On Tue, Apr 27, 2010 at 5:12 PM, Charlie Garrison <[email protected]> wrote: > So as long as one doesn't need CGI.pm compat, use $req->params->{...} as the > 'best practices' approach. It's not slower like $req->param(...) is, but > still offers the desired encapsulation. > Have I got that right or am I still confused?
Exactly! :) Also, $c->req->param(..) _CAN_ be a security issue when blindly used in a DBIC search() method. We discussed this a while ago: http://www.gossamer-threads.com/lists/catalyst/users/24255 --Tobias _______________________________________________ List: [email protected] Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/[email protected]/ Dev site: http://dev.catalyst.perl.org/
