• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
allowedFields in class

#1
Exclamation 
Hello,
in my db i have table with more than 40 fields, how i can set allowedFields array to accept all fileds without i write it one by one!
or if is possible if have other params of class just to set not allowed fields?!

please can help me?
Reply

#2
(05-20-2020, 09:48 AM)pws Wrote: Hello,
in my db i have table with more than 40 fields, how i can set allowedFields array to accept all fileds without i write it one by one!
or if is possible if have other params of class just to set not allowed fields?!

please can help me?

This is one of my complaints against version 4. I have a table with 55 fields, actually a table of movies. For various reasons I have these fields in a form, again in the model and, finally, in the controller, remembering that the absence of a single field or even a typo, the information will be stored incomplete. In version 3 in addition to the form only in the model that returns to the controller for validation when applicable, remembering that typos cancel the process, not updating or inserting, that is, if the field is, for example, "ind" and you put "nid" the process is suspended, in version 4 if this occurs in the model, allowed fields, the field is simply ignored and the process continues, I believe it is a bug, I haven't had the opportunity to fully test it.
I managed to upgrade my entire site from version 3 to version 4, but without a doubt this part took a considerable amount of time.
Reply

#3
CodeIgniter 3 didn't really have a model, it only contained the following:

PHP Code:
class CI_Model {

    
/**
     * Class constructor
     *
     * @link    https://github.com/bcit-ci/CodeIgniter/issues/5332
     * @return    void
     */
    
public function __construct() {}

    
/**
     * __get magic
     *
     * Allows models to access CI's loaded classes using the same
     * syntax as controllers.
     *
     * @param    string    $key
     */
    
public function __get($key)
    {
        
// Debugging note:
        //    If you're here because you're getting an error message
        //    saying 'Undefined Property: system/core/Model.php', it's
        //    most likely a typo in your model code.
        
return get_instance()->$key;
    }



If you wan't the "not a model approach" you can simply use Manual Model Creation.

You can however turn that feature off if you like:
https://codeigniter.com/user_guide/model...ing-fields

PHP Code:
$model->protect(false)
      ->
insert($data)
      ->
protect(true); 
Reply

#4
(05-21-2020, 02:47 AM)jreklund Wrote: CodeIgniter 3 didn't really have a model, it only contained the following:

PHP Code:
class CI_Model {

 
/**
 * Class constructor
 *
 * @link https://github.com/bcit-ci/CodeIgniter/issues/5332
 * @return void
 */
 
public function __construct() {}

 
/**
 * __get magic
 *
 * Allows models to access CI's loaded classes using the same
 * syntax as controllers.
 *
 * @param string $key
 */
 
public function __get($key)
 {
 
// Debugging note:
 // If you're here because you're getting an error message
 // saying 'Undefined Property: system/core/Model.php', it's
 // most likely a typo in your model code.
 
return get_instance()->$key;
 }



If you wan't the "not a model approach" you can simply use Manual Model Creation.

You can however turn that feature off if you like:
https://codeigniter.com/user_guide/model...ing-fields

PHP Code:
$model->protect(false)
      ->insert($data)
      ->protect(true); 

Thank you very much for the information, I had no idea. In this table, "movies", I was forced to make several changes - I am not a professional and I am the only audience on the site - and I have been using CodeIgniter 3 to do this, through a Controller and a View.
The fields are filled according to the characteristics of the movie:
PHP Code:
<?php 
$id 
nnnn;

$data = array(
'cover' => '',
'title' => '',
'xxx' => null,
'yyy' => '',
(...)
);
$this->db->where('id'$id);
$this->db->update('movies'$data); 
?>

Everything else has been successfully migrated to CodeIgniter 4.
Reply

#5
@wdeda; I'm sorry but I didn't quite catch if there are question in there. In case you needed some more information about CI4.
Reply

#6
(05-21-2020, 07:42 AM)jreklund Wrote: @wdeda; I'm sorry but I didn't quite catch if there are question in there. In case you needed some more information about CI4.

Please, if anyone has to apologize it is me. English is not my native language I certainly didn't know how to express myself well. I don't want to take too much of your time, but these are two separate issues.

The first is about a problem that occurred using CI4. As I said, I am the entire audience of my website but that is not a reason to stop me from doing things correctly, with discipline and seriousness. There are two catalogs, movies and records, the entire site is running in production mode after the migration from CI3 to CI4.
The design, with variations, are copies of AllMusic and IMDb, but obviously all the content refers to what I have.

I understand that, basically, the difference between development and production, from the user's point of view, is that in the event of an error he will receive a message that a certain resource is not available at that moment without the how and why. For obvious reasons in development mode, everything should be, as far as possible, exhaustively detailed. So I can say that no matter what the mode, in the event of an error the system should report, and apparently, this did not happen.

