So I'm still learning the Security Component but here's one
suggestion. Put the following in your app_controller.php or specific
controlle:
if(!empty($this->data)) {
$this->Security->requirePost('add');
$this->Security->requirePut('edit');
}
This will let you use the Security component on actions that also need
GET functionality.
On Nov 23, 6:02 am, dhruv <[email protected]> wrote:
> I read this...
>
> "The authentication key is regenerated every time a form is evaluated
> with requireAuth. This means that if a user submits a form with a key
> that has already been used, the form submission will be considered
> invalid. There are several cases in which this could occur, including
> but not limited to using multiple browser windows, using the Back
> button to return to a previous page, browser caching, proxy caching,
> and more. While you may be tempted to write off these problems as user
> error, you should resist the temptation and plan on handling invalid
> form submissions gracefully."
>
> ... athttp://www.ibm.com/developerworks/opensource/library/os-php-cake3/ind...
>
> I am having no luck in getting this behavior to work. My forms
> continue to submit and work with the same tokens. Wondering if anybody
> could help here.
>
> I am using CakePHP 1.2 and so was the author of that article. My only
> change is that I am not using the requirePost method since the form
> submits to itself. So, the GET method for loading the form for the
> first time stops working if I requirePost it.
>
> I have checked that my tokens remain the same using Firebug. They have
> no good reason to change since I had pressed the Back button to reach
> the form again. The form submits successfully everytime I press Back
> and Submit it. This is the problem. I thought the same Token number
> was not usable again. Anyway, I am looking for a solution to solve the
> Back and Submit problem.
>
> I have also tried other browsers, besides Firefox 3.5 .
--
You received this message because you are subscribed to the Google Groups
"CakePHP" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/cake-php?hl=.
