Hi Brian, i assume that each course have an user_id right? so when you
list, edit or view the courses just use a condition to search all the
courses of the current user... ex:
$cond = array('Course.user_id' => $Current_user_id);
$this->set('courses', $this->paginate('Course', $cond));
Brian Lee escribió:
> So, here is how my application works:
>
> 1. I have users (just like any other apps)
> 2. I have courses that each user can create
>
> Upon login, user will view the list of courses that she created.
> I got that to work.
>
> However, now the problem is, I don't know the simple, neat way to
> block user from accessing classes that she did not create. For
> instance, Bob created courses that have IDs of 1, 2, 3. Jane has
> courses with IDs of 4, 5, 6. How do I stop Bob from doing something
> like localhost/courses/view/4 (trying to view Jane's course)? and
> prevent Jane from doing the same for Bob's courses?
>
> I am sure that there is very neat way to do it, because this is a
> problem often comes up when developing web applications. I just want
> to know the CakePHP way of doing this.
>
> Thanks!
> >
>
>
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"CakePHP" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/cake-php?hl=en
-~----------~----~----~----~------~----~------~--~---
