prevent this you should use Cakes Security Component. If you use the
Security Component and the Form Helper to create your forms, Cake will
automagically add a hidden field containing a hash of your fields and
the values of hidden fields. If an attacker changes the value of a
hidden field or add/deletes a field, Cake will recognize it and stop
further processing.
Have a look at the Cookbook (for Cake 2.0)
http://book.cakephp.org/2.0/en/core-libraries/components/security-component.html?highlight=security#SecurityComponent
--
Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org
Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions.
To unsubscribe from this group, send email to
cake-php+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php
No comments:
Post a Comment