diff --git a/_bookdown/book/2.x/bookdown.json b/_bookdown/book/2.x/bookdown.json index da1ddb6..b90593b 100644 --- a/_bookdown/book/2.x/bookdown.json +++ b/_bookdown/book/2.x/bookdown.json @@ -7,7 +7,7 @@ {"Cli": "https://raw.githubusercontent.com/auraphp/Aura.Cli/2.x/README.md"}, {"Di": "https://raw.githubusercontent.com/auraphp/Aura.Di/2.x/README.md"}, {"Dispatcher": "https://raw.githubusercontent.com/auraphp/Aura.Dispatcher/2.x/README.md"}, - {"Filter": "https://raw.githubusercontent.com/auraphp/Aura.Filter/2.x/README.md"}, + {"Filter": "https://raw.githubusercontent.com/auraphp/Aura.Filter/2.x/docs/_bookdown.json"}, {"Html": "https://raw.githubusercontent.com/auraphp/Aura.Html/2.x/README.md"}, {"Includer": "https://raw.githubusercontent.com/auraphp/Aura.Includer/2.x/README.md"}, {"Router": "https://raw.githubusercontent.com/auraphp/Aura.Router/2.x/README.md"}, diff --git a/packages/2.x/Accept.html b/packages/2.x/Accept.html index 844cd0f..00569da 100644 --- a/packages/2.x/Accept.html +++ b/packages/2.x/Accept.html @@ -18,7 +18,7 @@ -
Provides content-negotiation tools using Accept*
headers.
Provides authentication functionality and session tracking using various adapters; currently supported adapters are:
Provides a full PSR-4 and limited PSR-0 autoloader. Although it is installable via Composer, its best use is probably outside a Composer-oriented project.
@@ -137,7 +137,7 @@Provides the equivalent of request ( Context ) and response ( Stdio ) objects for the command line interface, including Getopt support, and an independent Help object for describing commands.
@@ -438,7 +438,7 @@For example, to set bold white text on a red background, add <<bold white redbg>>
into your output or error string. Reset back to normal with <<reset>>
.
The Aura.Di package provides a dependency injection container system with the following features:
If we construct our dependencies properly with params, setters, services, and factories, we will only need to get one object directly from the Container in our bootstrap file. All object creation will then occur within Container itself or the various factory objects. We will never need to use the Container itself in any of our application objects.
- +Provides tools to map arbitrary names to dispatchable objects, then to dispatch to those objects using named parameters. This is useful for invoking controller and command objects based on path-info parameters or command line @@ -438,18 +438,18 @@
There are three steps to creating and using new rules:
+Write a rule class, either to validate or sanitize a subject field
+Set a factory for the class in the appropriate rule locator
+Use the new rule in a filter specification
+Writing a rule class is straightforward. Define a class with an
+__invoke($subject, $field)
method, along with any additional needed arguments.
+The method should return a boolean: true on success, or false on failure.
Here is an example of a hexdecimal validator:
+namespace Vendor\Package\Filter\Rule\Validate;
+
+class ValidateHex
+{
+ public function __invoke($subject, $field, $max = null)
+ {
+ // must be scalar
+ $value = $subject->$field;
+ if (! is_scalar($value)) {
+ return false;
+ }
+
+ // must be hex
+ $hex = ctype_xdigit($value);
+ if (! $hex) {
+ return false;
+ }
+
+ // must be no longer than $max chars
+ if ($max && strlen($value) > $max) {
+ return false;
+ }
+
+ // done!
+ return true;
+ }
+}
+
+Here is an example of a hexadecimal sanitizer. Note how we modify the
+$subject->$field
value directly at the end of the method.
namespace Vendor\Package\Filter\Rule\Sanitize;
+
+class SanitizeHex
+{
+ public function __invoke($subject, $field, $max = null)
+ {
+ $value = $subject->$field;
+
+ // must be scalar
+ if (! is_scalar($value)) {
+ // sanitizing failed
+ return false;
+ }
+
+ // strip out non-hex characters
+ $value = preg_replace('/[^0-9a-f]/i', '', $value);
+ if ($value === '') {
+ // failed to sanitize to a hex value
+ return false;
+ }
+
+ // now check length and chop if needed
+ if ($max && strlen($value) > $max) {
+ $value = substr($value, 0, $max);
+ }
+
+ // retain the sanitized value, and done!
