I'm working on a project that uses the Yii framework and CActiveRecord models.
In all of them there is something like this:
public function rules() {
return array(
//...
// The following rule is used by search().
// Please remove those attributes that should not be searched.
array(
'id, alias, code',
'safe', 'on'=>'search'
),
);
}
and a method called search().
The question - what is this for, and can I safely remove it if I don't use any of the Zii / Gii / whatever stuff? I also don't use forms and mass assignment.
I suspect this was auto-generated by Gii for whatever reason. I tried commenting it out and didn't notice any problems, but maybe I've broken something.
I also don't use forms and mass assignment.
Then yes you won't need it (but in any other case you will, so imo you might as well leave it there). Here is an article explaining it really well:
http://www.yiiframework.com/wiki/161/understanding-safe-validation-rules/
Related
I'm having some difficulties validating a I18N field in CakePHP3.
The translate behavior is setup like this:
$this->addBehavior('Translate', [
'fields' => ['name', 'body', 'slug'],
'validator' => 'default'
]);
Like advertised here: https://book.cakephp.org/3.0/en/orm/behaviors/translate.html#validating-translated-entities
The core validation is working properly. I have a validation rule in validationDefault function that checks if name is not empty and it works fine. Though, I also would like to add some application rules on top of this validation. The "name" field should have a unique value. I don't want to allow multiple entities with the same translated name.
This piece of code apparently doesn't work. CakePHP docs also are quite silent about this matter.
public function buildRules(RulesChecker $rules) {
// prevent duplicate creation
$rules->add($rules->isUnique(['name']));
return $rules;
}
Is this actually possible?
Thanks
What you are doing there is creating a rule for the name field on the main model, this won't affect translations. There is no built-in functionality for that, the behavior only assists with validation rules by making use of the validationTranslated() method in case it exists on your model class, it won't help with application rules.
You'd have to create a custom application rule that checks the translation table, by matching against the field, locale, model and content fields, something along the lines of this:
$rules->add(
function (EntityInterface $entity) {
$behavior = $this->behaviors()->get('Translate');
$association = $this->association($behavior->getConfig('translationTable'));
$result = true;
foreach ($entity->get('_translations') as $locale => $translation) {
$conditions = [
$association->aliasField('field') => 'name',
$association->aliasField('locale') => $locale,
$association->aliasField('content') => $translation->get('name')
];
if ($association->exists($conditions)) {
$translation->setErrors([
'name' => [
'uniqueTranslation' => __d('cake', 'This value is already in use')
]
]);
$result = false;
}
}
return $result;
}
);
Note that this uses the association object rather then the target table, this will ensure that further conditions like the model name are being applied automatically.
Also this requires to set the errors on the entity manually, as they are nested, which isn't supported by the rules checker, currently it can only set errors on the first level entity (see the errorField option).
It should also be noted that it would be possible to modify the rules checker for the translation table association (via the Model.buildRules event), however this would result in the errors being set on new entities that will be put in a separate property (_i18n by default) on the main entity, where the form helper won't find the error, so one would then have to read the error manually, which is a little annoying.
See also
Cookbook > Database Access & ORM > Validation > Applying Application Rules
I have an input field which needs to be empty, otherwise I want the validation to fail. This is an attempt at stopping spam through a contact form.
I've looked at the documentation for the validation but there's nothing to do this, other than the "max" rule, but this doesn't work.
Any other options?
Here's a clean and (probably) bullet-proof solution:
'mustBeEmpty' => 'present|max:0',
In the method where you are validation, extend/add custom rule:
Validator::extend('mustBeEmpty', function($attr, $value, $params){
if(!empty($attr)) return false;
return true;
});
Then you may use this rule like:
protected $rules = array(
'emptyInputField' => 'mustBeEmpty'
);
Then everything is as usual, just use:
$v = Validator::make(Input::except('_token'), $rules);
if($v->passes()) {
// Passed, means that the emptyInputField is empty
}
There are other ways to do it without extending it like this or extending the Validator class but it's an easy Laravelish way to do it. Btw, there is a package available on Github as Honeypot spam prevention for Laravel applications, you may check that.
For Laravel 8.x and above, you may use the prohibited validation rule:
return [
'emptyInputField' => 'prohibited',
];
In laravel 5.8 you can use sometimes for conditional rules adding. 'email' => 'sometimes|email' . This rules will be applied if there is something present in input field.
You can use the empty rule. Details can be seen here: https://laravel.com/docs/5.2/validation#conditionally-adding-rules
Ok so i've got a big problem with CodeIgniter flexibility. I've many personal rules (like 20) targeting an input in a form within a huge project.
Everything work while I use the classic "callback_" system by CodeIgniter. I just put the methods in the same class than the form check and it checks it correctly.
My problem is :
1) I'd like to use all these rules in another form_validation in another controller without copy/paste the code ; we all know it's dirty/evil.
2) Ideally, i'd appreciate to put these rules in a big library, because it takes something like 800 lines and this is not a good idea to let it be in my controller ; as I said this project is quite huge.
It's 6 hours i'm looking for a solution and there's absolutely nothing clean :
I already have a MY_Form_Validation to put some general rules but i don't like the idea to mix my specific rules in a global class which will call it everytime vainly. Plus these rules contain many libraries, models, native CI core methods such as $this->input->post() which generate errors when I put everything in this MY_Form_Validation. Not the good solution :(
I created a MY_Controller including a method named 'imports' which re-generate selected libraries methods within the controller (in PHP4 it was kind of the 'aggregate_methods' function if people are curious) ; the system works perfectly but CodeIgniter doesn't understand it. The methods can be called within the controller but it seems the framework check the $CI content to call the rules (Form_validation.php line 590 in '/system/') so it doesn't work at the end ; it's also hard to modify this core part, I prefered not touching it and gave up.
