Skip to content

[WIP]Sanitize in model #1374

Closed
wants to merge 9 commits into from

3 participants

@suralc
suralc commented Sep 10, 2012

Work in progress - Do not merge

This pr implements sanitization rules as requested in http://www.yiiframework.com/forum/index.php/topic/29362-cmodelsanitize/

Why this is needed/usefull?

Validators can be used to achive the same goal. But there is a difference in concept. Validators should just validate data not change(sanitize) it. If I validate user input I should just receive a feedback if it is valid or not. A validator should not affect data it validates.

Sanitization can be used to clean user data, make sure a number is non-negative or whatever is wanted. If we use a sanitizer we expect the data to be changed, regardless if it is valid(or sanitize it before validating).

Whats included, whats not

Implementation follows validators. There is some code duplication which can't be avoided without moving functionality from valdators to more abstract methods (or creating some useless aliases).

Some unit-tests are included, I will rework them, as soon as I know this is considered.

Documentation is todo. (See tests for examples)

Only 3 core-sanitizers are included. I will create some more as soon as I know if this is considered

@creocoder

This is not Yii way. Absolutely wrong approach.

@creocoder

For example you can do same things:

public function rules()
{
    return array(
        //sanitization
        array('attribute','filter','filter'=>'trim'),
        array('attribute','default','value'=>null),
        //validation
        array('attribute','required'),
    );
}

What you try to do with this PR? Change brilliant Yii approach? Thanks, i pass. Sure 90% of community pass too.

P.S. Try to perceive that Yii «validators» is «validators or/and sanitizators». For example file validator is validator + sanitizator.

@suralc
suralc commented Sep 11, 2012

I know the same can be achieved using validatory. But thats not the point.

This is about to have a 'clean' way to seperate data changing methods from pure readers. Also sanitizing data has not much todo with validating as it is contextfree and is used without relying on the current state of the model( real validators have to in the most cases)

I could also create a special scenario to seperate validators from, sanitizors but I doubt that this is the way to go.

Send via github for android. Sorry for not formatting the comment

@creocoder

@suralc What if the validator at the same time should check and change?

@samdark
Yii Software LLC member
samdark commented Sep 11, 2012

I don't think we'll accept it:

  • It can be achieved in the way @creocoder pointed out.
  • There's no point in separating rules in two methods (I see no use cases where you need one but not another).
@samdark samdark closed this Sep 11, 2012
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.