Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Archived Discussions Archived Development & Programming CI input - excluding submit value in array
CI input - excluding submit value in array
  • El Forum
    Guest
  •  
#1
01-29-2013, 04:02 AM

[eluser]mailarz[/eluser]
Hello,

I'm doing a really simple survey application. It gathers all radio type post data and puts it into database - simple. Anyways as i want to use code as CI tools as efficient as possible, i've met a little trouble.

When i use
Code:
$this->input->post();
it indeed gathers all my post data into array, but it includes a submit type data (and takes it value, for example "send"). Is there an ellegant way to exclude this?

Hopefully i've described my problem clear, thanks in advance for any help.
  • El Forum
    Guest
  •  
#2
01-29-2013, 04:51 AM

[eluser]PhilTem[/eluser]
1) Exclude it can be done with e.g.,
Code:
$posts = $this->input->post();
unset($posts['send']);

2) Do form-validation before submitting it. You can then define any input as required thus showing an error if it's not filled, checked or selected.
  • El Forum
    Guest
  •  
#3
01-29-2013, 05:01 AM

[eluser]mailarz[/eluser]
Hey,

I kinda edited the post since i tought i found the answer for required validation, but only partly. There's cool validation library, but it requires passing specific field values, is there way to apply required rule to all fields (Since form is generated dynamicly based on database content)?
  • El Forum
    Guest
  •  
#4
01-29-2013, 08:05 AM

[eluser]johnpeace[/eluser]
Set the rules in a loop through the $_POST array?

Code:
foreach($_POST as $p) {
    $this->form_validation->set_rules($p, ucfirst($p), 'required|trim');
}

You won't have a 'human readable' field in the $_POST array...just the name and value of each field.
  • El Forum
    Guest
  •  
#5
01-30-2013, 04:20 PM

[eluser]Aken[/eluser]
Don't gather the data from $this->input->post() directly. A user could manipulate the post data, and put whatever keys and values in there they wanted. If your application doesn't anticipate that, it could throw errors and reveal a weak point for potential exploitation.
  • El Forum
    Guest
  •  
#6
01-31-2013, 08:46 AM

[eluser]johnpeace[/eluser]
If the form is being generated from the results of some query...just set the form validation rules to be created as the result of same/similar query. (ie: loop through the results and set a validation rule for each result).
  • El Forum
    Guest
  •  
#7
01-31-2013, 06:37 PM

[eluser]Aken[/eluser]
1) Don't use a "name" attribute on your submit button.
2) Better solution: put your radio values into array notation, so you only have to pull one element and receive the array of radio values.

Still, don't rely on the input to always be in the format you expect. Check it, and throw errors accordingly.




Theme © iAndrew 2016 - Forum software by © MyBB