I'm new to Codeigniter and found my first trouble when validating form. There's validation form library that helps to do it, and it has function to set rules, for example:
$this->form_validation->set_rules('username', 'Username', 'required');
I can't find in documentation anything about applying required rule to every field in my form (since it's generated dynamicly based on database content)
Thanks to Rooneyl here's the answer:
CodeIgniter doesn't support setting validation rules through all input fields. Altho it is possible to use set rule inside a loop. Luckily for me, my form was generated from database content, so looping through same table elements made generating rules easier for me.
Hovewer, if form isn't dynamicly generated, we can always loop through post (taken from CI forum):
foreach($_POST as $p) {
$this->form_validation->set_rules($p, ucfirst($p), 'required|trim');
}
Related
In my form, I am populating state and city dropdowns using ajax.
Also, on the same form the user can add multiple employees by clicking on the "Add more button".
In both above scenarios the HTML DOM elements are generated using jquery.
I need re-build the dynamically generated elements in case the validation fails on form submit.
Can anyone please tell me a right approach for achieving the above mentioned issue.
Thanks.
Say you've generated a list of inputs dynamically by calling a js function, maybe something like
//JS
function generate(){
$("#container-abc").append("<input name=name[]>");
}
<!--HTML -->
<input name=name[] />
<input name=name[] />
Submit them and if there's validation error you will get back the values using:
//in your blade
$name = Request::old('name');
#if(count($name) > 0)
for (var i = 1; i <= {{count($name)}}; i++) {
generate();
}
#endif
you can use
return Redirect::back()->withInput();
or for more info visit https://laravel.com/docs/5.2/requests#old-input
Old Input
Laravel allows you to keep input from one request during the next
request. This feature is particularly useful for re-populating forms
after detecting validation errors. However, if you are using Laravel's
included validation services, it is unlikely you will need to manually
use these methods, as some of Laravel's built-in validation facilities
will call them automatically. Flashing Input To The Session
The flash method on the Illuminate\Http\Request instance will flash
the current input to the session so that it is available during the
user's next request to the application:
$request->flash();
You may also use the flashOnly and flashExcept methods to flash a
sub-set of the request data into the session:
$request->flashOnly(['username', 'email']);
$request->flashExcept('password');
Flash Input Into Session Then Redirect
Since you often will want to flash input in association with a
redirect to the previous page, you may easily chain input flashing
onto a redirect using the withInput method:
return redirect('form')->withInput();
return redirect('form')->withInput($request->except('password'));
Retrieving Old Data
To retrieve flashed input from the previous request, use the old
method on the Request instance. The old method provides a convenient
helper for pulling the flashed input data out of the session:
$username = $request->old('username');
Laravel also provides a global old helper function. If you are
displaying old input within a Blade template, it is more convenient to
use the old helper. If no old input exists for the given string, null
will be returned:
I have set in form_validation.php the array that validates my form.
However, I have some dynamic fields that may (or may not) be inserted into this array.
So I use the following code, I want to know if this is the right way
if($this->form_validation->run('agenda_de_contatos')){
if($this->input->post('contato[]')!=""){
$this->form_validation->set_rules($this->input->post('contato[]'), 'USC_CONTATO', 'trim|xss_clean');
$this->form_validation->set_rules($this->input->post('contato_tipo[]'), 'USC_TIPO', 'trim|xss_clean');
}
if($this->form_validation->run()){...}
Or if I can somehow add itens to the original array and then run form validation?
Thank's,
I have my form fields where I am appending an id within a for loop.
<?php echo $this->Form->input('Shipment.current_city'.$sh, array('label' => 'City')); ?>
I would like to know how to validate such dynamic fields. Currently Cake is not recognizing my validation rules from my model due to the appended id.
Thanks.
You can find the solution of your issue here.
http://php-dev-zone.blogspot.com/2013/08/dynamic-fields-validation-in-cakephp.html
I didn't realize this until now, but when using the CodeIgniter form validation class, if validation fails ($this->form_validation->run() === FALSE), all special characters in the post variables get converted, including any single or double quotes that were in the text inputs. Is there a way to turn off this behavior? I made pre-filling all forms in my project done with the html_escape command like so:
<input value="<?php echo html_escape($this->input->post('value'));?>" />
The html_escape ends up doing htmlspecialchars a second time, displaying the html entities in the form. I didn't set any rules to use "prep_for_form", and XSS is turned off, so I don't know why CI would choose to do this for me.
Also, I do know about the set_value function to pre-fill values, but in my case I'm doing something else that doesn't allow me to use that function.
Any help is appreciated.
Turns out this is just built in. If you want to turn off form prepping when form validation does not pass, simply extend the form_validation class using MY_Form_validation.php, copy the original run() function, and comment out the following code:
if ($total_errors > 0)
{
$this->_safe_form_data = TRUE;
}
I am currently using CodeIgniter. I have 4 forms (student signin, login in form, create account, and request account)
I am currently using this at the moment to filter my input on one of the forms (create account) :
function create()
{
$this->load->library('bcrypt');
$this->load->library('form_validation');
$this->form_validation->set_rules('fname', 'First Name', 'trim|required|alpha|max_length[14]');
$this->form_validation->set_rules('lname', 'Last Name', 'trim|required|alpha|max_length[14]');
$this->form_validation->set_rules('email', 'Email Address', 'trim|required|is_unique[users.email]|valid_email');
$this->form_validation->set_rules('username', 'Username', 'trim|is_unique[users.username]|required|alpha_numeric||min_length[4]|max_length[15]');
$this->form_validation->set_rules('password', 'Password', 'trim|required|min_length[7]|alpha_dash|max_length[20]');
$this->form_validation->set_rules('passwordconf', 'Confirm Password', 'trim|required|min_length[7]|max_length[20]|matches[password]|alpha_dash');
if($this->form_validation->run() == FALSE)
{
$this->view();
}
To my understand HTML Purifier should be only used when user data is going to be echo'd/outputted as HTML in a table, forum, blog (etc.) Is my understanding of this correct? I am asking because my student login form will be used to enter data into a database. Then my student queue page will be used to SELECT ... FROM ... that database. So this is confusing me as when I create the output for the student queue the data will be database housed. it wont just be posted directly.
So in turn my train of thought goes as follows :
Validate data making sure it is what you expect
Filter the data with xss_clean like I currently am.
Use PDO prepared queries to insert the data to the DB
(now this step confuses me) How I should echo my database data?
should i use HTML Purifier at this step?
Sorry if this question has been asked a million times, I just can't seem to find what I am looking for. I am not fully gripping the concept of HTML purifier.
Edit 1 : Using the global xss_clean filter in the config file.
HTML Purifier is for when you have a string whose datatype is HTML and you want to restrict the kinds of HTML that may appear in it.
However none of the fields you have here are HTML--they are all just strings. So to display them you simply escape the strings for display in HTML, like you would for any string.
More recent versions of CodeIgniter have a html_escape() function. Use it in your views like so:
<p><?=html_escape($mystring)?></p>
If you are using an older version, use htmlspecialchars($mystring, ENT_NOQUOTES, 'utf-8') directly. You should probably wrap this in a one-argument function.