2

Lets assume I have user generated data which is not coming through a form post. Is there a way I can use/ extend CodeIgnitors form_validation class to validate that data.

eg.

<?php
$userData = array('name' => 'tt' , 'city' => 'London' , 'age' => '1200' );
// How can I validate this data using form_validation checks
// like min_length,max_length,and apply some processing
// like trim,xss_clean provided by the same class

?>
Improve this question
2
  • may be not related to question's answer.. But may i know : ...then, by which way, this user generated data is coming from user ? if user is not submitting the form ? Commented Apr 2, 2012 at 9:54
  • Hi @TechCare99, you may assume that the user is giving data as a json,instead of individual form element, or that this data is some unprocessed data from a database which needs to be sanitized Commented Apr 2, 2012 at 10:01

3 Answers 3

Reset to default
3

Yes you can via set_data() method, Here you go.

$this->form_validation->set_data(array(
        'name'    =>  'Full Name',
        'city'    =>  'City',
));

$this->form_validation->set_rules('name', 'Name', 'trim|required');
$this->form_validation->set_rules('city', 'City', 'trim|required');
$this->form_validation->set_rules('age', 'Age', 'trim|required');

if ($this->form_validation->run() == FALSE) {
    echo 'Invalid: ' . validation_errors();
} else {
    echo 'Valid';
}
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

1

You can extend the run and set_rule method of the core form validation lib of codeigniter. This how i do it without extending the core : 

  // Data coming from backbone model  
     $data = json_decode(file_get_contents('php://input'), true); 
     $this->config->load('myValidConf/form_validation');
     $non_post = array(
           'foo' => $data['foo']
      );
     $_POST = $non_post; 
     if ($this->form_validation->run('myConfigarray')!== FALSE) {
            echo 'we're ok';
     } else {
         echo validation_errors() ;
     }

Hope it helps you.

Improve this answer

1 Comment

overwriting $_POST seems to be a bad practice.
-1

Might sound like a dirty hack, but you could spoof a form post by setting $_POST data? Say you receive JSON, you could do something like:

$json = "...."; //json encoded string
$arr = json_decode($json, true);
foreach($arr as $key => $value)
{
    $_POST[$key] => $value;
}

// do form validation as if the data was posted from a form.

This is offcourse just a quick fix. You could extend/overwrite parts of the Form_validation library. How I would do it:

  • Add a MY_Form_validation.php library, copy paste ALL functions from Form_validation.php that use $_POST (set_rules(), run(), matches())
  • Replace all instances of $_POST in MY_Form_validation.php with $this->validate_data
  • Set $validate_data to $_POST in the constructor.
  • Add a function set_validate_data() that allows you to overwrite $this->validate_data

You will have to use the $_POST array after the data has been validated, if you want to use the cleaned data. If this is unacceptable, also add a function that cleans $this->validate_data and returns an XSS clean array.

Improve this answer

2 Comments

Not a good code. It could be better done by creating a similar lib to validation which works on any array instead of just $_POST
You asked for a way, I gave you one, you didn't say you didn't want dirty hacks :p I have added a suggestion for better code.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.