Flourish PHP Unframework
This is an archived copy of the forum for reference purposes

Protection of fields using populate

posted by anonymous 9 years ago

How do you currently counter mass assignments when using the populate method?

Currently you have three choices:

  1. Unset the request variables from $_GET or $_POST
  2. Manually set columns to known values after calling populate()
  3. Don't use populate(), but manually set values

None of these are ideal, which is why I have opened ticket #537. This will involve creating functionality to make secure population easy.

posted by wbond 9 years ago