoever, how do you
> expect it to work?
>
> On 16 Oct 2008, at 14:36, Cody Sortore wrote:
>
>
>
> > Okay, with the particular site I'm building a log in system isn't
> > necessary, and people don't want it. The problem is that I want to
> > allow the creator editing access still. People make mistakes, or may
> > need to delete spam comments occasionally.
>
> > What I was thinking was to have a place when creating their page they
> > put in a "secret id" that then goes into the database and what I want
> > to do is so that the only way to access the edit page is to have that
> > secret id in the url for example:
>
> >http://www.testsite.com/inventory/edit/secretid/1/
>
> > I've actually got that working with this code:
>
> >http://bin.cakephp.org/view/1344979601
>
> > and a view that has a hidden field for the secret id. Problem is with
> > what I have anything in place of the secret id allows you to edit.
> > Examples:
>
> >http://www.testsite.com/inventory/edit/12345/1/
> >http://www.testsite.com/inventory/edit/iamahaxor/1/
> >http://www.testsite.com/inventory/edit/1/1/
>
> > will all allow you to edit inventory item number 1.
>
> > Another annoyance I've noticed is that if you have an inventory number
> > higher than what the table goes up to. Say with this one in test runs
> > I've only got 3 inventory items to work with right now. If I put:
>
> >http://www.testsite.com/inventory/edit/secretid/1337/
>
> > it simply adds another inventory item to the list... this like I said
> > is only a minor nuisance and can be ignored, the important part is the
> > data validation (which may be fix this trouble too).
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"CakePHP" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/cake-php?hl=en
-~----------~----~----~----~------~----~------~--~---
