ajax form field validation in yii - php

So I have a User model and when someone goes to create a user, I want the username field to turn green if it isn't a duplicate username in the DB and red otherwise stating that duplicate usernames are not allowed. Is there a way to do this with the framework or does this have to be done from scratch?

I imagine the easiest route would be to create a validation function on the user model which looks it up and returns true or false.
You can then use the usual and well documented methods of setting up a model-form with AJAX validation, and specify username must pass your new validation rule.
If you need more assistance edit your question to give some sense of how far you've get with this, level of knowledge currently and some code if there's something breaking.

Related

How to implement user login on Zend Framework 2?

I'm trying to implement a very simple login form with Zend framework; however I'm having trouble in understanding how it works.
I have my HTML form with a username field, password and submit elements. I don't know how to validate the username and password.
How do I do this without using Zend Form?
When a browser posts the completed form to the server you can obtain the posted values with your controller like this;
$username = $this->params()->fromPost('username');
$password = $this->params()->fromPost('password');
It's then down to you to pass these values to whatever authentication mechanism you want to use. For example you could perform a simple database lookup against your user table.
However, life is not simple. You need to think about security. Validating and filtering the values passed from the form, hashing passwords, etc.
You also need to think about how to handle an invalid login, such as re-rendering the form with extra display explaining the failure. Zend\Form can help you with some of these issues.
I would start my taking a look the zfcUser Module, which can be found here;
https://github.com/ZF-Commons/ZfcUser

Validate username in Symfony2 form

I have a form in Symfony2 where an Admin have to write the username of another user.
Is it possible to check before to send the form, if the username exist in my database? I use doctrine.
Thanks!
You could write a custom constraint, which is injected with your Entity Manager and checks if the username exists. See the documentation for creating a custom constraint here.
Another option would be to write a data transformer which converts a username string into a User object, which should ensure that user existed throwing a TransformationFailedException if she doesn't. This might be a bit easier because the example in the docs already creates the transformer as a service and shows you how to inject the entity manager.
Also, depending on how many users you have in your app, you could make the username option an entity choice type, and allow symfony to create a drop down with all of your users already in there.
EDIT:
Sorry, I missed the part about checking before you submit the form. The ideas above are still how you could implement on the server, but for the first two options you would need to use an Ajax request to test if the username was valid.

Double checking validation PHP and Ajax

Currently I'm using Ajax to check register validation, but I feel if the internet connection is not good enough, sometimes Ajax is not working properly and it makes users register with the same username. So how can I double check the register validation to avoid the duplicate usernames in my database?
If the field in your database is set to UNIQUE this won't be a problem since an error will be returned i.e.
CREATE TABLE user (
username VARCHAR(20) UNIQUE NOT NULL,
...
)
When an INSERT is run on this table but the potential username is already taken, an error will be kicked back.
Should I mention that while client-side validation is all well and good for being fancy on your webpage with the pop-up divs and highlighted spans, validation should always be rechecked on the server-side.
Other than setting the constraint on the column username to be unique, you should be doing a QUERY prior to creating a record to check for any errors, sounds like you are relying on just Javascript to validate your input.
Solve your validation first! Don't depend on javascript doing it, need it on the front end (html view) and backend code (php)
well its just an idea, I am pretty sure You do the validation on change or blur event of the input. But the registration will be done by submit button. If I right, Just add some script to the registration-proccess-page that check if the username is exist or not, if exist, just redirect back to the registration page with some error variable on $_SESSION or URL/$_REQUEST. That error variable can be used to tell user what's goin wrong. . good luck !

Symfony2/DC2/PHP: prevent the user from creating someone elses entity

I have the entities Floor and LeaseTerm. Floor can have many LeaseTerms.
In my LeaseTerm CREATE form, I have a hidden floor_id field.
My question is: how can i effectively prevent the user from changing the floor_id field himself and creating LeaseTerms for floors he doesnt own (each floor has it's owner)?
Conceptually the 'how' is to validate the floor_id upon submission, ensuring that the current user owns/has access to the floor. Theoretically even if they do change it, so long as it's still an id they have access to, the operation is probably still valid (if not, additional validations on the submission context would be necessary).
In Symfony 2 as a specific implementation this could be achieved with the logic directly in a controller, or perhaps alternatively with help from a 'Data Transformer' and/or Custom Validator.
Hope this helps.

PHP loggin system doubt

Im new to php and im trying to develo a loggin system, but i cant understand one thing.
For Example:
I hava a object "validator", that do some field checks. In that object i have an array where i save the errors. Like "The password you choose is not valid". Now i want to show this error to the user, the way i do it is passing this array to a Session variable. However i dont like this way of doing it. I create a new object everytime a user submits a form to validate it, but i dont know how to associate that validator object to te user. I want to say "this object belongs to that user".
Thanks,
I think the best way to achieve this goal is to validate your fields with Javascript. There is a lot of tutorials on how to validate fields with Javascript on the internet.
However, if you really want to use PHP, you just need to use the POST method and reload the form's page. Then, with your PHP script, you can validate all fields with your "Validator" object.
Note that you should always validate server side everything you insert in your database. The javascript is only for the UI. Thanks maniator, I wasn't clear enought.
Jean-Philippe

Categories