Hi Dave, You are actually doing as is written in the article - you are not whitelisting, but blacklisting :)
As the third parameter, you should pass only the whitelist, not use the array_diff way as shown in the article! Then try again, and see if it works/helps, John On Apr 30, 7:49 am, "Dave Maharaj :: WidePixels.com" <[email protected]> wrote: > I been reading the aticle > herehttp://teknoid.wordpress.com/2009/03/11/blacklist-your-model-fields-f... > / > > and modified the code to this: > $whitelist = array('system_id'); > $this->User->save($this->data, true, > array_diff(array_keys($this->User->$join_table->schema()), $whitelist)); > //$join_table is UsersSystem > > Because this is for a form i dont want anyone adding fields or changing > fields...so i manualy changed in FireBug > <input type="text" id="UserFirstname" value="" maxlength="45" > name="data[User][firstname]"/> > > to > > <input type="text" id="UserId" value="" maxlength="45" > name="data[User][id]"/> and sure enough it save to the database which is not > good! > > I need to allow only the fields in the HABTM $join_table to be saved to or > updated and nothing else. > i did a debug on the save and the schema shows only the $join_table fields > which is what i want and i want to allow only those fields to be saved to. > > What am I doing wrong? > > Dave --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~----------~----~----~----~------~----~------~--~---
