| Validation | trim causes 500: Internal Server Error |
|
Having recently upgraded from v4.4.4 to v4.5.1, I'm finding that the trim "rule" in Validation is behaving differently.
The particular problem I've experienced is, under certain conditions (when Validation is used on POST data), it is now throwing the following 500 error when the particular parameter isn't - for any number of reasons, including malicious - in the POST data... and appears to now being considered null (vs ''): Code: type "TypeError"Having had a brief scratch around in the system files... this new behaviour is likely fallout from strict_types=1 being liberally scatted throughout the v4.5.1 code. Although a I'd agree that (generally) a null is likely a better description of a variable that hasn't been declared, if it's a given/known requirement that this "information" has to be passed as a string from $_REQUEST (it appears that most of the Validation is/has been based on strings types, likely for this same reason), then an empty string ('') makes better sense... however, I digress. Given that strict_types=1 now, looking at the system code, it would appear that the trim function is done automatically/implicit and applied to all data being passed to Validation, which appears to check for and handle null as an argument (though I'm not sure this is applicable to ALL rules and/or arguments being passed to Validation and am therefore reluctant to simply remove every "trim" from all my encyclopedia of rules). Another reason I suspect that trim is done implicitly is that I don't see "trim" listed under the Available Rules in the documentation any more (if it ever was?). To be fair, I don't recall where I initially picked up the "trim" rule from, but it's been in my rules since CI was still a .rc, and has never given any problems (and maybe it's been a waste of time, if it was already happening implicitly?). I'm setting the particular rules as follows (in .../Config/Validation.php): Code: public $rule = [Given that it's particularly easy for users to tamper with the POST data... or remove arguments or default empty (but not null) variables... is it now necessary to check every argument for existence PRIOR to invoking Validation?... or can one simply remove the trim "rule" and hope for the best?
The validation rule trim does not exist from the beginning.
But you can use any native PHP functions that return boolean and permit at least one parameter. Quote:Note But trim does not return boolean, so you cannot use it as a validation rule. In CI3, you could use trim as a rule, because CI3 modified the data to validate. But CI4 Validation does not modified any data to validate, so your rule 'trim|max_length[...' is a misuse or does not make sense. Because the rule trim does nothing. (04-27-2024, 04:34 AM)kenjis Wrote: The validation rule trim does not exist from the beginning. Clearly another great example why noobs should never drink whilst coding. Thanks for the explanation and clearing up that particular bit of confusion for me. |
| Welcome Guest, Not a member yet? Register Sign In |
