Smarty

electr0n · Posted: Mon Jun 07, 2004 3:12 pm Post subject:

Could someone do a hack or something else, which let's just the checked POST Variables in $_POST? If you say me, where the variables are checked and tranformed, I'll do that.

mohrt · Posted: Mon Jun 07, 2004 3:51 pm Post subject:

I don't understand the question.

boots · Posted: Mon Jun 07, 2004 4:07 pm Post subject:

I think electr0n wants non-validated entries automatically removed from $_POST ?

electr0n · Posted: Mon Jun 07, 2004 5:18 pm Post subject:

Yeah. Sorry for my unclear formulation.

mohrt · Posted: Mon Jun 07, 2004 6:05 pm Post subject:

You want to clear the value of a POST var that fails validation? That could be done a few ways, individually with a new attribute:

{validate reset=true ...}

Or applied globally via a new parameter to is_valid:

SmartyValidate::is_valid($_POST,'myform',true);

Or, a global behavior setting:

SmartyValidate::reset_on_error(true):
if(SmartyValidate::is_valid($_POST)) { ... }

electr0n · Posted: Mon Jun 07, 2004 6:28 pm Post subject:

It would be great in the connect() method. Like boots said, just the variables, which aren't checked, for example:

boots · Posted: Mon Jun 07, 2004 6:43 pm Post subject:

mohrt · Posted: Mon Jun 07, 2004 6:46 pm Post subject:

I see, you want to remove the POST vars from the array that were not validated. I can think of a couple ways. First, it could be set with register_form() so you can control this on a form-by-form level:

electr0n · Posted: Tue Jun 08, 2004 4:29 pm Post subject:

hihat · Smarty Rookie Joined: 02 May 2004 Posts: 7

how about a criterium website / url?

can you add this?
a suggestion for a great additional feature: an url can be tested whether it is reachable or not.

thanks.

xces · Smarty Regular Joined: 09 Apr 2004 Posts: 77

hihat, sorry to cut your idea's but smarty_validate is a form validation extension to smarty, not an all-covering-validation.

@Mohrt, sorry to say that i have been absent lately been way to busy, i will implement version 2.0RC1 tonight in my CMS and give it a test run.

@Boots, You tell in a previous post that you should rely a template to validate your code. I can see where you are going with that, because of the fact if someone else would write a different template without the {validate ... } code then you could allready have a security flaw. Are you thinking that way?

mohrt · Posted: Wed Jun 09, 2004 1:51 pm Post subject:

I've been putting SmartyValidate to the test on a pretty good sized project, I already have some more feature changes in place... One is registering of objects. Example:

// in PHP script
SmartyValidate::connect($smarty);
SmartyValidate::register_object('myobj',$myobj);
SmartyValidate::register_criteria('myobj->foobar');

// in template
{validate ... criteria="isCustom" function="myobj->foobar"}

This works quite well, it creates an internal reference to the object so methods of that object can be used as validation criteria.

I should probably put this into a new version (2.1) because of the changes. In that respect, I don't know if I should even bother with an official 2.0 release.

hihat · Smarty Rookie Joined: 02 May 2004 Posts: 7

Ok, no friends for this idea with the url-checking (although not far from isEmail) yet.

How about the possibility to combine several criteria, f.ex. an eMail-Adress that should not be longer than 64 chars or a price not higher than 100 Dollar or such?

Just some suggestions.

mohrt · Posted: Wed Jun 09, 2004 2:26 pm Post subject:

hihat · Smarty Rookie Joined: 02 May 2004 Posts: 7

...by just putting in more validate blocks. Thanks for the hint.

the checking was meant as an additional feature, but just a validation, whether format is like an url could be nice as well.

However, thanks for the well done work!