On 24 Nov 2008, at 20:25, Jacob Coby wrote:
>> $pos = new CartPosition();
>> $pos->product = "some product";
>> $pos->cart = CartTable::findByPk($someWrongId);
>> $pos->save();
That looks... wrong.
In several different ways.
1) cart ID should definitely be one of the variables held in the
session (to prevent cart hijacking)
2) why are you retrieving an object when you only need it's ID, which
you already have?
If you solve problem 1, you have no validation issue.
to solve problem 2, use $pos->setCartId($someWrongId);
You can always implement a getCart method in your CartPositionClass...
public function getCart() {
return CartTable::findByPk($this->cartId);
}
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"symfony users" group.
To post to this group, send email to symfony-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/symfony-users?hl=en
-~----------~----~----~----~------~----~------~--~---
