Monday, March 4, 2013

Pattern Matching for Security->unlockedFields

I'm dynamicly adding fields for hasMany relation in my form, with JS.  Thats obviously messing with the Security components form tampering detection - and blackholing the request

U can get it to not blackhole by doing this in the beforeFilter:

    $this->Security->unlockedFields = array(  'Cat0name');

I guess i could add Cat1name, Cat2name, cat3name etc etc to the array.  But it makes me feel sad.  Is there a better way? Can I get it to pattern match somehow?  Iv'e got in my head ideas like "regex" - is that at all possible?

I must admit, i read the code for the _validatePost function that uses the unlockedFields setting, and I didn't really fully understand it.

Thanks for any pointers

Will

 

--
Like Us on FaceBook https://www.facebook.com/CakePHP
Find us on Twitter http://twitter.com/CakePHP
 
---
You received this message because you are subscribed to the Google Groups "CakePHP" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cake-php+unsubscribe@googlegroups.com.
To post to this group, send email to cake-php@googlegroups.com.
Visit this group at http://groups.google.com/group/cake-php?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.
 
 
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)