Similarly, there's not a way to differentiate between the request data (which should ignore `read_only` fields) and data bound through "trusted" means.
The solution could be `disabled` is for disabling *user* input, while `read_only` prevents overriding data on the object itself. For instance, suppose a user is creating several pizzas, one after another. When creating the next pizza, we're `$form- >bind($previousPizzaValues)` to give them a head-start on their next pizza. This would persist "read-only" states, because we're effectively using the form as a mapper to the new pizza. However, when persisting via `$form->bindRequest(...)`, `read_only` values should be ignored. On Jun 14, 1:58 pm, Jesse Greathosuse <jesse.greatho...@gmail.com> wrote: > Hi, > > It's a simple case to be made. The reason we use PHP is to create DOM > oriented documents on the web. Disabled has significant meaning when > it comes to the DOM and form fields. > > Although on the surface it appears that the disabled field has been > satisfied with read_only, read_only also puts a restriction on the > application layer to whether I may or may not bind data to the field. > An application oriented functionality should not effect what > functionality is available on the DOM layer and vice versa. > > A field may start out as disabled on the DOM layer, and may become > enabled due to user selections, external calls, etc... If the field > must start as disabled, and later needs to be enabled, we are left > with a broken form because the required data cannot be bound to fields > that are read onlly. While disabled and read_only have similar > contexts, they are not mutually exclusive in their practical > application and therefore should not exist as a single choice for > disabling fields. > > Thanks for your time Kris. > > On Jun 10, 10:29 pm, Kris Wallsmith <kris.wallsm...@gmail.com> wrote: > > > > > > > > > Please submit a PR and make your case. > > > Thanks, > > Kris -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups "symfony developers" group. To post to this group, send email to symfony-devs@googlegroups.com To unsubscribe from this group, send email to symfony-devs+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/symfony-devs?hl=en
