When using JS to dynamically change the form, you're basically doing exactly what the form helper is intended to prevent - it tries to ensure that no form fields are tampered with, and a hidden form field is exactly such an example!
I'd have thought that making it a non hidden field, ie a text field which you hide with CSS, should have worked though. You may just have to do your own form restrictions for actions like this, i.e ensure the whitelist you pass into model->save is correct. On Mar 30, 7:56 am, Lamiunto <[email protected]> wrote: > Are you using $form->end() ? > Also, if you want to populate your fields with Javascript, look for > form ID's that represent the model and field you're trying to find, so > if you're trying to edit the hidden "username" field in for the User > model, the field ID would be UserUsername, you could just use $ > ('UserUsername').value = '...' if you're using Prototype. > > Remember when using the security component you must use the form > helper for all of your forms, most of the time this isn't a problem > because you can specify all kinds of information about your fields > quite easily with the form helper. I haven't come across any situation > yet where the form helper doesn't work correctly. Remember to start > forms with $form->create() and end them with $form->end(). > > On Mar 30, 2:22 pm, Miles J <[email protected]> wrote: > > > It seems even if I use form helper, I still have the same problem. > > >https://trac.cakephp.org/ticket/6254 --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~----------~----~----~----~------~----~------~--~---
