|
Smarty
WARNING: All discussion is moving to https://reddit.com/r/smarty, please go there! This forum will be closing soon. |
|
View previous topic :: View next topic |
Author |
Message |
boots Administrator
Joined: 16 Apr 2003 Posts: 5611 Location: Toronto, Canada
|
Posted: Sat Jun 12, 2004 8:03 pm Post subject: |
|
|
@xces: if you are on win32, then I suggest the excellent TortoiseCVS which integrates directly with your explorer. I would say that it is probably the easiest way to deal with CVS on windows (especially for new users to CVS). Of course, it does hide all the interesting back-end stuff so you don't really learn how to use CVS with this tool--but it is very convenient.
http://www.tortoisecvs.org/
Just be sure to checkout your projects using unix-line-endings and you should be golden.
There is also a TortoiseSVN available |
|
Back to top |
|
xces Smarty Regular
Joined: 09 Apr 2004 Posts: 77
|
Posted: Sun Jun 13, 2004 6:10 pm Post subject: |
|
|
Heya Mohrth, i downloaded and implemented the new beta 2.1 but it was acting kinda wierd on my cms. The problem lies within the disconnect thing. Other then validating the form input i also validate custom stuff like a username and his password...
Anyway to explain the problem i had;
When i use SmartyValidate::Connect($wuSmarty) which is my own smarty extender, all goes well and i can use SmartyValidate::is_valid($_POST) also. This all happens on the first page, login. I do not use a disconnect because i have to many ifs etc etc. On the second page the form doesn't get validated anymore even though i use a SmartyValidate::Connect(..) again.
I don't know for sure but i think smartyvalidate remembers the validate criteria from the previous form on the previous page even though i am on a new page and printing a new entirely different form. If this is supposed to happen it might be a good idea to "clear" all data when the SmartyValidate is connected, or add a new extra parameter which defaults to false.
e.g. Code: | function connect($smartyobj, $clear=false) | This way, when the second parameter would be set to true, all stored data would be cleared.
I kinda need this improvement because i have to many ifs and i only want to use 1 disconnect statement maxx to keep my code clear. |
|
Back to top |
|
boots Administrator
Joined: 16 Apr 2003 Posts: 5611 Location: Toronto, Canada
|
Posted: Sun Jun 13, 2004 6:30 pm Post subject: |
|
|
xces: can you test again? I think the problem may have been that SmartyValidate was holding on to object references even after disconnect was issued. It should now properly release those. If you are still having the trouble, then it is because of something deeper that I don't know yet |
|
Back to top |
|
mohrt Administrator
Joined: 16 Apr 2003 Posts: 7368 Location: Lincoln Nebraska, USA
|
Posted: Sun Jun 13, 2004 6:45 pm Post subject: |
|
|
also, be sure you call register_form() each time you want the validate data cleared. |
|
Back to top |
|
xces Smarty Regular
Joined: 09 Apr 2004 Posts: 77
|
Posted: Sun Jun 13, 2004 7:58 pm Post subject: |
|
|
Hmz strange, i cannot take a look at my code at the moment because i am not at home, i am watching sleepy hollow at my best m8's place
All i do is a SmartyValidate::connect() before i first post the form, then i submit the form and do a is_valid.
example pseudo code (php): Code: | SmartyValidate::connect($wuSmarty);
if (empty($_POST)) {
...
} else {
if SmartyValidate::is_valid()) {
...
}
}
$wuSmarty->display(...); |
Since i read the connect function replaced the ::init() function, did i do anything wrong on that part? |
|
Back to top |
|
xces Smarty Regular
Joined: 09 Apr 2004 Posts: 77
|
Posted: Sun Jun 13, 2004 8:01 pm Post subject: |
|
|
mohrt wrote: | also, be sure you call register_form() each time you want the validate data cleared. |
That doesn't make a difference, because register_form returns false if the form is allready registered. You mean reset_form?
So i have to change my code to;
SmartyValidate::Connect($wuSmarty);
SmartyValidate::reset_form('default');
Because when i do a connect the second time i use smartyvalidate it allready thinks a form is registered because i did not do a disconnect even though i am on a new page... Right? |
|
Back to top |
|
boots Administrator
Joined: 16 Apr 2003 Posts: 5611 Location: Toronto, Canada
|
Posted: Sun Jun 13, 2004 8:40 pm Post subject: |
|
|
@xces: hmm. At least in the latest cvs, there is no longer reset_form(). Perhaps you mean SmartyValidate::unregister_form('foo_form') ? |
|
Back to top |
|
mohrt Administrator
Joined: 16 Apr 2003 Posts: 7368 Location: Lincoln Nebraska, USA
|
Posted: Mon Jun 14, 2004 1:49 am Post subject: |
|
|
yes, reset_form() was removed with the latest CVS. You just use register_form() to "reset" a form. After putting SmartyValidate to use, it only made sense to wipe out and reset a form when register_form() made sense, so reset_form() wasn't really necessary.
