Allow users to specify an array for validation, instead of alway $_POST #1121

Merged
merged 1 commit into from Mar 4, 2012

Conversation

Projects
None yet
4 participants
Contributor

JonoB commented Mar 4, 2012

Always forcing validation through $_POST array is very restrictive, especially if you want to run validation in your models (which is where validation should be).

These changes allows users to use the form_validation->set_data() method in order to set their own validation array. If this method is used, then this array will be validated instead of the $_POST array.

I have also added another protected method called reset_validation() - this is necessary in case users try to validate more than one array during the lifetime of a single execution. This method is automatically called each time the run() function is called.

Changelog and docs updated as well

Contributor

philsturgeon commented Mar 4, 2012

A re-do of #1105, this has been tested and looks good.

philsturgeon merged commit 67f27bd into bcit-ci:develop Mar 4, 2012

@narfbg narfbg added a commit that referenced this pull request Mar 4, 2012

@narfbg narfbg Fix indentation for changes from pull #1121 c8da4fe
Contributor

RS71 commented Mar 19, 2012

Fetching data would still be done using $this->input->post()? Wouldn't that be a bit odd? What about callbacks? Can they be present in the model as well?

kfriend commented Jun 13, 2012

It definitely seems odd that you'd access the validated data, passed via set_data(), from $this->input->post().

Also, if I'm understanding this correctly, using set_data(), running validation (which would call _reset_validation()), then following with another round of validation (this time without using set_data()), would cause the the validation library to reuse the already modified/validated data, since the first validation modified $_POST. Seems like a situation that could lead to some unintended data manipulation, in the event that the data passed to set_data() contains the same key names as $_POST.

Contributor

JonoB commented Jun 13, 2012

$_POST never gets modified. You either validate an array passed in through set_data(), otherwise you validate $_POST. If you want to validate more than once in the same script run, then you call reset_validation()

kfriend commented Jun 13, 2012

I see, so its purely for validating the array, not validation, processing (e.g. with functions like strip_tag), then using the processed data?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment