As I read in other postings, the id of the table, which has a relation to the frist model has to be set by an hidden field in the form.
echo $form->input('Gallery.id', array('type'=>'hidden', 'value'=>$showcase['Gallery']['id']));
(see question at Update hasone relation behaves strangely (cakephp))
But isn't that risky, because anyone could edit this hidden field value and another dataset would be updated.
What is the best option to avoid such security issues when trying to update a whole dataset with 2 models associated together with a hasOne / belongsTo relation?
Thx
Best
Stefan
1st option is to have multiple queries and checks on save
2nd option is http://book.cakephp.org/2.0/en/core-libraries/components/security-component.html#form-tampering-prevention
So whatever method works best in your particular case...
You can switch to using UUIDs. Just need to change your primary key and foreign key to char(36) and cake will do the rest.
Related
I'm building a database in Filemaker and I have a problem linking tables. Basically, I have a table "capture" showing an event where a photo will be taken. Someone will be dealing with "capture" meaning that there will be a responsible for "capture" to be recorded properly. The photo taken in "capture" will be recorded in a second table "photos". Another person could be responsible for the photo management. So I have a "Observers" table which will be my contact table. I want to be able to link the "Observers" table with the "capture" AND the "Photos" table so that the names in "Observers" populates both tables.
But if I do the link like in the image below:
I get this error:
"There cannot be more than one relational path between any two tables in the graph."
How can I like the 2 tables, if possible? I know it makes an "ambiguous" path, but there might be a way to reutilize the information in "Observers" to inform 2 different tables that are linked together.
I want to do something like this:
EDIT:
Use another occurrence of the Observers table.
See: https://fmhelp.filemaker.com/help/18/fmp/en/index.html#page/FMP_Help/adding-tables.html
Recommended reading:
http://www.nightwingenterprises.com/Resources/approaches_to_graph_modeling_en.pdf
-- Edit
Let's bring back to basics because when trying to define a model, the concept must have been well defined before.
Am i understand it well :
One or more observer are being assigned to work on a capture (evenement, place...).
The observer(s) take one or more Photo about the capture place.
And so one or more photo of a place can have been taken.
If that's true, we have the following relation
Here we are !
So what about the Logic Model of the database.
We can say that we have the following table :
CAPTURE(id_capture)
--> With id_capture being Primary Key of CAPTURE
OBSERVER(id_observer)
--> With id_observer being PK of OBSERVER
CAPTURE_OBSERVER(id_capture, id_observer)
--> With id_capture being FK of CAPTURE, and id_observer being FK of OBSERVER
PHOTO(id_photo, id_capture, id_observer)
--> With id_photo being PK of PHOTO, id_capture foreign key of CAPTURE, id_observer foreign key of OBSERVER
I hope i'm right, if not please correct me about the purpose of every entity in this model.
I think by adding this new table that i found (CAPTURE_OBSERVER) you'll be able to solve your problem AND to improve your model conception.
I have 2 tables with a one-to-many relationship. I have another 2 similar tables with the same relationship in the same database.
How to copy a record plus its associated records from one table pair to another table pair in the same database in Cakephp?
I am using Cakephp 2.4.5
Thank you very much.
This link might help you.
You have to use 'deep' => true option with saveAll() method while saving associated models details.
From my understanding, cakephp doesn't support database inheritance relationship. However, I want to create a database with different type of Users.
In this case, there are three types of Users: Seller, Customer, and Administrator. Every users should have basic User information such as password, username, etc.
However, each types of users will have its own unique set of datas. For example, seller may have inventory_id while customer may have something like delivery_address, etc.
I have been thinking of creating a workaround to this problem without destroying cakephp convention. I was going to create three additional foreign keys, admin_id, seller_id and customer_id, inside User table, which links to other table. However, knowing that this is an IS-A relationship not HAS-A, I would have to make sure that two of the ids are NULL value. Therefore, this workaround seems ugly to me..
Is there any other simpler, better approach?
For this type of database structure I would probably look at adopting an Entity-Attribute-Value model. This would mean your customer may have a delivery_address and your user may have an inventory_id but as far as your relationship in Cake is concerned your both your user and customer would just have an attribute_id ... you can then create another table that stores what type of attributes are available.
It it's simplest form, your user and customer would be attached to an *attribute_lookup* or *attribute_link* table by a hasMany (probably) relationship. That attribute_lookup/link table would be connected by a belongsTo/hasOne relationship to the actual Attribute Type and Attribute Value models.
Providing that you normalise your tables correctly, you can stick well within Cake relationship conventions.
You can read more about EAV here.
I have been thinking about this problem for some time now, and I have eventually got around to build a solution for it. What I came up with is a new ORM that can be used on top of CakePHP.
It sort of works as CakePHP 3.0 with entities that represent an id/model, but it is much more advanced and supports multi table inheritance and single table inheritance.
Check it out: https://github.com/erobwen/Cream
I have some user attributes in different areas so I want to separate them into two tables.
One is the users table with user ID. Another table holds location coordinates of the user. It's still one location per user. It's optional value for the user.
Because It seems to me that users table is too important to mess around and it won't change as much as the location table, I want to make location table a new table. Is this good practice?
But then can I associate these 2 tables as one-to-many and belongs-to still? So I can still use them as normal associated models in controllers? Only they are actually in one to one assocation.
It is usually more simple to deal only with one table, but you can still doing it if you want to.
You can use the hasOne relation for it.
You should use it in both models.
You can read more about it here:
http://book.cakephp.org/2.0/en/models/associations-linking-models-together.html#hasone
I understood that every new row, causes the deletion of the rows that were there before?
What is the idea behind it? I don't believe that it is ..
So, what am i getting wrong?
Edit A
I have a form that adds a store to the Stores table. the store have a column named owner_id which is associated to the Users table through a belongsTo relationship.
There is also a table named stores_users that supposed to store the mangers for each store, using the HABTM relationship.
For this table there is a form with an email field, that connects the user to the store by saving the record directly to the stores_users table.
So, there is no full HABTM save anywhere, if I understand the term correctly.
So, my questions are:
Should I expect problems using it this way?
Can you advice me about how to it, if my method is not the proper way?
How can I use the stored data, using $this->User->find(...) to get all the stores that the user can manage?
yes, thats the default behavior of HABTM in cakephp
although this is not on "every row", but "every HABTM save".
this is working IF you always provide all HABTM values.
and with baked views according to the specifications for such HABTM this is all working out of the box.
if you change the default behavior (old ones get not deleted) you will need to make sure that there are no duplicates. there are behaviors out there, I think, which try to accomplish that.
but I would recommend for you to build your forms the way that the default behavior of cake can do its job.
Example:
IS: 1,3,6 (in DB for this key)
NEW: 2,3,6 (coming from form)
(cake deletes 1,3,6 and adds 2,3,6)
=> overall result (forgetting about different primary keys): "1" deleted, "2" added
so it might not be the most resource sparing way but its sure the easiest and fastest.