On Tue, Oct 27, 2009 at 8:36 AM, audioworld <audioworld@gmail.com> wrote:
When I go to http://doidata.net/contributor_roles/delete/999, it shows the correct "Not Authorized" page and redirects me. It's possible that while it does the redirect, the delete action still executes as there is no 'exit()' after the $this->flash() call. Try printing something in the delete function of your contributor_roles controller and go to it while not logged in. Does it print anything out? If so, then you're displaying the flash message but it's still executing before the redirect takes place.
- Gonzalo
Hello Andreas, thanks for checking,
but as you can see from the app_controller above, I think I
implemented the authentication properly.
what you see at the link is just the "index" action, but when you
klick on an "add" action:
http://doidata.net/contributor_roles/add
there is the correct error message:
"your are not allowed to acces this page"
so it is still unclear to me how the delete action can be used without
authentication...
When I go to http://doidata.net/contributor_roles/delete/999, it shows the correct "Not Authorized" page and redirects me. It's possible that while it does the redirect, the delete action still executes as there is no 'exit()' after the $this->flash() call. Try printing something in the delete function of your contributor_roles controller and go to it while not logged in. Does it print anything out? If so, then you're displaying the flash message but it's still executing before the redirect takes place.
- Gonzalo
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "CakePHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to cake-php+unsubscribe@googlegroups.com
For more options, visit this group at http://groups.google.com/group/cake-php?hl=en
-~----------~----~----~----~------~----~------~--~---
No comments:
Post a Comment