$this->load->library('volt/lbl_validation');
$this->imports('Lbl_validation');
// Then you can call any $this->lbl_validation->method() with $this->method() in the controller
I tried to hack CI creating a customized form_validation within my library ('lbl_validation') ; the system was a bit messy but worked. The problem is when i came back to the CI form_validation system to show error messages, it was a true spaghetti-code which wasn't working that well. Not the good solution either.
I also tried some other shitty solutions but i prefer not confess it.
Now i'm here in front of my computer asking myself why bad things happened to good people, why this is so hard to separate set_rules from the called methods in CodeIgniter, why they didn't plan ahead people could've needed to call libraries methods as rules. I don't know what to do and i'm hesitating to put a dumb require() somewhere and make it all dirty and messy like my desk right now.
Maybe, there's someone with a good dans clean solution. All my hope are turned to the StackOverFlow community ; someone ? A crazy CI geek ?
Thank you ;)
The only good, DRY way to handle validation is to put validation rules at the last resort before saving to the the database, in other words in the models. By doing this, the same rules can be used in any controller or library without being redefined.
The following idea is taken from Jamie Rumbelows excellent Codeigniter handbook:
Simply create an array in your model:
$validate = array(
array( 'field' => 'username', 'label' => 'Username', 'rules' => 'required,trim' ),
array( 'field' => 'password', 'label' => 'Password', 'rules' => 'required|min_length[8]' )
);
Then implement a method that you can use to validate your data prior to save()
function validate($data) {
if (!empty($this->validate)) {
foreach ($data as $key => $value) {
$_POST[$key] = $value;
}
$this->load->library('form_validation');
$this->form_validation->set_rules($this->validate);
return $this->form_validation->run();
}
else
{
return TRUE;
}
}
Now, in your controllers you can use:
if ($this->user->validate($user))
save...
I want to know if there is a easy way to mass assign a new set of rules for a model.
The use case is that I could have a validator rule which contains a set of sub rules for a specific model. I want to dynamically load that model, assign its attributes (both of which I know how to do) and then mass assign the set of rules. The rules will look like:
'rules' => array(
array('road', 'string'),
array('town', 'string'),
array('county', 'string'),
array('post_code', 'string'),
array('telephone', 'integer')
)
I know I can do this by picking out the classes individually and building up the validators manually but is there any easy way to just tell a Yii model to reload the validators with this specification?
I actually found out the answer in the end through a issue ( https://github.com/yiisoft/yii/issues/987#issuecomment-8886072 ) on Github whereby it was mentioned to look at the CModel validatorList. After browsing this source code for a while I came up with the following piece of code, mostly ripped from CModel itself:
$c=new EMongoModel();
foreach($this->rules as $rule){
if(isset($rule[0],$rule[1])) // attributes, validator name
$c->validatorList->add->add(CValidator::createValidator($rule[1],$this,$rule[0],array_slice($rule,2)));
else
throw new CException(Yii::t('yii','{class} has an invalid validation rule. The rule must specify attributes to be validated and the validator name.',
array('{class}'=>get_class($this))));
}
Now this allows me to take a list of array elements that look like validation rules for a model and on the spot actually make them into validation rules for the model.
I am trying to register a custom validation rule but it does not seem to work. I need either of 2 fields to be filled in. One is a URL(link) field and other is a File input(file_upload).
Here is my custom validation:
Validator::register('file_check', function($attribute, $value, $parameters) {
if (!trim($value) == "" || array_get(Input::file($parameters[0]), 'tmp_name')) {
return true;
}
return false;
});
$messages = array(
'file_check' => 'Please upload a file or provide a link to files.',
);
$rules = array(
'link' => 'url|file_check:file_upload',
'file_upload' => 'mimes:jpg,jpeg,gif,png,psd,ai,bmp,xls,xlsx,doc,docx,zip,rar,7z,txt,pdf'
);
$validation = Validator::make(Input::all(), $rules, $messages);
if ($validation - > fails()) {
return Redirect::to('page') - > with_errors($validation - > errors) - > with_input();
}
Need help :)
EDITED
Also, I just noticed that the validation rule should accept "PSD" files but when I try to upload a PSD file it redirects with the error "Invalid file type".
I am maybe late in party but may be somebody will find it useful, in case you need to create implicit rule which will be called even if field is not present in Input (like required,required_if....) use
Validator::extendImplicit( 'validator_name', function($attribute, $value, $parameters)
{
});
Check this out
I was just struggling with this myself! It turns out that except when a few specific rules are applied to them, Laravel doesn't pass empty fields through the Validator at all. So a custom either-this-or-that rule can't work, since at least one of the two fields is likely to not be visible to it.
You can get around this by moving from the registering-a-new-rule approach to the alternate extend-the-Validator-class approach. Your new class will inherit all the methods of the standard Validator, including a method called "implicit" (you can find the original on line 215 of the standard Validator class), which specifies a whitelist of rules that Laravel should pass fields along to even if they are empty. Add your new rule to that list and you should be good to go.
Jason is right, but there is one thing that can be confusing.
Laravel's 'registering a new rule' approach uses the syntax 'Validator::extend(...'. As described elsewhere, this is convenient when you want to customize in a special situation. However, if you want to add a number of reusable rules, then you probably want to use the extend-the-Validator-class approach. In that case, IF you have a rule conditionally requires something, you need to override the existing implicitRules array with a new one adding your rule.
If the first rules you add don't conditionally require, you will think you have it nailed, then you will spend hours trying to figure out why your new 'RequireWhenBlaBla...' rule is invisible.