On 3/21/10 10:28 AM, Lukas Kahwe Smith wrote:
LukasI think injected services should have precedence over request parameters because: * on name collision you can always access request parameters by using the request service function showAction($doctrineManager, Request $request) { $requestName = $request->getRequestParameter('request'); // maybe implement ArrayAccess? $requestName = $request['request']; } * request parameters aren't trusted and therefore should never overwrite trusted variables * passed arguments are only "shortcuts" to the "real" parameters handled by (injected) services * the developer should be able to use the request service instead of passed arguments without keeping name collision in mindi agree. but only in so much as that is the right approach if you do accept these naming collissions. but i thinkwe shouldnt. this is magic. this is wtf stuff. so i would say pick either one or the other. or better yet pass the services to the constructor and the parameters to the action method.
But passing services to the constructor means that you loose some of the benefits of lazy-loading. What if I only need the mailer service in one action for a controller. That's sound quite possible. And creating the mailer service is a somewhat costly thing to do.
Fabien
regards Lukas
-- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups "symfony developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/symfony-devs?hl=en To unsubscribe from this group, send email to symfony-devs+unsubscribegooglegroups.com or reply to this email with the words "REMOVE ME" as the subject.
