[Osaka/Yokohama/Tokushima] Looking for infrastructure/server side engineers!

[Osaka/Yokohama/Tokushima] Looking for infrastructure/server side engineers!

[Deployed by over 500 companies] AWS construction, operation, maintenance, and monitoring services

[Deployed by over 500 companies] AWS construction, operation, maintenance, and monitoring services

[Successor to CentOS] AlmaLinux OS server construction/migration service

[Successor to CentOS] AlmaLinux OS server construction/migration service

[For WordPress only] Cloud server “Web Speed”

[For WordPress only] Cloud server “Web Speed”

[Cheap] Website security automatic diagnosis “Quick Scanner”

[Cheap] Website security automatic diagnosis “Quick Scanner”

[Reservation system development] EDISONE customization development service

[Reservation system development] EDISONE customization development service

[Registration of 100 URLs is 0 yen] Website monitoring service “Appmill”

[Registration of 100 URLs is 0 yen] Website monitoring service “Appmill”

[Compatible with over 200 countries] Global eSIM “Beyond SIM”

[Compatible with over 200 countries] Global eSIM “Beyond SIM”

[If you are traveling, business trip, or stationed in China] Chinese SIM service “Choco SIM”

[If you are traveling, business trip, or stationed in China] Chinese SIM service “Choco SIM”

[Global exclusive service] Beyond's MSP in North America and China

[Global exclusive service] Beyond's MSP in North America and China

[YouTube] Beyond official channel “Biyomaru Channel”

[YouTube] Beyond official channel “Biyomaru Channel”

FuelPHP standard validation rules summary

Hello.
I'm Mandai, in charge of Wild on the development team.
This time, I would like to include as much information as possible that is not in the documentation, such as what you know about the FuelPHP standard validation rules and unexpected ways to use them.
The version of FuelPHP has been confirmed to be 1.7.2.

 

required

rule name argument
required none

required is a check for required items, and can be passed if the check is not "false", "null", "empty string", or "empty array with no elements".
Please note that validation rules other than required can be passed with an empty string.

 

required_with

rule name argument
required_with $fieldname

The required rule is applied only when the data in the field named $fieldname passes the required rule.
Is it something like validating the contents of a text box if the checkbox is checked?

 

match_value

rule name argument
match_value $compare, $strict = false

Compares the data in $compare to see if it is the same.
$compare compares strings and numbers, including types using "===".
Also, if $strict is false, comparisons using "==" will be performed, ignoring types.

If $compare is an array, it scans the array and compares the types using "===" in order.
If there is the same one, the validation will pass.
If $strict is false, comparisons using "==" will be performed, ignoring types.

 

match_pattern

rule name argument
match_pattern $pattern

Performs pattern matching using regular expressions using the preg_match function.
Try mass-producing input forms quickly, elegantly, and wildly using Fuelphp's fieldset | Beyond Co., Ltd. also has a sample, so please check it out as well.

 

match_field

rule name argument
match_field $field

Compares with the field specified by $field including type checking.
Strict cannot be specified for this rule, so only "===" and empty strings are passed.

 

match_collection

rule name argument
match_collection $collection = array(), $strict = false

If $collection is an array, use the in_array function to compare it with the values ​​in the array.
If $strict is true, the third argument of the in_array function is set to true, and strict comparison including type checking is performed.

If $collection is not an array, all arguments given are set to an array and comparison is performed using the in_array function.
For example, if you use the data "1, true, 2, 'test3'" as an argument, even if you enter 1 from the form, it will not pass because $strict is set to true (the numbers sent by POST are characters). (for column handling).
In fact, test3 is the only string that can pass this validation.

Also, if you use the data "1, 'true', 2, 'test3'" as an argument, $strict will appear to be set to true, but since it is not a Boolean value, the comparison will be performed without type checking. Masu.
Therefore, when validating the data sent by POST, both "true" and "test3" can pass.

The specifications are unclear and difficult to understand, and the match_value rule , so inputting data other than an array to $collection is likely to lead to unexpected pitfalls.

 

min_length

rule name argument
min_length $length

Can be passed if the string size is greater than or equal to $length.
If the size is 0 (= empty string), it can also be passed, so setting $length = 1 will not validate a required item.

 

max_length

rule name argument
max_length $length

If the string size is less than or equal to $length, it can be passed.

