Escaping has been added to scaffolding and baked views in 2.0. Its a change that could easily be backported to the 1.3 branch as well. I might just do that.
-Mark On Dec 14, 10:05 am, euromark <[email protected]> wrote: > and you shouldnt use those templates for productive websites where > users can input data or anything else for that matter > you should escape plain text with h() > > <?php echo h($category['Category']['id']); ?> > > On 14 Dez., 16:01, euromark <[email protected]> wrote: > > > > > > > > > you can GUESS - if you actually need to ask you will most certainly > > always get "IE6"^^ > > and in this case as well > > > and yes, unfortunately it is still widely used (mainly cooperations > > and unskilled home users) > > > On 14 Dez., 11:17, Ryan Schmidt <[email protected]> wrote: > > > > On Dec 13, 2010, at 22:26, LarryTX wrote: > > > > > It is traditional to put a nonbreaking space in a cell that might be > > > > blank at some times because some browsers will ignore a cell that is > > > > blank, acting as if the <td></td> weren't there. The result is a > > > > trashed table. > > > > Fascinating! I figured there might be some reason like this. Any idea > > > what those browsers might be? I've never seen that. Surely it can't be > > > any recent browser that would still be in use? Check out the new CakePHP Questions site http://cakeqs.org and help others with their CakePHP related questions. You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en
