Well in most cases then not, if your on, says a users profile, you would submit to that page. Within that page you would check if a $_POST exists and then perform the add friend logic.
On Nov 2, 8:44 am, Jonas Hartmann <[email protected]> wrote: > Given someone mails you a link with html images that tries to > fetchhttp://domain.tld/users/add_friend/5 > - now the user is logged into a web client that fetches that URL. > > How do you protect your cake application to not modify data. HTML wise > this should be a PUT or POST method not a GET method, but how do I > tell cakephp to ignore GET requests? > How do I furthermore setup the link in my application's view ($html- > >link()) to use PUT or POST instead of GET? Will this be possible > without a <form>? > > Any tips? > > King regards > ionas82 --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~----------~----~----~----~------~----~------~--~---
