0

i have a cakephp web app that i'm developing. I have a UsersController.php file,which handles all users registrations and logins. When a user is logged in,he can use the functionality of FeaturesController.php. The FueaturesController.php has a view file,the create.ctp . In create.ctp,the user inserts some data into an HTML form and these data are saved into a database,using $this->Modelname->save($this->request->data).

NOW,i want to add into a field of the database the username of the user that did/used that HTML,but till now i have not succeed! My code looks like this:

$username = $this->Session->read('Auth.User.username');

so that i save the username of the user into the variable $username.

But now,how can i insert it into the database? I have tried various ways but it didn't work :/

Anyone's help is welcomed,thank you in advance :)

Improve this question

2 Answers 2

Reset to default
1

You shouldn't add the username to the form, it's not secure as a malicious user simply has to modify the HTML to change it. Instead, you should set it right before saving:

$this->request->data['Modelname']['username'] = $this->Auth->user('username');
$this->Modelname->save($this->request->data);

Assuming you're using the authentication component $this->Auth->user('username'); is the same as $this->Session->read('Auth.User.username'); by the way, just a bit shorter.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0 
$data['modelname']['dbfieldname'] = $username;
$this->modelname->save(data);
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.