I disagree. That is an unnecessary query on every page - it's the reason we have session states.
This is something that foreign key constrains can solve at the database level. The user shouldn't be able to submit or change any information if their user id does not exist. - James On Oct 16, 12:39 pm, on24nl <[EMAIL PROTECTED]> wrote: > That's the whole problem: how to sign him out? Cake should check if > the user exists on each request. Otherwise this is a big security > hole! > > On 16 okt, 18:33, [EMAIL PROTECTED] wrote: > > > Well it could be a little hack. When you delete the user make sure > > that user is first sighed out or the information may still be there > > allowing that user to delete you or change info. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~----------~----~----~----~------~----~------~--~---
