Ok this might sound weird so without getting into too many boring details of the site just go with it J
User is on a page site.com/somewhere/123abc 123abc is the id of the page being viewed Now some pages can be saved / favorites / bookmarked whatever you choose to call it and some cannot (same controller and action, just some pages are deemed temporary by admin so cannot be saved since they will not be there tomorrow) So 2 options I have tried, all work but second seems easiest. 1. Ajax link => bookmark/123abc , but then someone can simply edit the 123abc to the id of another page that not supposed to be saved so then we have to bring in validation rules, check the id to see if its been marked temporary - Or - 2. simply url it as site.com/bookmark and write the params['pass'] => 123abc of the page you are on into the users session, when they click ajax link =>" bookmark" the bookmarking function reads the id of the page your on. So there is nothing to change / firebug. If your on a page that's not save able there is no link so nothing to click on or edit. You can only save the page your on if its allowed to be saved, no id's exposed that can be firebugged. Is this dumb? Bad use of sessions? Thanks -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/cake-php
