Hey, I'm using Cake for the first time to develop an application, and I'm intent on making it secure as possible. One question that came up for me is the point of the Sanitize->sql function. The description of the function reads:
" Makes a string SQL-safe by adding slashes (if needed). " As best I can tell however, this is already done. I've turned the Debug mode up so that I can see the queries generated, but every time something like a quote appears, it's escaped by default. Is it safe to assume that Cake, or some library that it uses, is automatically taking care of these things? If so, why does this function exist? Just wondering if I'm missing something. Thanks! Eric --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Cake PHP" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php -~----------~----~----~----~------~----~------~--~---
