Ok, teknoid, Miles, thanks a lot! :)
On Feb 5, 4:07 am, teknoid <[email protected]> wrote:
> ind dbo source drivers, there is a value() method, which... if you
> take a peek at the source will say that it:
> "Prepares a value, or an array of values for database queries by
> quoting and escaping them."
>
> On Feb 4, 6:01 pm, Mee <[email protected]> wrote:
>
>
>
> > Hello,
>
> > Just a little question, if I get a parameter in a method, like
>
> > function index($id==null) {
> > $this->post->findById($id);
>
> > }
>
> > Do I have to sanitize $id? I just thought that CakePHP protects params
> > from being used for SQL-injections of any kind, doesn't it?
>
> > Thanks in advance,
> > mee
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"CakePHP" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/cake-php?hl=en
-~----------~----~----~----~------~----~------~--~---