 

exact_length

rule name argument
exact_length $length

If the string size is $length, you can pass.
It can be passed even if the size is 0 (= empty string), so it may often be used in conjunction with required.

 

valid_date

rule name argument
valid_date $format = null, $strict = true

Verifies whether the given string is data according to the date and time format.
It goes without saying that an empty string can be passed, but unless you only look at the documentation, you may not realize that there is no need to explicitly specify $format.
If you set a format to $format, the date_parse_from_format function will parse based on $format.
If $format is null, it will be parsed using the date_parse function, so there is no need to set a fixed format (although there is a possibility that data that can be parsed as a date may be passed incorrectly).

The advantage of setting $format to null is that you can create a rule that allows both "Ymd" and "Y/m/d" to pass.

 

valid_email

rule name argument
valid_email none

Use the filter_var function to verify whether the string is valid as an email address.
Validating email addresses using the filter_var function is much safer than using the preg_match function to pass your own regular expressions.

 

valid_emails

rule name argument
valid_emails $separator (optional)

After decomposing the input data with explode using the string set in $separator, the valid_email rule is verified in a loop.

Note that the default value of $separator is ",".

 

valid_url

rule name argument
valid_url none

Use the filter_var function to verify whether the string is valid as a URL.
A pitfall of the filter_var function is that URLs containing multi-byte characters cannot be passed even if they are real URLs.

 

valid_ip

rule name argument
valid_ip none

Use the filter_var function to verify whether the string is valid as an IP address.
Verification can be performed regardless of IPv4 or IPv6.

 

numeric_min

rule name argument
numeric_min $min_val

Verifies whether the input value is greater than or equal to $min_val as a number.
Internally, the input value and $min_val are cast to float and compared, so decimal numbers can also be compared.

 

numeric_max

rule name argument
numeric_max $max_val

Verifies whether the input value is less than or equal to $max_val as a number.
Internally, the input value and $max_val are cast to float and compared, so decimals can also be compared.

 

numeric_between

rule name argument
numeric_between $min_val, $max_val

Verifies that the input value is greater than or equal to $min_val and less than or equal to $max_val as a number.
This is the content where the numeric_min rule and numeric_max rule are verified at the same time.

 

valid_string

rule name argument
valid_string $flags = array('alpha', 'utf8')

Simply select a rule to assemble a general-purpose regular expression and perform validation.
You can do something equivalent with
match_pattern The strings that the array stored in $flags can take are as follows.

flag Target character
alpha uppercase lowercase alphabet
numeric numbers 0-9
specials Alphabet (string pattern matched with [:alpha:])
spaces half-width space
new lines \r \n
tabs \t
punctuation .  ,  !  ?  :  ;  &
single quotes '
double quotes "
dashes _ -
forward slashes /
backslashes \
brackets [ ]
braces ( )
utf8 { }

Internal processing combines these rules to construct regular expressions.
It is necessary to specify several things in an array, but if the format of the input data is determined, there is a hidden function that automatically sets rules according to the data format.

For URLs, just ``$flags = 'url_safe''' will set three flags: 'alpha', 'numeric', and 'dashes'.
Rules like this (a set of rules?) actually exist as a hidden feature.

ruleset name Rules to be set
alpha alpha, utf8
alpha_numeric alpha, utf8, numeric
specials specials, utf8
url_safe alpha, numeric, dashes
integer, numeric numeric
float numeric, dots
quotes single quotes, double quotes
slashes forward slashes, back slashes
all alpha, utf8, numeric, specials, spaces, newlines, tabs, punctuation, singlequotes, doublequotes, dashes, forwardslashes, backslashes, brackets, braces

I can't stand the desperation of "all" (when should I use it?).

 
That's it.

If you found this article helpful , please give it a like!
1
Loading...
1 vote, average: 1.00 / 11
6,540
X facebook Hatena Bookmark pocket
[2025.6.30 Amazon Linux 2 support ended] Amazon Linux server migration solution

[2025.6.30 Amazon Linux 2 support ended] Amazon Linux server migration solution

The person who wrote this article

About the author

Yoichi Bandai

My main job is developing web APIs for social games, but I'm also fortunate to be able to do a lot of other work, including marketing.
Furthermore, my portrait rights in Beyond are treated as CC0 by him.