+ $subject->$field = $value;
+ return true;
+ }
+}
+
+Now we set a factory for the rule into the appropriate locator from the FilterFactory. Pass additional $validate_factories
and $sanitize_factories
to the FilterFactory at construction time; Wrap the rule instantiation logic in a closure so that it is lazy-loaded only when the rule is called:
use Aura\Filter\FilterFactory;
+
+$validate_factories = array(
+ 'hex' => function () { return new Vendor\Package\Filter\Rule\Validate\ValidateHex(); },
+);
+
+$sanitize_factories = array(
+ 'hex' => function () { return new Vendor\Package\Filter\Rule\Sanitize\SanitizeHex(); },
+);
+
+$filter_factory = new FilterFactory(
+ $validate_factories,
+ $sanitize_factories
+);
+
+Finally, we can use the rule in our filters:
+$filter = $filter_factory->newSubjectFilter();
+
+// the 'color' field must be a hex value of no more than 6 digits
+$filter->validate('color')->is('hex', 6);
+
+// force the 'color' field to a hex value of no more than 6 digits
+$filter->sanitize('color')->to('hex', 6);
+
+Unfortunately, there are not many common terms shared between filtering/validating/etc. libraries. To clear up misconception, this library uses the following definitions:
+"filter": validate and/or sanitize one or more fields
+"validate": determine if a field value conforms to a particular format, but do not modify the field value
+"sanitize": modify, transform, or otherwise force a field value to conform to a particular format
+This library also makes a distinction between a "value" filter and a "subject" filter:
+A "value" filter validates and sanitizes an individual value
+A "subject" filter validates and sanitzes the collection of elements in an array, or the collection of properties in an object. (The "subject" is the array or object.)
+The easiest way to interact with the filter system is via the FilterFactory. Instantiate it first; you can then get filter objects from it:
+use Aura\Filter\FilterFactory;
+
+$filter_factory = new FilterFactory();
+
+$filter = $filter_factory->newValueFilter();
+$filter = $filter_factory->newSubjectFilter();
+
+
+Sanitizes to leave only alphanumeric characters.
+$filter->sanitize('field')->to('alnum');
+
+Sanitizes to leave only alphabetic characters.
+$filter->sanitize('field')->to('alpha');
+
+Sanitizes so that values lower than the range are forced up to the minimum, and values higher than the range are forced down to the maximum.
+$filter->sanitize('field')->to('between', $min, $max);
+
+Sanitizes to a strict PHP boolean value. Pseudo-true values include the strings '1', 'y', 'yes', and 'true'; pseudo-false values include the strings '0', 'n', 'no', and 'false'.
+// sanitize to `true` and `false`
+$filter->sanitize('field')->to('bool');
+
+You can sanitize to alternative true and false values in place of PHP true
and false
.
// sanitize to alternative true and false values
+$filter->sanitize('field')->to('bool', $value_if_true, $value_if_false);
+
+Sanitizes the value using a callable/callback. The callback should take two arguments, $subject
and $field
, to indicate the subject and the field within that subject. It should return true
to pass, or false
to fail.
$filter->sanitize('field')->to('callback', function ($subject, $field) {
+ // always force the field to 'foo'
+ $subject->$field = 'foo';
+ return true;
+});
+
+++N.b.: Always use object notation (
+$subject->$field
) and not array notation ($subject[$field]
) in the callable, as the Filter converts arrays to objects on the fly.
Sanitizes the value to a specified date/time format, default 'Y-m-d H:i:s'
.
$filter->sanitize('field')->to('dateTime', $format);
+
+Sanitizes to the value of another field in the subject.
+$filter->sanitize('field')->to('field', 'other_field_name');
+
+Sanitizes the value to transform it into a float; for weird strings, this may not be what you expect.
