Summary of FuelPHP standard validation rules
table of contents
Hello.
This is Mandai from the development team, in charge of the wild stuff.
This time, I'd like to share information about FuelPHP
's standard validation rules, including things I already know and some unexpected uses, as much as possible that aren't in the documentation. Please note that this has been tested with FuelPHP version 1.7.2.
required
| Rule Name | argument |
|---|---|
| required | none |
The `required` validation rule checks for required fields, and it passes if the value is anything other than `false`, `null`, an empty string, or an empty array with no elements.
Note that validation rules other than `required` can pass if the value is an empty string.
required_with
| Rule Name | argument |
|---|---|
| required_with | $fieldname |
The `required` rule is applied only when the data in the field named `$fieldname` passes the `required` rule. This
might be used in a way like validating the contents of a text box if a checkbox is checked.
match_value
| Rule Name | argument |
|---|---|
| match_value | $compare, $strict = false |
This function compares whether the data in $compare is the same as the data in $compare.
If $compare is a string or a number, it compares the data including the type using "===".
If $strict is false, it performs a comparison ignoring the type using "==".
If $compare is an array, the array is iterated through, and comparisons including type comparison using "===" are performed one by one.
If identical items are found, the validation passes.
If $strict is false, a type-ignoring comparison using "==" is performed.
match_pattern
| Rule Name | argument |
|---|---|
| match_pattern | $pattern |
This demonstrates pattern matching using regular expressions with the `preg_match` function.
"Generating Input Forms Quickly, Elegantly, and Wildly with Fuelphp's fieldset | Beyond Co., Ltd.", so please check that out as well.
match_field
| Rule Name | argument |
|---|---|
| match_field | $field |
performs a comparison with the field specified by $field, including type checking.
Since the strict option is not available for this rule, it will only pass cases where the result is "===" or an empty string.
match_collection
| Rule Name | argument |
|---|---|
| match_collection | $collection = array(), $strict = false |
If $collection is an array, the in_array function is used to compare it with the values in the array.
If $strict is true, the third argument of the in_array function is set to true, and a strict comparison including type checking is performed.
If $collection is not an array, all the given arguments are set into an array and the comparison is performed using the in_array function.
For example, if the arguments are "1, true, 2, 'test3'", even if you enter 1 in the form, it will not pass because $strict is set to true (because numbers sent via POST are treated as strings).
In effect, the only string that can pass this validation is test3.
Also, if the data "1, 'true', 2, 'test3'" is passed as an argument, it appears that $strict is set to true, but since it is not a boolean value, the comparison will be performed without type checking.
Therefore, when validating data sent via POST, both "true" and "test3" will pass.
The specifications are unclear and difficult to understand, and it behaves the same as when the first argument is an array in thematch_value rule, so using it with data other than an array in $collection could lead to unexpected pitfalls.
min_length
| Rule Name | argument |
|---|---|
| min_length | $length |
If the string size is greater than or equal to $length, it will pass.
It will also pass if the size is 0 (= an empty string), so setting $length = 1 will not validate that it is a required field.
max_length
| Rule Name | argument |
|---|---|
| max_length | $length |
If the string size is less than or equal to $length, it will pass
exact_length
| Rule Name | argument |
|---|---|
| exact_length | $length |
If the string size is $length, it will pass.
It will also pass if the size is 0 (=empty string), so it may often be used in conjunction with required.
valid_date
| Rule Name | argument |
|---|---|
| valid_date | $format = null, $strict = true |
This function verifies whether the given string conforms to a date and time format.
While it goes without saying that an empty string will pass, it's easy to miss the fact that you don't need to explicitly specify `$format` if you only read the documentation.
If you set a format for `$format`, the `date_parse_from_format` function will parse based on that format.
If `$format` is null, the `date_parse` function will parse it, so you don't need to hardcode the format (although there's a possibility that data that could be parsed as a date might pass incorrectly).
The advantage of setting $format to null is that it allows the rule to pass both "Ymd" and "Y/m/d"
valid_email
| Rule Name | argument |
|---|---|
| valid_email | none |
The `filter_var` function is used to verify whether a string is a valid email address.
Validating email addresses with the `filter_var` function is far safer than using the `preg_match` function to run your own regular expression.
valid_emails
| Rule Name | argument |
|---|---|
| valid_emails | $separator (optional) |
After using explode to decompose the input data using the string set in $separator, the valid_email rule is validated in a loop
The default value for $separator is ","
valid_url
| Rule Name | argument |
|---|---|
| valid_url | none |
The `filter_var` function is used to verify whether a string is valid as a URL.
A pitfall of the `filter_var` function is that URLs containing multibyte characters will not pass, even if they are real URLs.
valid_ip
| Rule Name | argument |
|---|---|
| valid_ip | none |
The `filter_var` function is used to verify whether a string is a valid IP address.
It can verify both IPv4 and IPv6 addresses.
numeric_min
| Rule Name | argument |
|---|---|
| numeric_min | $min_val |
This function verifies whether the input value is greater than or equal to $min_val as a number.
Internally, it casts the input value and $min_val to floats for comparison, so it can also compare decimal numbers.
numeric_max
| Rule Name | argument |
|---|---|
| numeric_max | $max_val |
This function verifies whether the input value is less than or equal to $max_val as a number.
Internally, it casts the input value and $max_val to floats for comparison, so it can also compare decimal numbers.
numeric_between
| Rule Name | argument |
|---|---|
| numeric_between | $min_val, $max_val |
verifies that the input value is a number greater than or equal to $min_val and less than or equal to $max_val.
It simultaneously verifies the numeric_min and numeric_max rules.
valid_string
| Rule Name | argument |
|---|---|
| valid_string | $flags = array('alpha', 'utf8') |
Simply by selecting rules, you can build and validate a general-purpose regular expression.
`match_pattern`can achieve similar results, for simpler regular expressions, it might be easier to understand since you don't need to read the regular expression itself.
The possible strings in the array stored in `$flags` are as follows:
| Flags | Target character |
|---|---|
| alpha | Uppercase and lowercase alphabets |
| numeric | Numbers 0-9 |
| specials | Alphabetic (strings pattern matched with [:alpha:]) |
| spaces | Half-width space |
| newlines | \r \n |
| tabs | \t |
| punctuation | . , ! ? : ; & |
| singlequotes | ' |
| doublequotes | " |
| dashes | _ - |
| forward slashes | / |
| backslashes | \ |
| brackets | [ ] |
| braces | ( ) |
| utf8 | { } |
Internally, these rules are combined to construct regular expressions.
While you need to specify several in an array, there's a hidden feature that automatically sets the rules according to the data format if the input data format is fixed.
For URLs, simply setting "$flags = 'url_safe'" will set three flags: 'alpha', 'numeric', and 'dashes'.
Such rules (or rule sets, which are sets of multiple rules?) actually exist as a hidden feature.
| Ruleset Name | Rules to be set |
|---|---|
| alpha | alpha, utf8 |
| alpha_numeric | alpha, utf8, numeric |
| specials | specials, utf8 |
| url_safe | alpha, numeric, dashes |
| integer, numeric | numeric |
| float | numeric, dots |
| quotes | single quotes, double quotes |
| slashes | forward slashes, backslashes |
| all | alpha, utf8, numeric, specials, spaces, newlines, tabs, punctuation, singlequotes, doublequotes, dashes, forwardslashes, backslashes, brackets, braces |
The desperation of "all" is incredible (when will I ever use this)
That's all
1
Loading...1 
The person who wrote this article
About the author
