you are (that's my guess anyway) the developer of the app.
therefore there is no need to protect the app from you or itself.
you shouldn't be concerned about what the models or controllers can
fetch but
on what is presented to the user - and where.
As long as you only output username and email etc for example it
doesn't matter
if password and other confidential information is also retrieved on
find().
On 22 Jan., 02:23, Ivan <ivansei...@gmail.com> wrote:
> Hi!
> I am developing my first CakePHP base software, and as i`m very
> interesting in building robust applications i mist one thing that i
> could`t find anything in anywhere, and someone may know.
> Well, what i could`t find in CakePHP, is a way to Protect fields from
> others Model.
> Eg.:
> If you find('all') in a User, you may get it`s friends list, it`s
> friend (user) and their password too. And you will get also, all data,
> that you don`t wan`t to show people. Like in a XML, or web service...
> As my system will have a LOT of XML to interact with others services,
> i would like to know, if theres is an component, or if already is
> something integrated with cakePHP, to protect things, and make the
> system only find, what i let them find, and not everything...
> Thanks!
> Ivan
--
Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org
Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions.
To unsubscribe from this group, send email to
cake-php+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php
No comments:
Post a Comment