I was looking at Security measures that I could implement
According to Cake the way it is set up is it should be safe from SQL injection attacks
Data Sanitization is what you want to prevent so what I done was use a tutorial which wanted us to put a Function in the APP Model so it would effect all of the models and Controller :
function beforeSave() { if (!empty($this->data) && $this->cleanData === true) { $connection = (!empty($this->useDbConfig)) ? $this->useDbConfig : 'default'; $this->data = Sanitize::clean($this->data, array('connection' => $connection, 'escape' => false)); } return true; }
I tested it by trying to put some code such as an Image link and Javascript and it just printed as normal code so it looks like it worked!
The tutorial was from here: