Array passes form validation for string element with the same name -- how to fix? |
I've set up form validation for (amongst other fields) a text input box with the name "cms", this is in my application\config\form_validation.php file:
// ... array( 'field' => 'cms', 'label' => 'CMS', 'rules' => 'is_natural_no_zero' ), // ... If I use a regular <input name="cms" value="value"> this works fine. Yet, if I tweak the html for the form, and send a "cms" array to the controller instead of a string value, like this <input name="cms[]" value="some"><input name="cms[]" value="other"> this array passes the validation rule! Which is not what I want, nor what I expected. I would expect (and want) the form validation to fail if an array instead of a string value was submitted. Is there a way to enforce this in CodeIgniter (using validation rules)?
If the field name is an array - i.e. cms[] - then you must use the exact same for your Validation Rule field name. e.g.
PHP Code: $this->form_validation->set_rules('cms[]', 'CMS', 'is_natural_no_zero'); See Using Arrays as Field Names
(09-25-2018, 09:04 PM)dave friend Wrote: If the field name is an array - i.e. cms[] - then you must use the exact same for your Validation Rule field name. e.g. Thank you for your reply. I understand that if I want to use an array, I have to alter the validation rules. But that is not what my question is about: I was trying to simulate the case where someone sends a forged post request to my controller, in which case it shouldn't validate. After some further research I really do think there's a bug in CodeIgniter's the form validation code. I fixed it by creating a file at application\libraries\MY_Form_validation.php, copying the _execute function, and replacing this // If we get an array field, but it's not expected - then it is most likely // somebody messing with the form on the client side, so we'll just consider // it an empty field $postdata = is_array($this->_field_data[$row['field']]['postdata']) ? NULL : $this->_field_data[$row['field']]['postdata']; with this // If we get an array field, but it's not expected - then it is most likely // somebody messing with the form on the client side, so we'll just consider // it an empty field $postdata = is_array($this->_field_data[$row['field']]['postdata']) ? "" : $this->_field_data[$row['field']]['postdata']; $this->_field_data[$row['field']]['postdata'] = $postdata; (Using NULL won't work here, because NULL values are not re-assigned to the $_POST array by the _reset_post_array function.) |
Welcome Guest, Not a member yet? Register Sign In |