Sorry for the double post! My previous post seemed lost until after I posted this one!
On Wednesday, October 9, 2013 12:48:03 PM UTC-4, schenke...@gmail.com wrote:
-- On Wednesday, October 9, 2013 12:48:03 PM UTC-4, schenke...@gmail.com wrote:
Greetings,
I am new to CakePHP. I've tested several other frameworks (Laravel, CodeIgniter, Symfony, Yii, and even a clever little one called PHPixie). My choice is to go with CakePHP for various reasons, but mostly because it makes sense to me.
I like everything I see about CakePHP, but I am wondering how experienced Cake developers handle security. I know that this is a big topic and there is no single answer, but what are the general steps you take to secure an app in CakePHP? I am talking about an app where I will be accepting form inputs from logged-in users.
Here's what I understand so far:
1. I really like the Cake Data Validation class. This seems to allow very nice control of form inputs.
2. I'm confused about the removal of the Data Sanitization tool. Was this done because there are better built-in methods for this, or is it because the framework no longer handles sanitization?
Can anyone please shed some light on general "good practices" on securing CakePHP apps?
Thank you!
Matthew
Like Us on FaceBook https://www.facebook.com/CakePHP
Find us on Twitter http://twitter.com/CakePHP
---
You received this message because you are subscribed to the Google Groups "CakePHP" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cake-php+unsubscribe@googlegroups.com.
To post to this group, send email to cake-php@googlegroups.com.
Visit this group at http://groups.google.com/group/cake-php.
For more options, visit https://groups.google.com/groups/opt_out.
No comments:
Post a Comment