+$filter->sanitize('field')->to('float');
+
+Sanitizes the value to transform it into an integer; for weird strings, this may not be what you expect.
+$filter->sanitize('field')->to('int');
+
+Sanitizes the value to an ISBN (International Standard Book Number).
+$filter->sanitize('field')->to('isbn');
+
+Sanitizes the value to all lowercase characters.
+$filter->sanitize('field')->to('lowercase');
+
+Sanitizes the value to begin with a lowercase character.
+$filter->sanitize('field')->to('lowercaseFirst');
+
+Sanitizes so that values higher than the maximum are forced down to the maximum.
+$filter->sanitize('field')->to('max', $max);
+
+Sanitizes so that values lower than the minimum are forced up to the minimum.
+$filter->sanitize('field')->to('min', $min);
+
+Sanitizes the value to force it to the current datetime, default format 'Y-m-d H:i:s'.
+$filter->sanitize('field')->to('now', $format);
+
+Removes the field from the subject with unset()
.
$filter->sanitize('field')->to('remove');
+
+Sanitizes the value using preg_replace()
.
$filter->sanitize('field')->to('regex', $expr, $replace);
+
+Sanitizes the value by casting to a string and optionally using str_replace()
to find and replace within the string.
$filter->sanitize('field')->to('string', $find, $replace);
+
+Sanitizes the value to cut off longer values at the right, and str_pad()
shorter ones.
$filter->sanitize('field')->to('strlen', $len[, $pad_string[, $pad_type]]);
+
+Sanitizes the value to truncate values longer than the maximum, and str_pad()
+shorter ones.
$filter->sanitize('field')->to('strlenBetween', $min, $max[, $pad_string[, $pad_type]]);
+
+Sanitizes the value to truncate values longer than the maximum.
+$filter->sanitize('field')->to('strlenMax', $max);
+
+Sanitizes the value to str_pad()
values shorter than the minimum.
$filter->sanitize('field')->to('strlenMin', $min[, $pad_string[, $pad_type]]);
+
+Sanitizes the value to titlecase (eg. "Title Case").
+$filter->sanitize('field')->to('titlecase');
+
+Sanitizes the value to trim()
it. Optionally specify characters to trim.
$filter->sanitize('field')->to('trim', $chars);
+
+Sanitizes the value to all uppercase characters.
+$filter->sanitize('field')->to('uppercase');
+
+Sanitizes the value to begin with an uppercase character.
+$filter->sanitize('field')->to('uppercaseFirst');
+
+Sanitizes to the specified value.
+$filter->sanitize('field')->to('value', $other_value);
+
+Sanitizes the value to remove non-word characters.
+$filter->sanitize('field')->to('word');
+
+You can filter an entire object or array (herein called a "subject") by specifying rules for each object property or array element (herein called "fields").
+First, create a SubjectFilter via the FilterFactory:
+$filter_factory = new FilterFactory();
+
+$filter = $filter_factory->newSubjectFilter();
+
+Next, add rule specifications to validate and/or sanitize each subject field:
+// the username must be alphanumeric
+// but not *only* numeric,
+// at least 6 characters long,
+// and cast it to a string
+$filter->validate('username')->is('alnum');
+$filter->validate('username')->isNot('int');
+$filter->validate('username')->is('strlenMin', 6);
+$filter->sanitize('username')->to('string');
+
+// the password must be at least 6 characters long, and must match a
+// confirmation field
+$filter->validate('password')->is('strlenMin', 6);
+$filter->validate('password_confirm')->is('equalToField', 'password');
+
+We can call one of the following methods after validate()
:
is(...)
to specify that the value must match the ruleisNot(...)
to specify that the value must not match the ruleisBlank()
to specify that the value must be blank (note that using other rules with isBlank()
may not make sense)isBlankOr(...)
to specify that the value may be blank, or that it must
+match the ruleisBlankOrNot(...)
to specify that the value may be blank, or that it
+must not match the ruleisNotBlank()
to specifiy that the value must not be blank (note that this makes sense only if you don't care about other validations)We can call one of the following methods after sanitize()
:
to(...)
to specify the value should be changed according to the ruletoBlankOr(...)
to specify that a blank field should be changed to null
,
+and that non-blank fields should be changed according to the ruleuseBlankValue(...)
to specify what value blank fields should be changed to (default null
)For more about blanks, see the section on Blank Fields.
