Saturday, September 3, 2011

Re: How To Restrict Logged In Users To Only Their Profile

I gave you an answer to both of your questions in your previous
thread. I even gave you the full code to do so.

On Sep 3, 5:44 am, tubiz <tayi...@gmail.com> wrote:
> I have a User and Profile controller in an application I am working
> on.In my model files a User hasOne profile and a Profile belongsTo a
> User.
>
> The problem I am having is that if a logged in user wants to edit his
> profile he can eidt other Users profile just by changing the value of
> id in the link. Example /profiles/edit/1 where 1 is the id of the
> user. I would like to know how to prevent this so that a user can only
> edit his profile only.
>
> WOuld also like to know if there is a way to eidt a profile or user
> details without passing the value of the id. SO instead of a user
> visiting /profiles/edt/1 ot edit his profile he should visit profiles/
> edit instead.

--
Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org
Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions.


To unsubscribe from this group, send email to
cake-php+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php

No comments: