Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Archived Discussions Archived General Discussion form validation: set_value doesn't work properly!?!?
form validation: set_value doesn't work properly!?!?
  • El Forum
    Guest
  •  
#1
10-13-2010, 09:32 AM

[eluser]PeteSig[/eluser]
Hi

I've just begun using ci & am looking at the form validation class.
Going through the tutorial (expanding & changing as I go) I noticed that the set_value() function only returns input strings for those inputs with rules attached, those inputs with no rules attached (not being checked) don't have their content strings returned.
Ie, in the tutorial, if I set a rule for only 'username' & 'password' then if I use set_value() in the other inputs - passconf, email - any data held here doesn't get returned if I submit without entering 'username' & / or 'password' data.

Stepping through the code for set_value, it seems that if a validation object is set, then set_value will return only the string for inputs with rules (ie. which are part of the validation object). If no validation obj is created, then set_value will return input string values. But what about returning strings for inputs with no rules set, when a validation obj is set!?!?! You get the default empty string!

The orig, in form_helper.php at line 652:
Code:
if ( ! function_exists('set_value'))
{
    function set_value($field = '', $default = '')
    {
        if (FALSE === ($OBJ =& _get_validation_object()))
        {
            if ( ! isset($_POST[$field]))
            {
                return $default;
            }

            return form_prep($_POST[$field], $field);
        }

        return form_prep($OBJ->set_value($field, $default), $field);
    }
}
should be something like this (which seems to fix the issue):
Code:
if ( ! function_exists('set_value'))
{
    function set_value($field = '', $default = '')
    {
        if (FALSE === ($OBJ =& _get_validation_object()))
        {
            if ( ! isset($_POST[$field]))
            {
                return $default;
            }

            return form_prep($_POST[$field], $field);
        } <added next block>
        else
        {
             if(! array_key_exists($field, $OBJ->_field_data))
             {
                 if ( ! isset($_POST[$field]))
                 {
                      return $default;
                 }

                 return form_prep($_POST[$field], $field);
              }
         }<end of added block>

        return form_prep($OBJ->set_value($field, $default), $field);
    }
}
Is this a bug & should it be noted in the bug section for future inclusion??

Cheers

Pete
  • El Forum
    Guest
  •  
#2
10-13-2010, 10:23 AM

[eluser]Bas Vermeulen[/eluser]
Tbh, all input should be validated! Adding this feature supports insecure code. If you take the effort to secure your app, which ofc we all should, do it right Smile
  • El Forum
    Guest
  •  
#3
10-13-2010, 10:30 AM

[eluser]PeteSig[/eluser]
Hi Bas

I take your point about all input being validated.

I was thinking more as validing the form in terms of which fields are required to be filled.
You don't always want all the fields on a form to be required - or then again maybe you do!?!?

Pete
  • El Forum
    Guest
  •  
#4
10-13-2010, 10:49 AM

[eluser]Bas Vermeulen[/eluser]
Hola Smile

Nope, not all fields have to be required. But you do know what input is expected for each field, so for the fields that are not required you simply add input validation without 'required':

Code:
$this->form_validation->set_rules('field1', 'lang:field1', 'alpha_numeric');
$this->form_validation->set_rules('field2', 'lang:field2', 'required|alpha_numeric');
  • El Forum
    Guest
  •  
#5
10-13-2010, 11:53 AM

[eluser]CroNiX[/eluser]
Right, if using the validator, every field needs to have a rule (or it wont get repopulated if there was an error).
So just setup a trim rule if you only need it to work in the validator.
$this->form_validation->set_rules('field', 'Field Name', 'trim');
  • El Forum
    Guest
  •  
#6
10-14-2010, 02:39 AM

[eluser]PeteSig[/eluser]
Thanks for the comments / info guys, all makes sense now I think.
I'll go do it properly now :o)

Cheers

Pete
  • El Forum
    Guest
  •  
#7
10-14-2010, 10:38 AM

[eluser]Bas Vermeulen[/eluser]
You're welcome, gl Smile
  • El Forum
    Guest
  •  
#8
10-14-2010, 11:02 AM

[eluser]Fred Riley[/eluser]
Well, there's a stroke of luck! I was just about to ask the same question myself, so thanks to Bas and Pete for the answers, and PeteSig for the question. Is this a FAQ, I wonder? I'm sure many others must be hitting the same problem. Or maybe it's worth adding to the (excellent) documentation cum tutorial on the Form Validation class?

And a message to all those who've built CI: it really is the dog's bollocks (as they say this side of the Pond) and I'd like to offer a hearty thank you to all who've contributed. My PHP life has been revitalised, and my code made a whole lot cleaner and safer.

Cheers

Fred

PS: This forum's still behaving badly. This is the fourth attempt to submit this message, the previous tries resulting in an empty form. Good thing I make a point of copying my text before trying to post...




Theme © iAndrew 2016 - Forum software by © MyBB