Validation
It's standard practice to run validation on anything going into your database on both the front end and back end.
We tried to make it as easy as possible to validate your incoming data. You can call the Validation class,
pass it an array of data, and it will give you back errors/success.
We tried to think of the most common things you will need, but there's always some custom validation you might need. This
is why we left this class open for you to add to. You can easily add your own custom validation rules, just copy/paste/change.
We also designed our save() method in our models to take the input data in the exact same format that the validation will take it in.
Once you have the data, you can pass it to the validation, and if it passes, run the save() method on the same array of data.
How To Use
You can validate any data, even if it has nothing to do with your database. But because most of the validation will be on data going into your database, we decided to allow you to setup your validation rules right in your model. Just add the method getValidationRules() to your model, configure your rules, and you are good to go.
//UserModel.php public static function getValidationRules(): array { //All of the different validation rules are documented below. //The format for each one is specified in the documentation below also. //To use multiple rules, separate them with the | character. return array( 'id' => 'isint', 'email_address' => 'email|maxlength:200|minlength:3', 'password' => 'required|minlength:8|maxlength:20', 'user_name' => 'required|maxlength:20|alphanumeric|minlength:3', 'first_name' => 'maxlength:100', 'last_name' => 'maxlength:100', ); } //UserLib.php //Grab the validation rules from your model. $validationRules = $userModel->getValidationRules(); //Grab your data from the request. $requestParameters = $this->request->getParameters(); //Should give you data that looks like this: /* array( 'first_name' => 'Joe', 'last_name' => 'Testguy', 'ignored_field' => 'This data will be ignored by the validation since it does not exist in the rules', ) */ //Pass your request data and your rules to the validator. $errors = Validation::getErrors($requestParameters, $validationRules); if (empty($errors)) { //If the validation catches anything, it will output the errors and die. $this->response->outputResponse(400, null, $errors); } //At this point in the code, all is good, you can now do something with the data.
Easier Way To Validate A Model
If you want, you can add the validation method directly to your model. This way you don't have to grab the rules separately everytime you want to run validation on that model. The main Model class has access to the Validation class to make this possible. This is a little trick that we did, to give every model access to the validation methods. You are free to add your own custom model methods using this exact same concept.
//UserModel.php //Add this method to your model. public function validate($requestParameters): array { return $this->validateRequest($requestParameters, $this->getValidationRules()); } //UserLib.php //Grab your data from the request. $requestParameters = $this->request->getParameters(); //Create a new UserModel object. $userModel = new Models\UserModel($this->db, $this->authenticatedUserId); //Pass your request data and your rules to the validator. $errors = $userModel->validate($requestParameters); if (empty($errors)) { //If the validation catches anything, it will output the errors and die. $this->response->outputResponse(400, null, $errors); } //Another way to validate is turn on auto validation when you use the save method. //Setting the 3rd parameter to true will use the default validation for this model. //On inserts it will validate all required fields. //On updates it will only validate the fields you pass in. $userModel->save($updateData, $id, true); //Configure your error messages here. Lib/Response/ErrorGenerator/getValidationErrors() //At this point in the code, all is good, you can now do something with the data.
All Validation Rules
Note that validation rules will only be run only fields passed inside the array. This means that if you set email_address to required, but the array does not contain email_address, it will not check to see if email_address is required.
required Make sure field is required "field" => "required", "code" => 440 exactlength The value must be exactly X characters long "field" => "exactlength:50", "code" => 441 minlength The value must be at least X characters long "field" => "minlength:5", "code" => 442 maxlength The value can only be a maximum of X characters long "field" => "maxlength:50", "code" => 443 minval The value can must be a number with the minimum value of X "field" => "minval:5", "code" => 444 maxval The value cannot be a larger number than X "field" => "maxval:50", "code" => 445 numeric The value must be a valid number "field" => "isnumeric", "code" => 446 isint The value must be a valid integer "field" => "isint", "code" => 447 alpha The value must be a alpha characters only "field" => "alpha", "code" => 448 alphanumeric The value must be a alpha characters and numbers only "field" => "alphanumeric", "code" => 449 islower All alpha characters in the value must be lower case "field" => "islower", "code" => 450 isupper All alpha characters in the value must be upper case "field" => "isupper", "code" => 451 atleastlower The value must contain at least X lower case characters "field" => "atleastlower:2", "code" => 452 atleastupper The value must contain at least X upper case characters "field" => "atleastupper:2", "code" => 453 phone The value must be a valid phone number "field" => "phone", "code" => 454 zip The value must be a valid zip code "field" => "zip", "code" => 455 isdate Value must be a valid date, time, or date time. "field" => "isdate:Y-m-d", "code" => 456 email Value must be a valid email address. "field" => "email", "code" => 457 url Value must be a correctly formatted URL. "field" => "url", "code" => 458 creditcard Value must be a correctly formatted credit card number. "field" => "creditcard", "code" => 459 containschar Value must contain at least X of any combination of the characters specified. "field" => "containschar:&%$:4", "code" => 460 allowedspecialchar If special characters in the value, only the ones specified are allowed. "field" => "allowedspecialchar:&%$", "code" => 461 atleastnumbers The value must have at least X numbers in it. "field" => "atleastnumbers:2", "code" => 462 isbool Value has to be either true or false. "field" => "isbool", "code" => 464 isarray Value must be the type of array. "field" => "isarray", "code" => 465