The Security Component does this kind of thing for you. For example, it will embed a hash value into the form which is a checksum of the form. If a field is missing or added it will be captured. If a hidden value is modified this will also be captured. Also sessions will be more secure and a lot harder to hijack since the session id is replaced for each request.
And a buch more stuff. /Martin On Oct 1, 9:36 pm, Bert Van den Brande <[email protected]> wrote: > I believe the FormHelper has some 'secure' stuff available for this ... best > to consult the documentation ... > > On Thu, Oct 1, 2009 at 8:50 PM, Dave Maharaj :: WidePixels.com < > > > > [email protected]> wrote: > > Is there a way to determine / ensure that any requested action comes from > > the server? > > > I mean more towards the aspect of forms. That when a form is submitted the > > request is coming from the site and not someone who made a form and trying > > to submit it to your site. > > > Just curious > > > Thanks, > > > Dave --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~----------~----~----~----~------~----~------~--~---
