After my PHP class, I'm all ready to go back into my modules and do some fine tuning. I relaly want to examine my validation procedures. Or make some, anyway.
pnVarCleanFromInput seems to do a good job at taking care of most of the nasties. Apart from making sure that the input is approximately what it should look like, does anyone have recommendations on other steps to take?
Watch
GitHub Core
Show your support for Zikula! Sign up at Github account and watch the Core project!
GitHub Modules
- internetking created topic »password problem« 25. May
- mesteele101 responded to »ERR (3): E_USER_ERROR: Smarty error: [in pagesvar:pagesitem2en line XXX]…« 25. May
- mazdev responded to »Pages 2.5.0 and updating - Page not found« 25. May
- ehdwma created topic »Hide "Register new account" and change template to 3 col« 25. May
- mesteele101 responded to »Zikula 1.3.3 - Selecting a category in Pages not working« 25. May
- mdee created topic »How to implement returnpage ?« 25. May
- nestormateo responded to »Fillters in Clip« 24. May
Zikula Blog
- Anatomy of Open Source Projects on Mar 07
- Continuous Review on Mar 01
- Not Invented Here on Feb 24
- How to Contribute Your Code at Github on Jan 13
- 10 Steps to Coding-Nirvana: Tips for Successful Module Writing on Nov 12
- Submitting Bug Report Tickets That Get Results on Aug 17
- Cozi Tricks #1: Syntax Highlighting on Aug 07
Login
Form inputs?
-
- Rank: Team Member
- Registered: Mar 18, 2002
- Last visit: Oct 21, 2009
- Posts: 6606
The only one I can think of is to cast any returned values to type.
e.g.
Code
$var = (int)pnVarCleanFromInput('myvar');
or
Code
-Mark
--
Visit My homepage and Zikula themes. -
**unknown user**
- Rank: Registered User
- Registered: Mar 16, 2002
- Last visit: Aug 15, 2006
- Posts: 11
You could also check the format of the input, although requiring a very specific format is something you should try to avoid.
Using a form validation tool sounds like something you'd like. The only one I've tried is Smarty Validate, which works well. Let us know if you find something better :) -
- Rank: Developer
- Registered: Jun 03, 2002
- Last visit: Dec 21, 2009
- Posts: 284
I just came up with one last month which works pretty well. Its based on a turtorial found on LimitLess Studios. I'll zip it up tonight when I get home and put it online to download.
--
cyber_wolf
www.bkbsolutions.com - My Zikula module development site. -
- Rank: Developer
- Registered: Jun 03, 2002
- Last visit: Dec 21, 2009
- Posts: 284
I've put the form validation class online. It can be downloaded here.
Here's a small example on how to use it.....
Code
require_once 'modules/bkbResources/pnincludes/FormValidate.php';
function bkbResources_admin_entries_new($args)
{
list($title,
$url,
$email,
$validate) = pnVarCleanFromInput('title',
'url',
'email',
'validate');
$vObject = new FormValidate;
if (!empty($validate)) {
$vObject->addFormField('title','isRequired',$title,_bkbResourcesErrorRequiredTitle);
$vObject->addFormField('url','isRequired',$url,_bkbResourcesErrorRequiredSiteURL);
$vObject->addFormField('url','isURL',$url,_bkbResourcesErrorURLSiteURL);
$vObject->addFormField('email','isEMail',$email,_bkbResourcesErrorEMail);
if ($vObject->validate()) {
pnModFunc('bkbResources',
'admin',
'entries_create',
array('title' => $title,
'url' => $url,
'email' => $email));
} else {
pnSessionSetVar('errormsg', _bkbResourcesErrorMessages);
}
}
$pnRender =& new pnRender('bkbResources');
$pnRender->caching = false;
$Errors = $vObject->getFormErrorList();
}
There are instructions in the class on how to use it as well as all the validations that are included; and more can be easily added.
--
cyber_wolf
www.bkbsolutions.com - My Zikula module development site.
- Moderated by:
- Support
