A custom controller is an Apex class that implements all of the logic for a page
without leveraging a standard controller. Use custom controllers when you want your Visualforce page to run entirely in system
mode, which does not enforce the permissions and field-level security of the current user.
A
controller extension is an Apex class that extends the functionality of a
standard or custom controller. Use controller extensions when:
- You want to leverage the built-in functionality of a standard controller but override one or
more actions, such as edit, view, save, or delete.
- You want to add new actions.
- You want to build a Visualforce page
that respects user permissions. Although a controller extension class executes in system mode,
if a controller extension extends a standard controller, the logic from the standard controller
does not execute in system mode. Instead, it executes in user mode, in which permissions,
field-level security, and sharing rules of the current user apply.