From ad1d88f4014bf33bd5b555e32b313db5c62cf1cd Mon Sep 17 00:00:00 2001 From: Cake Date: Mon, 11 Jan 2010 23:43:21 +0900 Subject: [PATCH] =?utf8?q?\n=E3=81=AEunescape=E5=AF=BE=E5=BF=9C?= MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit --- app/controllers/app_controller.php | 1 + app/models/app_model.php | 4 ++++ app/models/user.php | 9 +++------ 3 files changed, 8 insertions(+), 6 deletions(-) diff --git a/app/controllers/app_controller.php b/app/controllers/app_controller.php index f1f9507..ca1be58 100644 --- a/app/controllers/app_controller.php +++ b/app/controllers/app_controller.php @@ -30,6 +30,7 @@ class AppController extends Controller 'AuthPlus', 'Acl', 'DebugKit.Toolbar', + 'Cakeplus.HtmlEscape', 'Token' ); diff --git a/app/models/app_model.php b/app/models/app_model.php index 958bf57..51d45d1 100644 --- a/app/models/app_model.php +++ b/app/models/app_model.php @@ -53,6 +53,10 @@ class AppModel extends Model { function beforeSave($options = array()) { + // $fieldsの設定でSanitize + foreach($this->data[$this->name] as $field => $value) { + $this->data[$this->name][$field] = $this->escapeByFields($field, $value); + } // Sanitize(不正コード、SQL Injection) $this->data = Sanitize::clean( $this->data, diff --git a/app/models/user.php b/app/models/user.php index 94ea677..1367e6a 100644 --- a/app/models/user.php +++ b/app/models/user.php @@ -4,6 +4,9 @@ class User extends AppModel { var $name = 'User'; var $belongsTo = array('Group'); var $actsAs = array( + 'Cakeplus.ValidationErrorI18n', + 'Cakeplus.AddValidationRule', + 'SanitizePlus', 'Acl' => 'requester', // ARO自動登録用 'Containable', ); @@ -116,12 +119,6 @@ class User extends AppModel { } function beforeSave($options = array()) { - - // $fieldsの設定でSanitize - foreach($this->data['User'] as $field => $value) { - $this->data['User'][$field] = $this->escapeByFields($field, $value); - } - return parent::beforeSave($options); } -- 2.11.0