Even better coding would be to not include the user_id as a hidden
input at all, since it can be manipulated by the user(of course,
unless you intend it to be changeable) - you can simply fetch the user
id in the action accepting the form.
On Jun 11, 4:10 pm, "Christopher Schnell" <ty...@mda.ch> wrote:
> Hi,
>
> apart from a solution to your question: This is bad coding. Try passing the
> user_id as an option to the form from the action like:
>
> $myForm=new xyzForm(null,array('user_id'=>$this->getUser()->getId()));
>
> And in the form:
> $this->setDefault('user_id',$this->getOption('user_id'));
>
> Please
> read:http://eatmymonkeydust.com/2009/08/symfony-forms-flexible-widgets-bas...
> ser-credentials/
--
If you want to report a vulnerability issue on symfony, please send it to
security at symfony-project.com
You received this message because you are subscribed to the Google
Groups "symfony users" group.
To post to this group, send email to symfony-users@googlegroups.com
To unsubscribe from this group, send email to
symfony-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/symfony-users?hl=en
