Hello, I have a users table with a role field. When a user logs in the cAuth component stores that users info inside of:
$session->read('Auth.User.role') Then inside of my view I can do something like this: <?php if ($session->read('Auth.User.role') == 'administrator'): ?> <p>You are an administrator</p> <?php endif; ?> I'm wondering if this kind of access control is safe or is there a way a user could Check out the new CakePHP Questions site http://cakeqs.org and help others with their CakePHP related questions. You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en