oh, ok. fair enough if it doesn't know it can't tell me.
On 12 September 2014 12:32, mark_story <mark.st...@gmail.com> wrote:
> One of the issues with the field hashing is that SecurityComponent doesn't
> know what is wrong either. It just knows that the hash of the data does not
> match what was generated in the past.
>
> -Mark
>
>
> On Monday, 8 September 2014 21:47:05 UTC-4, #2Will wrote:
>>
>> I've got an app i have been maintaining for a while now. The security
>> component causes more headaches than anything else. In fact, because
>> cakephp is so nice to work with, i think Security Component (SC) causes all
>> the headaches...
>>
>> I've read through the docs a fair bit, i have bits of code scattered
>> around turning off the SC all over the place, which makes me feel sick from
>> 2 points of view:
>>
>> 1. What a mess
>> 2. No SC == not great security.
>>
>>
>> One issue is it doesn't seem to give back enough detail on EXACTLY what
>> went wrong.
>>
>> This morning a form that has no JS has decided to blackhole even though
>> i'm applying the following fugly hack to ask it to leave me alone....
>>
>>
>> $this->Security->allowedControllers = array("people");
>> if ( in_array($this->action, array('edit' , 'simport'))){
>> $this->Security->validatePost = false;
>> }
>>
>>
>> I email myself every time these occur. With "details" of the error.
>> Which more or less amount to $type = "auth" - which according to the docs
>> means:
>>
>> "Indicates a form validation error, or a controller/action mismatch
>> error."
>>
>> well, i / JS hasn't messed with the form (that's what form validation is
>> about right?) and that is being disabled anyway, and it's showing the form
>> in the action simport and posting to that action, all in the same
>> controller.
>>
>> adding this deeply depressing line of code makes my basic form work:
>> $this->Components->unload('Security');
>>
>> How can I get much better details of the error? How can I work with SC in
>> a better way so it is generally on, not disabled around the site for
>> assorted poorly understood reasons..?
>>
>> W
>>
>> --
> Like Us on FaceBook https://www.facebook.com/CakePHP
> Find us on Twitter http://twitter.com/CakePHP
>
> ---
> You received this message because you are subscribed to a topic in the
> Google Groups "CakePHP" group.
> To unsubscribe from this topic, visit
> https://groups.google.com/d/topic/cake-php/xCYXAwaj-XI/unsubscribe.
> To unsubscribe from this group and all its topics, send an email to
> cake-php+unsubscr...@googlegroups.com.
> To post to this group, send email to cake-php@googlegroups.com.
> Visit this group at http://groups.google.com/group/cake-php.
> For more options, visit https://groups.google.com/d/optout.
>
--
Will Barker
0424 366 468
--
Like Us on FaceBook https://www.facebook.com/CakePHP
Find us on Twitter http://twitter.com/CakePHP
---
You received this message because you are subscribed to the Google Groups
"CakePHP" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cake-php+unsubscr...@googlegroups.com.
To post to this group, send email to cake-php@googlegroups.com.
Visit this group at http://groups.google.com/group/cake-php.
For more options, visit https://groups.google.com/d/optout.