When a film is nominated and/or awarded [Oscar, Golden Globe, BAFTA] I have a page, exactly like the one on the IMDB website, where these nominations/awards are shown. A certain movie received an Oscar nomination and two nominations for the Golden Globe, after entering the data, via the form, without any notification of error in the process, I went to check and the result surprised me: the identification fields for nominations for Golden Globe were blank.

As can be seen in the Controller, the result, successful or not, is sent to the same View, form.
As I had not closed the browser, I went back to the previous page, the session was still active, to check if I had omitted any data, but it was correct. Then, I checked the Controller and the Form, both were correct, so the table and the Model are left.
When checking the table, the "ind" field containing the nomination name was empty, "null", I changed it right there, and I went to check the Model and there was the origin of the whole problem, I had put the name of the field wrong, instead of "ind" I put "nom". I thought, perhaps, when inserting the name of the field in Model, to use "nom" from English nomination, forgetting that I had chosen "ind" from the Portuguese "indicação" [direct translation -> indication].

The point is that there was no notification from the system.

Apparently, I presume, the system does not validate the fields in the Model with those in the table and/or it is only verified that the fields to be updated and listed in the Controller are listed in "allowed fields". But everything leads me to believe that the definition of what will actually be inserted/updated is what appears in "allowed fields", in Model.

The field involved, "ind", is commented: Controller, Form and Model.

Controller:
PHP Code:
public function glbnom() {

        helper('form');

        $model = new GlobeNomModel();

        $header = array (
            'icon' => 'codeigniter',
            'css' => 'tables',            
            
'title' => 'Atualização da tabela \'glbnom\' - wdeda',
            'action' => '/ci4/search/allmedia/',
            'placeholder' => 'Pesquisar'
        );

        $rules = [
            'movie_id'  => 'required'

        ];

      if ($this->validate($rules)) {
          $model->save([
              'movie_id'  => $this->request->getVar('movie_id'),
          /* 'ind'        => $this->request->getVar('ind'), */
              'countryx'  => $this->request->getVar('countryx'),
              'name5'      => $this->request->getVar('name5'),
              'link5'      => $this->request->getVar('link5'),
              'country5'  => $this->request->getVar('country5'),
              'name6'      => $this->request->getVar('name6'),
              'link6'      => $this->request->getVar('link6'),
              'country6'  => $this->request->getVar('country6'),
              'name7'      => $this->request->getVar('name7'),
              'link3'      => $this->request->getVar('link7'),
              'country7'  => $this->request->getVar('country7'),
              'name8'      => $this->request->getVar('name8'),
              'link8'      => $this->request->getVar('link8'),
              'country8'  => $this->request->getVar('country8'),
          ]);
      

        
echo view('templates/headerx'$header);
        echo view('utils/glbnom');
        echo view('templates/footerfb');

    } else {

        echo view('templates/headerx'$header);
        echo view('utils/glbnom');
        echo view('templates/footerfb');
    }
    

Form:
PHP Code:
    <!-- 20200429 -->
    
    <
div class="content-container">
    <
section class="section-tools">
    <
h4>Atualização da tabela 'glbnom'</h4>
    <
div class="form-content">
    <
form method="post" action="/ci4/tables/glbnom/">
    <
table cellpadding="0" cellspacing="1" style="width: 90%">
        <
tr>
        <
td class="tdright">Movie_id:</td>
        <
td class="tdleft"><input name="movie_id" size="30" /></td>
        </
tr><tr>
        <
td class="tdright">Indicação:</td>
        <!-- 
td class="tdleft"><input name="ind" size="30" /></td -->
        </
tr><tr>
        <
td class="tdright">Countryx:</td>
        <
td class="tdleft"><input name="countryz" size="30" /></td>
        </
tr><tr>        
        <
td class="tdright">Nome#5:</td>
        
<td class="tdleft"><input name="name5" size="30" /></td>
        </
tr><tr>
        <
td class="tdright">Link#5:</td>
        
<td class="tdleft"><input name="link5" size="30" /></td>
        </
tr><tr>
        <
td class="tdright">Country#5:</td>
        
<td class="tdleft"><input name="country5" size="30" /></td>
        </
tr><tr>
        <
td class="tdright">Nome#6:</td>
        
<td class="tdleft"><input name="name6" size="30" /></td>
        </
tr><tr>
        <
td class="tdright">Link#6:</td>
        
<td class="tdleft"><input name="link6" size="30" /></td>
        </
tr><tr>
        <
td class="tdright">Country#6:</td>
        
<td class="tdleft"><input name="country6" size="30" /></td>
        </
tr><tr>
        <
td class="tdright">Nome#7:</td>
        
<td class="tdleft"><input name="name7" size="30" /></td>
        </
tr><tr>
        <
td class="tdright">Link#7:</td>
        
