Benefits from validating in the controller?

#1
[eluser]Alexander Radsby[/eluser]
I've been thinking about why I should validate form data in the controller.

Let's say that I have a user with a username and a password.

I create a model named user.
Inside the user model I have the instance variables username and password.

These both have getters and setters.
How come that I don't validate the username and password in the setters instead?
If I do this I can make sure that every instance of the user model class is validated.

So I've been thinking of why I should validate in the controller? Isn't that repeating the same thing if I use the user model class in multiple controllers?

#2
[eluser]Edemilson Lima[/eluser]
Of course! Validate only once at the model and then set a session variable to flag that the user is validated or not validated.

#3
[eluser]sikkle[/eluser]
you talk about validation of "login" true false whatever ?

or input validation all the way, xss_clean, trim, etc etc. ?

#4
[eluser]Edemilson Lima[/eluser]
If you pass the input data to your model, you can do that there too, if you need to load your model and authenticate the user in many places of your web site. For example, you can show buttons or links to do things in your web site, but if the user is not authenticated yet, you check this, authenticate him/her and then redirect to the original controller associated with the action he/she asked to do.

In some cases you need to do at the controller, but whenever it is possible to do the things at your model, do it there. You may reduce code.

#5
[eluser]Seppo[/eluser]
I don´t like to do it in a Model, 'cause you can edit info in many different places, and the user can have differente privilegies, so the model should look after that... It those cases checking it on each controller will be easier


Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2020 MyBB Group.