Thanks for your feedback. I have thought of using Form, but it still does not prevent someone from saving password without encryption directly with Entity (such as fixtures) or creating another form that does not enforce the business logic. So far, the only guarantee place that I can think of is still within the Entity itself.
-- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups "symfony users" group. To post to this group, send email to symfony-users@googlegroups.com To unsubscribe from this group, send email to symfony-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en
