I'd expect it's the latter (limit access) because of the OO nature, but I've not had a chance to build a full app with Cake yet. One could argue it's safer to make an admin controller as the name (and url) of this can be unknown to all visitors, as domain.com/reviews/delete/14 it slightly too predictable and is more open to hacking. Maybe just give the functions hard to guess names.
On a related note, does anyone know a good tutorial on using ACL with a basic login page to restrict access to certain functions? --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Cake PHP" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php -~----------~----~----~----~------~----~------~--~---