+We can then apply the filter specifications to the subject. A true
result
+means all the rules passed, while false
means one or more failed.
// the data to be filtered; could also be an object
+$subject = array(
+ 'username' => 'bolivar',
+ 'password' => 'p@55w0rd',
+ 'password_confirm' => 'p@sword', // not the same!
+);
+
+// filter the object and see if there were failures
+$success = $filter->apply($subject);
+if (! $success) {
+ // get the failures
+ $failures = $filter->getFailures();
+ var_dump($failures->getMessages());
+}
+
+When we get the failures via getFailures()
, we can examine in detail which fields failed, and what the failure messages were. The getFailures()
method returns a FailureCollection (essentially an ArrayObject keyed on the field names). Each field in the FailureCollection has an array of Failure objects, each with these methods:
Failure::getField()
-- the field that failedFailure::getMessage()
-- the failure messageFailure::getArgs()
-- arguments passed to the rule specificationThese can be combined in various ways to generate output regarding the filter failures.
+Normally, the filter will stop filtering any field that fails one of +its rules, but will continue applying rules to the rest of the fields. Also, +the filter specification will provide a default message when a rule fails.
+We can modify that behavior by specifying a failure mode, with an optional +custom message:
+$filter->...->asSoftRule('custom message')
will cause the filter to keep
+applying rules to the field, even when a field rule fails.
$filter->...->asHardRule('custom message')
is the default behavior. If the
+rule fails, the filter will not apply any more rules to that field, but it
+will keep filtering other fields.
$filter->...->asStopRule('custom message')
will cause the filter to stop
+applying rules to all fields and return immediately if the rule fails. That
+is, the filter will not apply any more rules to any more fields.
In each case, the custom message will be used instead of the default one for
+the specified rule. If we want to just set a custom message without changing
+the failure mode, we can use $filter->...->setMessage('custom message')
.
If a field fails multiple rules, there will be multiple failure messages (one for each failed rule). To specify a single failure message for a field, regardless of which rule(s) it fails, call $filter->useFieldMessage()
:
$filter->validate('field')->isNot('blank')->asSoftRule();
+$filter->validate('field')->is('alnum')->asSoftRule();
+$filter->validate('field')->is('strlenMin', 6)->asSoftRule();
+$filter->validate('field')->is('strlenMax', 12)->asSoftRule();
+
+$filter->useFieldMessage('field', 'Please use 6-12 alphanumeric characters.');
+
+This library incorporates the concept of "blank" fields, as distinct from
+isset()
and empty()
, to allow for input elements that are missing or have
+not been filled in. A field is blank if it is:
null
,Integers, floats, booleans, resources, arrays, and objects are never "blank" +even if they evaluate to zero or are empty:
+$not_blank = array(
+ 0, // integer
+ 0.00, // float
+ false, // boolean false
+ array(), // empty array
+ new StdClass, // an object
+);
+
+Generally, a blank field will fail to validate. To allow a validate rule to pass
+even if the field is blank, call isBlankOr()
or isBlankOrNot()
on its rule
+specification:
// either an alphanumeric value *or* a blank value will validate
+$filter->validate('field')->isBlankOr('alnum');
+
+Likewise, a blank field may fail to sanitize properly. To allow for a blank
+field with a sanitize rule, call toBlankOr()
on its rule specification:
// both an alphanumeric field *and* a blank field will pass
+$filter->sanitize('field')->toBlankOr('alnum');
+
+This will cause blank values to be sanitized to null
, and non-blank values
+to be sanitized using the alnum
rule.