When you do SmartyValidate::connect($smarty), the default form is registered implicitly for you, same as doing:
SmartyValidate::register_form('default');
So it is not necessary to register the default form, unless you want it reset.
Make sure you always pass your form data ($_POST) to is_valid(), you didn't have that in the above example. |
|
Back to top |
|
xces Smarty Regular
Joined: 09 Apr 2004 Posts: 77
|
Posted: Mon Jun 14, 2004 6:59 am Post subject: |
|
|
Hmmz when typing the reply about reset_form i took a look at the code on phpinsider.com. And i do use $_POST on is_valid but i forgot to type it
edit: Code: | //----------------------------------------------------------------------------------------------------
// Initialize form validator
//----------------------------------------------------------------------------------------------------
SmartyValidate::connect($wuSmarty);
if (empty($_POST)) {
//----------------------------------------------------------------------------------------------------
// Clear form data and register any custom form validators
//----------------------------------------------------------------------------------------------------
SmartyValidate::register_form('default');
...
} else {
//----------------------------------------------------------------------------------------------------
// Validate form
//----------------------------------------------------------------------------------------------------
if (SmartyValidate::is_valid($_POST)) {
...
}
}
$wuSmarty->display('core/login.tpl');
|
This works for me, i just force to clear the data every time the $_POST is empty. |
|
Back to top |
|
mohrt Administrator
Joined: 16 Apr 2003 Posts: 7368 Location: Lincoln Nebraska, USA
|
Posted: Mon Jun 14, 2004 4:48 pm Post subject: |
|
|
I added a second parameter to register_form() in CVS, being a reset switch.
SmartyValidate::register_form('myform');
This above return false if the form was already registered.
SmartyValidate::register_form('myform', true);
This above will reset (same as unregister/register) the form. |
|
Back to top |
|
xces Smarty Regular
Joined: 09 Apr 2004 Posts: 77
|
Posted: Tue Jun 15, 2004 8:10 am Post subject: |
|
|
Hmz maybe you could add this to the connect tag? e.g.
Code: | SmartyValidate::connect($wuSmarty, (empty($_POST))); |
This would connect, but also only clear if the $_POST is empty. An idea?
This would give the following code:
[php:1:5cf10382ab]function connect(&$smarty, $reset=false) {
if(is_object($smarty) && ((get_class($smarty) == strtolower('smarty')) || is_subclass_of($smarty, strtolower('smarty')))) {
SmartyValidate::_smarty_instance($smarty);
SmartyValidate::register_form('default', $reset);
} else {
trigger_error("SmartyValidate: [connect] I need a valid Smarty object.");
return false;
}
}
/*
(disconnect function omitted to show changes more clearly)
*/
function register_form($form, $reset=false) {
if (SmartyValidate::is_form_registered($form) && !$reset) {
return;
}
$_SESSION['SmartyValidate'][$form] = array();
$_SESSION['SmartyValidate'][$form]['registered_criteria'] = array();
$_SESSION['SmartyValidate'][$form]['registered_transform'] = array('trim');
$_SESSION['SmartyValidate'][$form]['validators'] = array();
$_SESSION['SmartyValidate'][$form]['is_error'] = false;
return true;
}[/php:1:5cf10382ab]
Because right now i have to do this code (on each page i use SmartyValidate):[php:1:5cf10382ab]SmartyValidate::connect($wuSmarty);
SmartyValidate::register_form('default', (empty($_POST)) );[/php:1:5cf10382ab]
Which could be shortened to the following code with my addition:[php:1:5cf10382ab]SmartyValidate::connect($wuSmarty, (empty($_POST)) );[/php:1:5cf10382ab] |
|
Back to top |
|
mohrt Administrator
Joined: 16 Apr 2003 Posts: 7368 Location: Lincoln Nebraska, USA
|
Posted: Tue Jun 15, 2004 2:33 pm Post subject: |
|
|
No problem, grab the latest CVS see if that works for you. FYI, register_form() returns false (not empty) if the form is already registered and reset is not true. |
|
Back to top |
|
boots Administrator
Joined: 16 Apr 2003 Posts: 5611 Location: Toronto, Canada
|
Posted: Tue Jun 15, 2004 10:47 pm Post subject: |
|
|
xces wrote: | @Boots, You tell in a previous post that you should rely a template to validate your code. I can see where you are going with that, because of the fact if someone else would write a different template without the {validate ... } code then you could allready have a security flaw. Are you thinking that way? |
Sorry xces, just noticed this If you mean "should NOT rely on a template to validate your code..." then that is a fair comment on my remarks. The general idea I'm suggesting is that each processing unit is a black-box (meaning it has a defined interface and some sort of hidden internal processing) and each black-box is responsible for validating its own interface. This is particularly important when these black-boxes are truly decoupled. For example, there are many ways to access a database layer other than via a web-form.