<td class="tdleft"><input name="link7" size="30" /></td>
        </
tr><tr>
        <
td class="tdright">Country7:</td>
        <
td class="tdleft"><input name="country7" size="30" /></td>
        </
tr><tr>
        <
td class="tdright">Nome#8:</td>
        
<td class="tdleft"><input name="name8" size="30" /></td>
        </
tr><tr>
        <
td class="tdright">Link#8:</td>
        
<td class="tdleft"><input name="link8" size="30" /></td>
        </
tr><tr>
        <
td class="tdright">Country#8:</td>
        
<td class="tdleft"><input name="country8" size="30" /></td>
        </
tr><tr>
        <
td class="tdright" style="padding-top:10px"><input type="submit" name="submit" value="Submit" /></td>
</
tr>
</
table>
</
form>
</
div>
<
div class="tab-content">
<
div class="filters">
<
h3>Última Atualização</h3>
<
ul>
<?
php
$db 
db_connect();
$query $db->table('glbnom')
->
orderBy('id''desc')
->
limit(1)
->
get();

if ( 
$query->getResult() != null ) {

foreach ( 
$query->getResult() as $row );

$sql = ("SELECT movies.*, glbnom.* FROM movies, glbnom
WHERE glbnom.id = 
$row->id
AND movies.id = glbnom.movie_id
"
);
$query $db->query($sql);

foreach ( 
$query->getResult() as $row );

?>
<li class="li-all">
<span class="span-all">Movie id:<span class='wd-space'>&nbsp;</span><?php echo $row->movie_id?><span class="count"><span class="span-result"></span></span><br />
<span class="span-all">Filme:<span class='wd-space'>&nbsp;</span><?php echo $row->title?><span class="count"><span class="span-result"></span></span><br />    
</li>
<?php ?>
</ul>
<div class="validation">
    <?php echo \Config\Services::validation()->listErrors() ?>
</div>
</div>
</div>
</section>
</div>
<!--
I know that this place is not the right one for data handling, but there are many small things to be changed, it's just me, little by little I will get there!
--> 

Model (already corrected)
PHP Code:
<?php namespace App\Models;

// 20200514

use CodeIgniter\Model;

class 
OscarNomModel extends Model
{
    protected $table  'oscnom';
    protected $primaryKey 'id';    
    
protected $returnType 'object';

    protected $TimeStamps true;
    protected $useSoftDeletes true;
    protected $allowedFields = ['movie_id'/*'ind',*/ 'countryx''name5''link5''country5''name6''link6''country6''name7''link7''country7''name8''link8''country8'];    


--------

The other issue is not really a problem. When I was doing the migration, CI3 to Ci4, I had and I have this need to update several fields in the table of ALL movies, because during the process of creating the table I had a view of the data to be displayed, but later I changed of idea about several things and I'm paying the price for it.

I had been using the solution of a Controller and a View, CI3, because during the migration phase from one version to another, I couldn't find anything to replace it, until you presented this option to disable/enable the protected option. I still couldn't set up the page and do a test.

Regarding the images:

Image 1 refers to the awards page, with the arrows indicating the fields that appeared blank;

image 2 the table with the "ind" field already filled in;

Image 3 shows the open form, "loaded", ready for use, highlighting on the right the information from the last update:

Última Atualização => Last update

movie_id (the nominated movie id)

Filme (movie title)

My apologies for the size of the text, I am infinitely grateful for the attention, kindness and, above all, for the patience you have always had with me. The basic and necessary elements for invincibility.
Thank YOU!

EDIT:
I paste the wrong form, now is corrected, sorry.


Attached Files Thumbnail(s)
           
Reply

#7
(05-21-2020, 04:12 PM)wdeda Wrote: Apparently, I presume, the system does not validate the fields in the Model with those in the table and/or it is only verified that the fields to be updated and listed in the Controller are listed in "allowed fields". But everything leads me to believe that the definition of what will actually be inserted/updated is what appears in "allowed fields", in Model.

That's correct, it would be a performance issue to look up the fields every time. And the reason $allowedFields are there in the first place are that you can just throw in the complete $_POST into $model->save() and it will just insert/update the data you are looking for. All other POST data will be ignored. Protecting you from mass assignment from other people.

