Server Side Validation
Table of contents
1. Overview Table of Contents
Server side validation supports the frameworks ability to check if values for an input field on a form meet specific requirements. The most commonly used check is required. A list of supported checks is shown below:
- Email - checks if string is in valid email format.
- Lower Character - Checks if a string contains at least 1 lower case character.
- Matches - Used to check if two separate values match. Used when setting up password.
- Max - Ensures value does not exceed maximum input size. (Requires rule - integer)
- Min - Ensures value exceeds minimum input size. (Requires rule - integer)
- Number - Checks if a string contains at least 1 numeric character
- Numeric - Ensures value is a numeric character
- Required - Ensures required value is entered into form
- Special - Checks if a string contains at least 1 special character that is not a space
- Unique - Checks database on form submit and verifies a value is unique (ex: user name)
- Upper Character - Checks if a string contains at least 1 upper case character.
2. Setup Table of Contents
Let’s use the addAction function from an example ContactsController class. As shown below on line 32, we have a displayErrors property for the View class. We generally set this value to a function call called getErrorMessages on the model. In this case, we are using the $contacts model because we want to add a new contact.
Figure 1 - Controller side setup
In the form you have two ways display errors:
- At the very top after the opening form tag.
- As an optional parameter in a function call to the FormHelper class for an input.
The form setup is shown below in figure 2.
Figure 2 - Form setup
The result of submitting a form without entering required input is shown below. Note the box above all for elements. All action items will be listed here. Notice that since we added $this->displayErrors as an argument for the FormHelper::inputBlock for first name that the same message is below it as well along with styling around the input field.
Figure 3 - Front end messages
3. Validation Rules Table of Contents
First step is to create a validator function in your model class. The structure looks as follows:
public function validator(): void {
// Enter your validation function calls here.
}
You can easily create a model with this function already created from the console by running the following command:
php console make:model ${Modelname}
Let’s use the MaxValidator for the First Name field in the Contacts model as an example:
$this->runValidation(new MaxValidator($this, ['field' => 'fname', 'rule' => 150, 'message' => 'First name must be less than 150 characters.']));
The function call requires two parameters. The $this keyword and an associative array. Within the associative array you need to define the field, sometimes rule, and a message. Let’s look at the field. Notice that it is a key value pair whose value is the database field or model class’ instance variable called fname. The rule is similar and you can adjust the rule based on how you define this field in the database. Finally, the message key value pair is used to set the the language displayed to the user when validation fails. Within reason, industry standards always recommend utilizing both front end and server side validation.
You can also group several fields together and iterate through them with a foreach loop:
$requiredFields = ['fname' => 'First Name', 'lname' => 'Last Name',
'address' => 'Address', 'city' => 'City', 'state' => 'State',
'zip' => 'Zip', 'email' => 'Email'];
foreach($requiredFields as $field => $display) {
$this->runValidation(new RequiredValidator($this,['field'=>$field,'message'=>$display." is required."]));
}
This method requires a second associative array that contains the instance variables for your model mapped to a string that matches the label on your form. Then you iterate this array through a foreach loop where you create a new instance for the validator object you want to use.