For db's, this implies that you would have to implement db level validation (which I highly recommended) but of course, many people will not do that, particularly for small projects. The result of not doing this is that if your web server is compromised, your database is likely to be compromised too.
So my comments were meant as a heads-up for developers scaling their solutions up from a simple script based solution to something that is expected to be more robust and especially for newer developers who may not be familiar with the ins-and-outs of abstraction layers and the issues surrounding points-of-failure. |
|
Back to top |
|
mohrt Administrator
Joined: 16 Apr 2003 Posts: 7368 Location: Lincoln Nebraska, USA
|
Posted: Wed Jun 16, 2004 2:35 pm Post subject: |
|
|
Some major changes and enhancements were committed to the repository.
Most notably, all criteria and transform functions were moved to the Smarty Plugin directory. This way functions can be easily added or extended.
This also means that the "isCustom" criteria type is no longer necessary.
There is a new parameter added for registering functions, you now register them like so:
Code: |
SmartyValidate::register_criteria('isPass', 'my_pass_func', 'my_form'); |
Then when you call this criteria in the template:
Code: |
{validate field="foo" criteria="isPass" ... } |
The "my_pass_func" PHP function will be called to validate the field.
Transform functions work the same way:
Code: |
SmartyValidate::register_transform('upper', 'my_upper_func', 'my_form'); |
Code: |
{validate field="foo" transform="upper" ... } |
Notice that the actual PHP function names are no longer necessary in the templates, you just use the name you register them as.
You can also register methods of objects that are registered with SmartyValidate:
Code: |
SmartyValidate::register_object('my_obj',$object);
SmartyValidate::register_criteria('isPass', 'my_obj->check_pass', 'my_form'); |
You can also register criteria/transforms just by dropping them into the plugin directory. The filename format is:
validate_criteria.isPass.php
validate_transform.upper.php
basically put the name of the function in the filename, then the function name within the file follows this format:
Code: |
function smarty_validate_criteria_isPass($value, $empty, &$params, &$formvars) { ... } |
Code: |
function smarty_validate_transform_upper($value) { ... } |
All of this information is outlined in the README file, but those are the biggest changes. This breaks BC a bit since "isCustom" is gone, but it makes things easier and more flexible for the future. |
|
Back to top |
|
hristov Smarty Rookie
Joined: 04 Jun 2004 Posts: 24
|
Posted: Wed Jun 16, 2004 2:38 pm Post subject: |
|
|
Code: |
<?php
/**
* test if a value is a valid e-mail address
*
* @param string $value the value being tested
* @param boolean $empty if field can be empty
* @param array params validate parameter values
* @param array formvars form var values
*/
function smarty_validate_criteria_isPrice($value, $empty, &$params, &$formvars) {
if(strlen($value) == 0)
return $empty;
// in case value is several addresses separated by newlines
$_addresses = preg_split('![\n\r]+!', $value);
foreach($_addresses as $_address) {
if(preg_match('!@.*@|\.\.|\,!', $_address) ||
!preg_match('!^.+\@(\[?)[a-zA-Z0-9\.\-]+\.([a-zA-Z]{2,4}|[0-9]{1,3})(\]?)$!', $_address)) {
return false;
}
}
return true;
}
?>
|
This is the contents of the validate_criteria.isEmail.php plugin as of 06.16.04; I just CVS the code and I was working on making my application use the new 2.x version. The code lookes allright to me, however, that function name is the one that worries me.
________
Kawasaki klx450r
Last edited by hristov on Sat Feb 12, 2011 7:41 pm; edited 1 time in total |
|
Back to top |
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
Powered by phpBB © 2001, 2005 phpBB Group
|
|