Finally, if we want blank values to be sanitized to something other than
+null
, call useBlankValue()
to specify the value to use when blank:
// both an alphanumeric field *and* a blank field will pass
+$filter->sanitize('field')->toBlankOr('alnum')->useBlankValue('');
+
+That will cause blank values to be sanitized to an empty string. Additionally,
+please note that useBlankValue()
implies toBlankOr()
, so the following has
+the same effect as the above:
// both an alphanumeric field *and* a blank field will pass
+$filter->sanitize('field')->to('alnum')->useBlankValue('');
+
+Sometimes it may be useful to extend the Filter class for a specific purpose, one that can initialize itself. This can be useful when filtering a specific kind of object or dataset.
+To do so, override the the init()
method on the extended Filter class; the above examples remain instructive, but use $this
instead of $filter
since you are working from inside the filter object:
namespace Vendor\Package;
+
+use Aura\Filter\SubjectFilter;
+
+class EntityFilter extends SubjectFilter
+{
+ protected function init()
+ {
+ $this->validate('field')->isNot('blank')->asSoftRule();
+ $this->validate('field')->is('alnum')->asSoftRule();
+ $this->validate('field')->is('strlenMin', 6)->asSoftRule();
+ $this->validate('field')->is('strlenMax', 12)->asSoftRule();
+
+ $this->useFieldMessage('field', 'Please use 6-12 alphanumeric characters.');
+ }
+}
+
+You can then create a new instance of your extended filter class through the FilterFactory:
+$entity_filter = $filter_factory->newSubjectFilter('Vendor\Package\EntityFilter');
+$success = $entity_filter->apply($entity);
+
+Whereas calling $filter->apply($subject)
returns a boolean, calling $filter->assert($subject)
returns null
on success, and throws an exception on failure. (Invoking the filter as a callable a la $filter($subject)
works the same as assert()
.)
use Aura\Filter\Exception\FilterFailed;
+
+// the data to be filtered; could also be an object
+$subject = array(
+ 'username' => 'bolivar',
+ 'password' => 'p@55w0rd',
+ 'password_confirm' => 'p@55word', // not the same!
+);
+
+// filter the object and see if there were failures
+try {
+ $filter($subject);
+} catch (FilterFailed $e)
+ // ...
+}
+
+The FilterFailed exception has these methods in addition to the normal Exception methods:
+getFilterClass()
-- returns the class of the filter being used, in case you were using a custom filter classgetSubject()
-- returns the subject being filteredgetFailures()
-- returns the FailureCollection
+Validates the value as alphanumeric only.
+$filter->validate('field')->is('alnum');
+
+Validates the value as alphabetic only.
+$filter->validate('field')->is('alpha');
+
+Validates the value as being within or equal to a minimum and maximum value.
+$filter->validate('field')->is('between', $min, $max);
+
+Validates the value as being blank.
+$filter->validate('field1')->isBlank();
+$filter->validate('field2')->isBlankOr('strlen', 3);
+$filter->validate('field3')->isBlankOrNot('strlen', 3);
+
+To validate the value as not being blank.
+$filter->validate('field')->isNotBlank();
+
+Validates the value as being a boolean, or a pseudo-boolean. Pseudo-true values include the strings '1', 'y', 'yes', and 'true'; pseudo-false values include the strings '0', 'n', 'no', and 'false'.
+$filter->validate('field')->is('bool');
+
+Validates the value using a callable/callback. The callable should take two arguments, $subject
and $field
, to indicate the subject and the field within that subject. It should return true
to pass, or false
to fail.
$filter->validate('field')->is('callback', function ($subject, $field) {
+ if ($subject->$field === 'foo') {
+ return true;
+ }
+ return false;
+});
+
+++N.b.: Always use object notation (
+$subject->$field
) and not array notation ($subject[$field]
) in the closure, as the Filter converts arrays to objects on the fly.
Validates the value as being a credit card number.
+$filter->validate('field')->is('creditCard');
+
+Validates the value as representing a date and/or time.
+$filter->validate('field')->is('dateTime');
+
+Validates the value as being a properly-formed email address per the various relevant RFCs. If the intl
extension is loaded, it will also allow for international domain names.
$filter->validate('field')->is('email');
+
+Validates the value as loosely equal (==
) to the value of another
+field in the subject.
$filter->validate('field')->is('equalToField', 'other_field_name');
+
+Validates the value as loosely equal (`==') to a specified value.
