Le 09/05/2011 21:31, oscar balladares a écrit :
I see some inconsistencies in routing.
when you submit data with post, the data doesn't goes in the route, as
you do.
the route should be:
pattern: /data-edit/update/
That's it. And the defaults for the controller should have not default
parameters. ( _controller: A10CrmBundle:Update:update, code:97,)
And of course it is a bad practice pass form data on the URL, unless
for a search form (remember it is one field, and search form is meant
to be bookmarkable).
So how do you hadle field data??
In the controller you should:
updateAction()
{
/** 'code' is the name of the field
$code = $request->request->get('code');
$code2 = $request->request->get('code2');
etc....
tip:
$request->request->get() is for POST data
$request->query->get() is for GET data
Everything else looks ok.
For the defaults parameters, you should:
If ($request->getMethod() == 'POST' )
{
//retrieve the fields' data as pointed before
}
else{
//call to the update function and pass the defaults parameters
update(param1, param2, param3);
}
Yeah, passing an identifier of the entity you want to update as part of
the url makes sense (it identifies the resources). But sending the new
data through the url is really weird IMO.
Thus, it means that the client needs to know your routing to be able to
generate the URL. When using GET or POST variables, you can give it the
URL without exposing your routing.
--
Christophe | Stof
--
If you want to report a vulnerability issue on symfony, please send it to
security at symfony-project.com
You received this message because you are subscribed to the Google
Groups "symfony users" group.
To post to this group, send email to symfony-users@googlegroups.com
To unsubscribe from this group, send email to
symfony-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/symfony-users?hl=en
