Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Archived Discussions Archived Development & Programming Data Form Efficiency
Data Form Efficiency
  • El Forum
    Guest
  •  
#1
07-03-2008, 09:23 AM

[eluser]Sondlen[/eluser]
I am using jQuery to build dynamic data entry forms or spreadsheets. Currently, it looks like the max is about 80 or so separate fields.

Since the amount of fields can be resized, I can have as little as about 10 fields. I have JavaScript checking the data as it is being input, but I am reserving actual data submission to a single post. Since I am using the validation class to valid and clean the fields, do I need to set up rules for every single potential field?

I currently have this
Code:
$rules = array(
            
            '10' => 'trim|numeric', '11' => 'trim|numeric', '12' => 'trim|numeric',
            '13' => 'trim|numeric', '14' => 'trim|numeric', '15' => 'trim|numeric',
            '16' => 'trim|numeric', '17' => 'trim|numeric'
        );

should I do this 80 times? Is there a more efficient way to achieve this because this seems quite inefficient.
  • El Forum
    Guest
  •  
#2
07-03-2008, 10:20 AM

[eluser]Randy Casburn[/eluser]
So you don't want to trust the client at all?
Do you have control over your server(s)?
If so, there are better alternatives.
  • El Forum
    Guest
  •  
#3
07-03-2008, 10:29 AM

[eluser]Sondlen[/eluser]
Honestly, security does have to be a priority, but we do have control over the server. Which alternatives might there be?
  • El Forum
    Guest
  •  
#4
07-03-2008, 11:09 AM

[eluser]Randy Casburn[/eluser]
NOTE: This is in response to what looks like a very specialized JS heavy application. This is not meant to imply the CI validation methods are not useful. The original post was about a unique case.
===

If you are using Apache and you're team is strong with JS, I really, really think you should investigate Jaxer.

Jaxer puts JS on the server so the exact same JS validation you use on the client can be used on the server -securely- where it is safe from modification. Jaxer goes way beyond just this though as it puts the entire DOM on the server so you can manipulate the entire DOM on the server prior to sending it to the client. For JS heavy complicated applications such as yours, this type of solution is ideal.

The client runs unmodified.

The architecture is described here: http://aptana.com/node/275

Here is some example code. Note the "runat='server' in the tag. It's pretty much that simple. With Jaxer o the server, this code will be run on the server rather than the client. If this was your JS validation, your validation could all be moved (securely) to the server. The cool part is, it's the same code without modification other than runat='server' or runat='both' etc.
Code:
1. [script   type="text/javascript" runat="server"]  
   2.     function setPassword(username, newPassword)  
   3.     {  
   4.         // put code in here to directly set the password of a given username  
   5.         // this code should not be callable from the client  
   6.     }  
   7.      
   8.     function changePassword(username, oldPassword, newPassword){  
   9.         // put code in here to first verify the submitted password,  
  10.         // and then -- if successful -- call setPassword to actually make changes  
  11.         // this code should be callable from the client  
  12.     }  
  13.     changePassword.proxy = true;  
  14. [script]  
  15.      
  16. [script type="text/javascript"]  
  17.     function submitPassword()  
  18.     {  
  19.         // put client-side code here to grab the username and old and new passwords  
  20.         // and call changePassword on the server  
  21.     }  
  22. [script ]

Hope this is helpful.

Randy

[edited to get the script tag contents back in Undecided
  • El Forum
    Guest
  •  
#5
07-03-2008, 11:13 AM

[eluser]Randy Casburn[/eluser]
I suppose I should follow up by clarifying that the CI validation would not be necessary at all then.

Randy
  • El Forum
    Guest
  •  
#6
07-03-2008, 12:10 PM

[eluser]Pascal Kriete[/eluser]
Or you could just foreach through the fields and set rules for all of them.
  • El Forum
    Guest
  •  
#7
07-03-2008, 12:27 PM

[eluser]Randy Casburn[/eluser]
@inparo -- under less (extra)ordinary conditions absolutely agree.

80+ DOM deconstructs, 80+ string decodes, 80+ validations, etc. just to get it though PHP on the server side? This _may_ not make sense when other very high performance alternatives are available.

You're an accomplished JS guy. I'm amazed you've not explored this option...it is simply cool beans man.
  • El Forum
    Guest
  •  
#8
07-03-2008, 02:52 PM

[eluser]Pascal Kriete[/eluser]
@randy, I totally agree with you - it is cool beans. I've been excited about server side javascript ever since I heard of Rhino on Rails. Although I have not had a chance to do more than dabble in what is currently out there.

I was providing the pure PHP version, by no means does that mean I don't like your solution Smile .
  • El Forum
    Guest
  •  
#9
07-03-2008, 02:59 PM

[eluser]Sondlen[/eluser]
I made a couple of design changes and used the PHP solution. Thanks everyone.




Theme © iAndrew 2016 - Forum software by © MyBB