+$filter->validate('field')->is('equalToValue', $other_value);
+
+Validates the value as representing a float.
+$filter->validate('field')->is('float');
+
+Validates that the value is loosely equal (==
) to a key in a given array.
$filter->validate('field')->is('inKeys', $array);
+
+Validates the value as representing an integer.
+$filter->validate('field')->is('int');
+
+Validates that the value is strictly equal (===
) to a value in a given array.
$filter->validate('field')->is('inValues', $array);
+
+Validates the value as an IPv4 or IPv6 address, allowing reserved and private addresses.
+$filter->validate('field')->is('ip');
+
+To modify restrictions on the filter, pass the appropriate FILTER_FLAG_*
constants (seen here) as a second parameter.
// only allow IPv4 addresses in the non-private range.
+$filter->validate('field')->is('ip', FILTER_FLAG_IPV4 | FILTER_FLAG_NO_PRIV_RANGE);
+
+// only allow IPv6 addresses in non-reserved range.
+$filter->validate('field')->is('ip', FILTER_FLAG_IPV6 | FILTER_FLAG_NO_RES_RANGE);
+
+Validates the value is a correct ISBN (International Standard Book Number).
+$filter->validate('field')->is('isbn');
+
+Validates the given value against a list of locale strings (internal to the rule class).
+$filter->validate('field')->is('locale');
+
+Validates the value as all lowercase.
+$filter->validate('field')->is('lowercase');
+
+Validates the value begins with a lowercase character.
+$filter->validate('field')->is('lowercaseFirst');
+
+Validates the value as being less than or equal to a maximum.
+$filter->validate('field')->is('max', $max);
+
+Validates the value as being greater than or equal to a minimum.
+$filter->validate('field')->is('min', $min);
+
+Validates the value using preg_match()
.
$filter->validate('field')->is('regex', $expr);
+
+Validates the value as strictly equal (===
) to the value of another field in the subject.
$filter->validate('field')->is('strictEqualToField', 'other_field_name');
+
+Validates the value as strictly equal (===
) to a specified value.
$filter->validate('field')->is('strictEqualToValue', $other_value);
+
+Validates the value can be represented by a string.
+$filter->validate('field')->is('string');
+
+Validates the value has a specified length.
+$filter->validate('field')->is('strlen', $len);
+
+Validates the value as being within or equal to a minimum and maximum length.
+$filter->validate('field')->is('strlenBetween', $min, $max);
+
+Validates the value length as being no longer than a maximum.
+$filter->validate('field')->is('strlenMax', $max);
+
+Validates the value length as being no shorter than a minimum.
+$filter->validate('field')->is('strlenMin', $min);
+
+Validates the value as title case
+$filter->validate('field')->is('titlecase');
+
+Validates the value is trim()
med. Optionally specify characters to trim.
$filter->validate('field')->is('trim', $chars);
+
+Validates the value represents a PHP upload information array, and that the file is an uploaded file.
+$filter->validate('field')->is('upload');
+
+Validates the value as all uppercase.
+$filter->validate('field')->is('uppercase');
+
+Validates the value begins with an uppercase character.
+$filter->validate('field')->is('uppercaseFirst');
+
+Validates the value is a well-formed URL.
+$filter->validate('field')->is('url');
+
+Validates the value as being composed only of word characters.
+$filter->validate('field')->is('word');
+
+You can filter an individual value by using a ValueFilter.
+First, create a ValueFilter object from the FilterFactory:
+$filter = $filter_factory->newValueFilter();
+
+Then, to apply the filter, call its validate()
and sanitize()
methods. Supply the variable to be filtered, along with a rule name and any arguments for the rule. (These methods return true
to indicate success, or false
to indicate failure.)
