Humm.. allows charactets such as '-'....
Anyone following this?
Hope you learned too.
On 6 nov, 10:23, Lucas Costa <
[hidden email]> wrote:
> Oh, I get the part about the HTML stripping, clean with enconde = true
> does not actually strip it, right?
>
> escape = false still bugs me though...
>
> On 6 nov, 10:20, Lucas Costa <
[hidden email]> wrote:
>
> > That's really nice. I was confused by a conversation a had on IRC but
> > now I see that it was about HTML entries...
>
> > Now if you would mind, I have some questions about your code:
>
> > Why do you have escape = false?
>
> > Why do you have a specific function for the HTML stripping? Wouldn't
> > encode = true be the same?
>
> > Thank you.
>
> > On 23 out, 19:52, Miles J <
[hidden email]> wrote:
>
> > > Dont you mean beforeSave()? Why would you sanitize after grabbing
> > > data?
>
> > >
http://www.milesj.me/blog/read/47/Automatically-Sanitizing-Data-With-......
>
> > > On Oct 23, 1:56 pm, Lucas Costa <
[hidden email]> wrote:
>
> > > > Hello fellows,
>
> > > > what do you think about putting an Sanitize::clean on the AfterFind of every
> > > > Model?
>
> > > > Wouldn't that ensure same security and a lot less code?
>
> > > > What would be the down side?
>
> > > > Regards...
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "CakePHP" group.
To post to this group, send email to
[hidden email]
To unsubscribe from this group, send email to
[hidden email]
For more options, visit this group at
http://groups.google.com/group/cake-php?hl=en-~----------~----~----~----~------~----~------~--~---
