I would like to protect the field role only for admins,
When I declare it in the model, if an user fake the form, he will be able to change it.
How can I protect Yii Forms over fake inputs?
array('role', 'numerical', 'integerOnly'=>true), //(0 - User, 1 - Admin)
Thanks
Remove it from the ‘rules’ array, including from the ‘safe’ array
Hi lucianocn
I think that is responsibility of Controller rather than of model.
So you can set array(‘role’, ‘unsafe’) and fill by controller the field of your model $InstanceModel->role with appropriate value checking the user permission
Sorry I didn’t undersand, could you clarify?
That’s probably not a good idea because then you wouldn’t be able to change that property, even if you were an admin user.
I suggest you consider:
http://www.yiiframework.com/wiki/266/understanding-scenarios/