Hello and thanks for all responses On Nov 24, 9:37 pm, Lee Bolding <[EMAIL PROTECTED]> wrote: > >> $pos = new CartPosition(); > >> $pos->product = "some product"; > >> $pos->cart = CartTable::findByPk($someWrongId); > >> $pos->save(); > > That looks... wrong. > > In several different ways. > > 1) cart ID should definitely be one of the variables held in the > session (to prevent cart hijacking) > 2) why are you retrieving an object when you only need it's ID, which > you already have?
It was just an simple example (not an actual code) to show that without validation in model it's possible to add cart position into wrong cart. On Nov 25, 6:28 am, Jérôme TEXIER <[EMAIL PROTECTED]> wrote: > Hi, > > I don't understand why you need to retrieve your cart on db. > Cart could only be saved at the end of the process when the user is > validating its order and just remained on session before that event. It has to be in database, because user can make his order even in a week or more. In multiple sessions. On Nov 24, 9:25 pm, Jacob Coby <[EMAIL PROTECTED]> wrote: > There has been a little bit of noise on sf-devs (myself included) > about moving validation into the model and out of the form. It never > gained any real traction. None of the core devs have stepped forward > in favor or against the idea. I think i found this thread and i'm gonna read it. Thanks. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "symfony users" group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en -~----------~----~----~----~------~----~------~--~---