Turning this:

PHP Code:
$model->save([
    'movie_id'  => $this->request->getVar('movie_id'),
/* 'ind'        => $this->request->getVar('ind'), */
    'countryx'  => $this->request->getVar('countryx'),
    'name5'      => $this->request->getVar('name5'),
    'link5'      => $this->request->getVar('link5'),
    'country5'  => $this->request->getVar('country5'),
    'name6'      => $this->request->getVar('name6'),
    'link6'      => $this->request->getVar('link6'),
    'country6'  => $this->request->getVar('country6'),
    'name7'      => $this->request->getVar('name7'),
    'link3'      => $this->request->getVar('link7'),
    'country7'  => $this->request->getVar('country7'),
    'name8'      => $this->request->getVar('name8'),
    'link8'      => $this->request->getVar('link8'),
    'country8'  => $this->request->getVar('country8'),
]); 

Into this:

PHP Code:
$model->save($this->request->getPost()); 

In case you don't need that feature at all, just apply this. And it will be disabled 
PHP Code:
$model = new GlobeNomModel();
$model->protect(false); 

Or in the model itself (protectFields):

PHP Code:
<?php namespace App\Models;

use 
CodeIgniter\Model;

class 
OscarNomModel extends Model
{
    protected $table  'oscnom';
    protected $primaryKey 'id';    
    
protected $returnType 'object';

    protected $TimeStamps true;
    protected $useSoftDeletes true;
    protected $protectFields false;


And it will insert everything in your array into the database, and in case it dosen't match in development an error will be thrown. In production you will get "We seem to have hit a snag. Please try again later...".

You can also use it for placeholders, so you can have dynamic rules, and those rules dosen't get inserted into the database.
https://codeigniter.com/user_guide/model...aceholders

(05-21-2020, 04:12 PM)wdeda Wrote: The other issue is not really a problem. When I was doing the migration, CI3 to Ci4, I had and I have this need to update several fields in the table of ALL movies, because during the process of creating the table I had a view of the data to be displayed, but later I changed of idea about several things and I'm paying the price for it.

Personally I just make those updates in an MySQL editor, either web-based like phpMyAdmin or HeidiSQL (personal favorite, as you can connect to servers not having an GUI).
Reply

#8
(Yesterday, 02:40 AM)jreklund Wrote:
(05-21-2020, 04:12 PM)wdeda Wrote: Apparently, I presume, the system does not validate the fields in the Model with those in the table and/or it is only verified that the fields to be updated and listed in the Controller are listed in "allowed fields". But everything leads me to believe that the definition of what will actually be inserted/updated is what appears in "allowed fields", in Model.

That's correct, it would be a performance issue to look up the fields every time. And the reason $allowedFields are there in the first place are that you can just throw in the complete $_POST into $model->save() and it will just insert/update the data you are looking for. All other POST data will be ignored. Protecting you from mass assignment from other people.

Turning this:

PHP Code:
$model->save([
    'movie_id'  => $this->request->getVar('movie_id'),
/* 'ind'        => $this->request->getVar('ind'), */
    'countryx'  => $this->request->getVar('countryx'),
    'name5'      => $this->request->getVar('name5'),
    'link5'      => $this->request->getVar('link5'),
    'country5'  => $this->request->getVar('country5'),
    'name6'      => $this->request->getVar('name6'),
    'link6'      => $this->request->getVar('link6'),
    'country6'  => $this->request->getVar('country6'),
    'name7'      => $this->request->getVar('name7'),
    'link3'      => $this->request->getVar('link7'),
    'country7'  => $this->request->getVar('country7'),
    'name8'      => $this->request->getVar('name8'),
    'link8'      => $this->request->getVar('link8'),
    'country8'  => $this->request->getVar('country8'),
]); 

Into this:

PHP Code:
$model->save($this->request->getPost()); 

In case you don't need that feature at all, just apply this. And it will be disabled 
PHP Code:
$model = new GlobeNomModel();
$model->protect(false); 

Or in the model itself (protectFields):

PHP Code:
<?php namespace App\Models;

use 
CodeIgniter\Model;

class 
OscarNomModel extends Model
{
    protected $table  'oscnom';
    protected $primaryKey 'id';    
    
protected $returnType 'object';

    protected $TimeStamps true;
    protected $useSoftDeletes true;
    protected $protectFields false;


And it will insert everything in your array into the database, and in case it dosen't match in development an error will be thrown. In production you will get "We seem to have hit a snag. Please try again later...".

You can also use it for placeholders, so you can have dynamic rules, and those rules dosen't get inserted into the database.
https://codeigniter.com/user_guide/model...aceholders

(05-21-2020, 04:12 PM)wdeda Wrote: The other issue is not really a problem. When I was doing the migration, CI3 to Ci4, I had and I have this need to update several fields in the table of ALL movies, because during the process of creating the table I had a view of the data to be displayed, but later I changed of idea about several things and I'm paying the price for it.

Personally I just make those updates in an MySQL editor, either web-based like phpMyAdmin or HeidiSQL (personal favorite, as you can connect to servers not having an GUI).

Thank you very much, I could not expect anything other than that, a clear and objective answer.

I have in my ToDoList the creation of a development/test environment, with a replicated database and the objective of pioneering, yes, pioneering the CI manual from end to end, with all possible tests. Of course, if I were younger and with the availability of now I would have been at 555 Seymour St., Vancouver, BC for a long time.

Thank you very much, may you always be blessed.
Reply


Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2020 MyBB Group.