Getting validated data into the database

[eluser]Bob Sawyer[/eluser]
I've read the docs, searched through a ton of posts here, etc., but haven't found what I'm looking for, so here goes.

Using CI's validation class, I'm validating the $_POST data from a form. All's hunky-dory, and now I'm ready to insert it. But I'm not exactly sure what I'm supposed to supply to the model: the $_POST data (has it been cleaned?), the $rules array, or will CI just know what I'm asking it to do?

Here's my function for adding a new user:

Code:

class Users extends Controller {

    function Users() {
        parent::Controller();
        $this->load->model('User_sql');
    }
    
    function index() {
        $x['users'] = $this->User_sql->get_users();
        $this->load->view('admin_users_v',$x);
        
    }
    
    function newuser() {
        // load our libs and helpers
        $this->load->helper('form','url');
        $this->load->library('validation');

        // set the error delims
        $this->validation->set_error_delimiters('<div class="error">', '</div>');
        
        // set the validation rules
        $rules['username'] = "trim|required|valid_email|xss_clean";
        $rules['pass1'] = "trim|required|matches[pass2]|xss_clean|sha1";
        $rules['pass2'] = "trim|required|xss_clean";
        $rules['level'] = "required";
        
        // set the field rules
        $fields['username'] = "User name";
        $fields['pass1'] = "Password";
        $fields['pass2'] = "Password confirmation";
        $fields['level'] = "Level";
        
        $this->validation->set_rules($rules);
        $this->validation->set_fields($fields);

        // $x['error'] is checked in the view; if $error == 1 then display
        // the errors generated here
        $x['error'] = 0;
        if ($this->validation->run() == FALSE) {
            $x['error'] == 1;
        } else {

            // HERE IS WHERE MY CONFUSION BEGINS
            // What do I need to pass to the model?
            // $_POST? $rules? Anything?

            $this->User_sql->insert_user();
        }
        
        // OK, we're done, just grab the levels for the lvl select
        // and show the view

        $x['levels'] = $this->User_sql->get_levels();
        $this->load->view('admin_adduser_v',$x);
        
    }
    
    function edit($uid) {
        $this->load->view('admin_edituser_v');
    }
}

The real question is, I suppose, what becomes of the individual fields once they've been prepped for db insertion by the validator class?

Thanks for any assistance!

[eluser]Rick Jolly[/eluser]
The validation class works directly on the $_POST array. However, supplying the $_POST array to your database insert could be a problem if:

1. There are entries in $_POST whose keys match your database field names, but you haven't validated or don't want to insert them.
2. Your form field names don't match your database field names.

So, what you should probably do is get the data that you want from the $_POST array after validation. You can do it using a simple function. Here's an example:

Code:

// set the validation fields
$fields['address'] = "Address";
$fields['price'] = "Price";

$fields_you_want = array_keys($fields);
// OR after:
// $this->validation->set_fields($fields);
// Do this:
// $fields_you_want = array_keys($this->validation->_fields);

$insert_data = get_db_data($fields_you_want, $_POST);
$this->db->insert('mytable', $insert_data);


function get_db_data($fields_you_want, $post)
{
   $data = array();

   foreach ($fields_you_want as $field)
   {
      $data[$field] = $post[$field];
   }
  
   return $data;
}

[eluser]Bob Sawyer[/eluser]
Thanks, Rick. I'll give that a shot. I also appreciate knowing now that validation works directly on the $_POST vars - that's good to know.

Cheers,
Bob