maybe using Sanitize::paranoid method.. They mention as the strictest way of doing this kind of task. http://www.ibm.com/developerworks/library/os-php-cake3/index.html
good luck. On Mon, Feb 2, 2009 at 7:17 AM, aman batra <[email protected]> wrote: > > i want to flash an error messege whenever someone tries to add any php > or javascript on the comments tag on any image on my website. i have > stripped the scripts but now it is adding an empty comment on the > comments field rather than displaying an error messege. > > this is my strip script beforevalidate in the model > > function beforeValidate () { > App::import('Core','Sanitize'); > $clean = Sanitize::stripScripts($this->data['Comment'] > ['comment']); > $clean = Sanitize::stripWhitespace($clean); > $this->data['Comment']['comment']= $clean; > if(strlen($clean)==0){ > return false; > } > else return true; > } > > and here is my validation > > var $validate = array( > 'comment' => array( > 'rule' => 'notEmpty', > 'required' => true, > 'message' => 'Comment Field Cannot be empty')); > > > can any one suggest me the solution?? > > > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~----------~----~----~----~------~----~------~--~---
