I know forms submitted via ajax that the security component does not work.
(Checking for edits / tampering)
What is the reason for this? I understand if you add fields dynamically why
it would not work because of the hashed fields when the form is rendered.
But if you are simply sending
:53, Advantage+ movepix...@gmail.com wrote:
I know forms submitted via ajax that the security component does not work.
(Checking for edits / tampering)
What is the reason for this? I understand if you add fields dynamically why
it would not work because of the hashed fields when the form
How does Cake php prevent unauthorized execution of actions?
e.g. i have many functions in my controller that dont neccessarily
render outputs and i dont want them accessible from a simple url
command, e.g. http://localhost/users/deleteAllUsers/
Also, how does ajax prevent against such
Controller methods that you do not want executed should have an
*underscore* (like any private method)
ie: function _myPrivateMethod()
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups Cake
PHP group.
To post to
