Welcome Guest, Not a member yet? Register   Sign In
Form Validation validating blank values with min_length and valid_email rules
#1
Bug 

I need to update database table columns only if valid fields are received in the request.

If a field is received with a blank value '', the validation rules must be applicated or not?

Why is a blank value '' accepted when the min_length[5] (strlen('') equals 0, less then 5) and valid_email ('' is not a valid email address) rules are set?

If proceed the columns will be populated with blank values... But this can not happen!

How to solve this?

Please, check the code:

PHP Code:
<?php
defined
('BASEPATH') OR exit('No direct script access allowed');

/**
 * Class Issue
 */
class Issue extends CI_Controller
{

    public function 
index()
    {
        
$this->load->library('form_validation');

        
// Test: If you add one character in username or email the validation will run and show the errors...
        
$userdata = ['username' => '''email' => ''];
        
//$userdata = $this->input->post();

        
$this->form_validation->set_data($userdata);
        
$this->form_validation->set_rules([
            [
                
'field' => 'username',
                
'label' => 'Username',
                
'rules' => 'min_length[5]|max_length[32]',
            ],
            [
                
'field' => 'email',
                
'label' => 'Email',
                
'rules' => 'valid_email',
            ],
        ]);

        if ( ! 
$this->form_validation->run())
        {
            
var_dump($this->form_validation->error_array());
            exit;
        }

        echo 
'Validated! Data to be updated: ';
        
var_dump($userdata);
    }





I see that  it is intentional. But is correct and I have not understand something?
Reply
#2

(This post was last modified: 10-16-2017, 07:08 AM by dave friend.)

The easiest thing is to add required to the set of rules.
PHP Code:
$this->form_validation->set_rules([
  [
   'field' => 'username',
   'label' => 'Username',
   'rules' => 'required|min_length[5]|max_length[32]',
  ],
  [
 
    'field' => 'email',
 
    'label' => 'Email',
 
    'rules' => 'required|valid_email',
 
  ],
]); 
Reply
#3

(This post was last modified: 10-16-2017, 07:32 AM by natanfelles. Edit Reason: . )

Hi, thanks for reply.

Ok. But I do not want that this fields be "always required".

I have other method, with a db insert, where I'm using the require rule to force the user send the required fields.

But on the update method, I need to update only the data received. If the user send only the email, then I need to validate only it, if sent only the username then only it. Or both if both is received. But on the update I can't force the user send all the fields.
Reply
#4

(This post was last modified: 10-16-2017, 08:05 AM by natanfelles. Edit Reason: . )

If I change this line to just ($postdata === NULLthen the validation works well.

I'm not certain yet if it can be a bug or not. If changing this change will affect other rules...
Reply
#5

Blank values are effectively unset values, otherwise everything would be 'required'.

You'll have to filter the blanks out before updating.
Reply
#6

Uhmm. Ok.

Is not a "fail" in the Validation accept this? Because I will need to validate again, all the fields...
Reply
#7

It's not a "fail", whatever you mean by that.

I don't understand why you'd have to validate again all the fields?
Reply
#8

Yeah. I found a logic for working with blank fields.

For now I'll add an isset rule if the blank field is set but with an empty string. The logic will be like this:

PHP Code:
<?php
defined
('BASEPATH') OR exit('No direct script access allowed');

/**
 * Class Issue
 */
class Issue extends CI_Controller
{

    public function 
index()
    {
        
$this->load->library('form_validation');

        
// Test: If you add one character in username or email the validation will run and show the errors...
        //$userdata = ['username' => '', 'email' => ''];
        
$userdata $this->input->get();

        
$this->form_validation->set_data($userdata);
        
$this->form_validation->set_rules([
            [
                
'field' => 'username',
                
'label' => 'Username',
                
'rules' => 'min_length[5]|max_length[32]'
                    
. (isset($userdata['username']) && $userdata['username'] === '' '|isset' ''),
            ],
            [
                
'field' => 'email',
                
'label' => 'Email',
                
'rules' => 'valid_email'
                    
. (isset($userdata['email']) && $userdata['email'] === '' '|isset' ''),
            ],
        ]);

        if ( ! 
$this->form_validation->run())
        {
            
var_dump($this->form_validation->error_array());
            exit;
        }

        foreach (
$userdata as $key => $val)
        {
            if ( ! 
in_array($key, ['username''email']))
            {
                unset(
$userdata[$key]);
            }
        }


        if (empty(
$userdata))
        {
            
var_dump('Nothing to update. Stop here.');
            exit;
        }

        echo 
'Validated! Data to be updated: ';
        
var_dump($userdata);
    }



I did some research and I saw that there was a issue like this a long time ago.
Reply
#9

(This post was last modified: 10-16-2017, 10:36 AM by natanfelles. Edit Reason: . )

To validate input data to the database I will use one rule group to the inserts and other to the updates.

Then, in the inserts always will have a 'required' rule on all the fields.

In the updates, I want update only what the user sent (and is supported). Not forcing to send all the data if he do not want to update it. But I need to validate what he sent. The idea is do the HTTP Patch method works.
Reply
#10

Your set_rules() calls effectively construct a server-side representation of the form. It makes no sense to define rules for fields that wouldn't exist (that's the only way they wouldn't be sent).

This is a really bizzare thing that you're trying to do.
Reply




Theme © iAndrew 2016 - Forum software by © MyBB