Security Fix: CakePHP 2.3.5 released :: The Bakery: Everything CakePHP
After conducting a security audit on our code we have patched a possible security risk in current CakePHP release. CakePHP 2.3.5 has just been released to fix a critical issue with how the webroot property in CakeRequest is handled that could potentially lead to XSS attacks on certain pages. In the following days we will offer a full description of the vulnerability and how it can be exploited, af
Security Release - CakePHP 1.2.12, 1.3.16, 2.2.8 and 2.3.4 :: The Bakery: Everything CakePHP
If you are using CakePHP's PaginatorComponent without whitelisted sort fields you should upgrade as soon as possible to prevent possible SQL injections. CakePHP 1.2.12, 1.3.16, 2.2.8 and 2.3.4 have just been released to fix a critical issue with how pagination & PaginatorComponent handle sort criteria. When paginating without a sort column whitelist it was possible to execute arbitrary SQL by mani
Easy AJAX Pagination Using JQuery (Articles) | The Bakery, Everything CakePHP
This simple little JQuery function allows you to drop paginated data into your views with ease. I chose to implement ajax pagination in this manner because I wasn't able to successfully follow Rob Conner's technique in his super-useful Advanced Pagination article (http://bakery.cakephp.org/articles/view/advanced-pagination-1-2). I assume in this article that you are familiar with basic paginatio
Ticket Model for CakePHP (Articles) | The Bakery, Everything CakePHP
This model will create a simple one-off ticket which can be used for user password resetting to activation and moderation. With an activate account example you might send a url like http://domain.tld/users/activate/6d9c79a15255 Overview Use this model to create tickets or tokens so you can match a url link in an email to reset a users password, activate an account, moderate content or anything el
1
リリース、障害情報などのサービスのお知らせ
最新の人気エントリーの配信
処理を実行中です
j次のブックマーク
k前のブックマーク
lあとで読む
eコメント一覧を開く
oページを開く