// the username must be alphanumeric,
+// but not *only* numeric,
+// between 6 and 10 characters long,
+// and cast it to a string
+$ok = $filter->validate($username, 'alnum')
+ && ! $filter->validate($username, 'int')
+ && $filter->validate($username, 'strlenBetween', 6, 10)
+ && $filter->sanitize($username, 'string');
+if (! $ok) {
+ echo "The username is not valid.";
+}
+
+// the password must be at least 6 characters long, and must match a
+// confirmation field
+$ok = $filter->validate($password, 'strlenMin', 6)
+ && $filter->validate($password, 'equalToValue', $password_confirm);
+if (! $ok) {
+ echo "The password is not valid.";
+}
+
+Note that while validate()
will not change the value being filtered, sanitize()
will modify the value (thus sanitizing it).
In general, the Aura project avoids using statics, and recommends against them in all but the most limited cases. However, some developers are fine with the tradeoffs of using globally-available static methods. For these developers, this package provides an abstract implementation that acts as a static proxy to a ValueFilter instance.
+To use a static value filter, first extend the AbstractStaticFilter with your own class name; this helps to deconflict between different static filters:
+use Aura\Filter\AbstractStaticFilter;
+
+class MyStaticFilter extends AbstractStaticFilter
+{
+}
+
+Then pass a new ValueFilter into your static proxy class:
+MyStaticFilter::setInstance($filter_factory->newValueFilter());
+
+++N.b.: You can set the instance only once; further calls will throw an exception.
+
Now you can use the static proxy as a global:
+use MyStaticFilter as Filter;
+
+class CreateUserCommand
+{
+ protected $username;
+ protected $password;
+
+ public function __construct($username, $password, $password_confirm)
+ {
+ $ok = Filter::validate($username, 'alnum')
+ && ! Filter::validate($username, 'int')
+ && Filter::validate($username, 'strlenBetween', 6, 10)
+ && Filter::sanitize($username, 'string');
+
+ if (! $ok) {
+ throw new Exception("The username is not valid.");
+ }
+
+ $ok = Filter::validate($password, 'strlenMin', 6)
+ && Filter::validate($password, 'equalToValue', $password_confirm);
+ if (! $ok) {
+ throw new Exception("The password is not valid.");
+ }
+
+ $this->username = $username;
+ $this->password = $password;
+ }
+}
+
+Provides HTML escapers and helpers, including form input helpers, that can be used in any template, view, or presentation system.
Provides a facility to include multiple files from specified directories, in order, with variables extracted into a limited include scope.
Sometimes it will be useful to see what files the Includer actually found.
Use the getDebug()
method to return an array of information about what
the Includer found, in what order, and in what mode.
Provides a web router implementation: given a URL path and a copy of
$_SERVER
, it will extract path-info and $_SERVER
values for a specific
route.
With the above example action, the URL /blog/read/1.json
will send JSON
ouput, but for /blog/read/1
it will send plain text output.
Provides session management functionality, including lazy session starting, session segments, next-request-only ("flash") values, and CSRF tools.
To run the unit tests at the command line, issue composer install
and then phpunit
at the package root. This requires Composer to be available as composer
, and PHPUnit to be available as phpunit
.
To run the unit tests at the command line, issue composer install
and then vendor/bin/phpunit
at the package root. This requires Composer to be available as composer
.
This library attempts to comply with PSR-1, PSR-2, and PSR-4. If you notice compliance oversights, please send a patch via pull request.
- +N.b: The
setCookieParams
method calls session_set_cookie_params internally.
Provides an extension to the native PDO along with a profiler and connection locator. Because ExtendedPdo is an extension of the native PDO, code already using the native PDO or typehinted to the native @@ -507,7 +507,7 @@
Provides query builders for MySQL, Postgres, SQLite, and Microsoft SQL Server. These builders are independent of any particular database connection library, although PDO in general is recommended.
@@ -620,7 +620,7 @@Provides facilities to read table names and table columns from a database using a PDO connection.
primary
: (bool) Is the column part of the primary key?
This package provides an implementation of the TemplateView and TwoStepView patterns using PHP itself as the templating language. It supports both file-based and closure-based templates along with helpers and sections.
It is preceded by systems such as @@ -350,7 +350,7 @@
Provides web Request and Response objects for use by web controllers and actions. These are representations of the PHP web environment, not HTTP request and response objects proper.
@@ -122,7 +122,7 @@Be sure to read the Request and Response pages for more detailed information.
- +