On 21.03.2010, at 10:32, Fabien Potencier <[email protected]
> wrote:
On 3/21/10 10:28 AM, Lukas Kahwe Smith wrote:
Lukas
I think injected services should have precedence over request
parameters because:
* on name collision you can always access request parameters by
using
the request service
function showAction($doctrineManager, Request $request)
{
$requestName = $request->getRequestParameter('request');
// maybe implement ArrayAccess?
$requestName = $request['request'];
}
* request parameters aren't trusted and therefore should never
overwrite trusted variables
* passed arguments are only "shortcuts" to the "real" parameters
handled by (injected) services
* the developer should be able to use the request service instead of
passed arguments without keeping name collision in mind
i agree. but only in so much as that is the right approach if you do
accept these naming collissions. but i thinkwe shouldnt. this is
magic.
this is wtf stuff. so i would say pick either one or the other. or
better yet pass the services to the constructor and the parameters to
the action method.
But passing services to the constructor means that you loose some of
the benefits of lazy-loading. What if I only need the mailer service
in one action for a controller. That's sound quite possible. And
creating the mailer service is a somewhat costly thing to do.
well for one all classes should be cheap to instanciate. with lazy
loading i mean that the service instances should try and lazy load as
much as possible. but of course if there are dependencies it can still
be costly. point taken.
maybe it would still be better to then move the mailing else where and
then simply forward to that action.
furthermore one can of course also inject a new sc with a config for
all those optional rarely used dependencies. i dont remember just now
if there is a way to also share service instances across sc instances
or if that is even desireable.
regards
Lukas
--
If you want to report a vulnerability issue on symfony, please send it to
security at symfony-project.com
You received this message because you are subscribed to the Google
Groups "symfony developers" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/symfony-devs?hl=en
To unsubscribe from this group, send email to symfony-devs+unsubscribegooglegroups.com or
reply to this email with the words "REMOVE ME" as the subject.
