FuelPHP standard validation rules summary

Hello.
I'm Mandai, in charge of Wild on the development team.
This time, I would like to include as much information as possible that is not in the documentation, such as what you know about the FuelPHP standard validation rules and unexpected ways to use them.
The version of FuelPHP has been confirmed to be 1.7.2.

 

required

required is a check for required items, and can be passed if the check is not "false", "null", "empty string", or "empty array with no elements".
Please note that validation rules other than required can be passed with an empty string.

 

required_with

The required rule is applied only when the data in the field named $fieldname passes the required rule.
Is it something like validating the contents of a text box if the checkbox is checked?

 

match_value

Compares the data in $compare to see if it is the same.
$compare compares strings and numbers, including types using "===".
Also, if $strict is false, comparisons using "==" will be performed, ignoring types.

If $compare is an array, it scans the array and compares the types using "===" in order.
If there is the same one, the validation will pass.
If $strict is false, comparisons using "==" will be performed, ignoring types.

 

match_pattern

Performs pattern matching using regular expressions using the preg_match function.
Try mass-producing input forms quickly, elegantly, and wildly using Fuelphp's fieldset | Beyond Co., Ltd. also has a sample, so please check it out as well.

 

match_field

Compares with the field specified by $field including type checking.
Strict cannot be specified for this rule, so only "===" and empty strings are passed.

 

match_collection

If $collection is an array, use the in_array function to compare it with the values ​​in the array.
If $strict is true, the third argument of the in_array function is set to true, and strict comparison including type checking is performed.

If $collection is not an array, all arguments given are set to an array and comparison is performed using the in_array function.
For example, if you use the data "1, true, 2, 'test3'" as an argument, even if you enter 1 from the form, it will not pass because $strict is set to true (the numbers sent by POST are characters). (for column handling).
In fact, test3 is the only string that can pass this validation.

Also, if you use the data "1, 'true', 2, 'test3'" as an argument, $strict will appear to be set to true, but since it is not a Boolean value, the comparison will be performed without type checking. Masu.
Therefore, when validating the data sent by POST, both "true" and "test3" can pass.

The specifications are unclear and difficult to understand, and the match_value rule , so inputting data other than an array to $collection is likely to lead to unexpected pitfalls.

 

min_length

Can be passed if the string size is greater than or equal to $length.
If the size is 0 (= empty string), it can also be passed, so setting $length = 1 will not validate a required item.

 

max_length

If the string size is less than or equal to $length, it can be passed.

 

exact_length

If the string size is $length, you can pass.
It can be passed even if the size is 0 (= empty string), so it may often be used in conjunction with required.

 

valid_date

Verifies whether the given string is data according to the date and time format.
It goes without saying that an empty string can be passed, but unless you only look at the documentation, you may not realize that there is no need to explicitly specify $format.
If you set a format to $format, the date_parse_from_format function will parse based on $format.
If $format is null, it will be parsed using the date_parse function, so there is no need to set a fixed format (although there is a possibility that data that can be parsed as a date may be passed incorrectly).

The advantage of setting $format to null is that you can create a rule that allows both "Ymd" and "Y/m/d" to pass.

 

valid_email

Use the filter_var function to verify whether the string is valid as an email address.
Validating email addresses using the filter_var function is much safer than using the preg_match function to pass your own regular expressions.

 

valid_emails

After decomposing the input data with explode using the string set in $separator, the valid_email rule is verified in a loop.

Note that the default value of $separator is ",".

 

valid_url

Use the filter_var function to verify whether the string is valid as a URL.
A pitfall of the filter_var function is that URLs containing multi-byte characters cannot be passed even if they are real URLs.

 

valid_ip

Use the filter_var function to verify whether the string is valid as an IP address.
Verification can be performed regardless of IPv4 or IPv6.

 

numeric_min

Verifies whether the input value is greater than or equal to $min_val as a number.
Internally, the input value and $min_val are cast to float and compared, so decimal numbers can also be compared.

 

numeric_max

Verifies whether the input value is less than or equal to $max_val as a number.
Internally, the input value and $max_val are cast to float and compared, so decimals can also be compared.

 

numeric_between

Verifies that the input value is greater than or equal to $min_val and less than or equal to $max_val as a number.
This is the content where the numeric_min rule and numeric_max rule are verified at the same time.

 

valid_string

Simply select a rule to assemble a general-purpose regular expression and perform validation.
You can do something equivalent with
match_pattern The strings that the array stored in $flags can take are as follows.

Internal processing combines these rules to construct regular expressions.
It is necessary to specify several things in an array, but if the format of the input data is determined, there is a hidden function that automatically sets rules according to the data format.

For URLs, just ``$flags = 'url_safe''' will set three flags: 'alpha', 'numeric', and 'dashes'.
Rules like this (a set of rules?) actually exist as a hidden feature.

I can't stand the desperation of "all" (when should I use it?).

 
That's it.