shahalpk
Reputation: 3452
how to disable security component for certain actions in cakephp?
I have a form in my add_note action, where I do not want SecurityComponent to put its tokens or checking. How do I do this?
I have tried requireAuth('some_other_action') etc. but it doesn't work.
Upvotes: 2
Views: 5659
Answers (2)
deizel.
Reputation: 11212
Original answer for CakePHP 1.2 to 2.2.x:
public function beforeFilter() {
if (isset($this->Security) && $this->action == 'add_note') {
$this->Security->validatePost = false;
}
}
Updated answer for CakePHP 2.3+ and 3.x (as pointed out in the other answer):
public function beforeFilter(Event $event)
{
$this->Security->config('unlockedActions', ['add_note']);
}
Also, it's possible to unlock specific fields (as pointed out in the comments)
$this->Form->unlockField('Note.id');
Upvotes: 3
gdm
Reputation: 7930
In CakePhp 2.3 do:
$this->Security->unlockedActions= array('add_note');
Upvotes: 5
Related Questions
- Cakephp : Security Component and double click
- Cakephp 2 security in forms
- How to allow action using security component?
- security component issue in cakephp
- How to allow actions in CakePHP?
- How do I use security component in CakePHP?
- Disable form security CakePHP
- CakePHP: Disable Security Component site wide
- Making Security Component work in CakePHP
- Deny certain controller action permission in CakePHP