I am wondering if there is a quick way to declare all table columns except the primary key as safe attributes for a model class, like what version 1.0.x does? And what are disadvantages of doing this?
I found one disadvantage of the policy of deciding which attributes are safe in version 1.1.x is that, if the db schema changes frequently, I need to modify the rules() function of that model class every time I add/remove table columns.
If you change the db structure, you should give at least a glance to the model, in order to add required/integer/string validator if required.
You can override the function CActiveRecord::getSafeAttributeName for implement your own behavior for safe attributes.
Right. But it is a little bit annoying that, everytime I add a DB column that does not require validation, I still need to declare it as safe. So I am wondering what are the cons of the old implementation in version 1.0.x?