Luminova Framework

Security Examples

Last updated: 2024-07-25 19:13:23

Input Validation

To set validation rules you can separate each rule with a parenthesis and parameter in bracket notation.

Adding rule one after another

<?php
$this->validate->addRule('name', 'required|max(10)|alphanumeric', [
    'required' => 'Error message for required',
    'max_length' => 'Error message for max_length',
    'alphanumeric' => 'Error message for alphanumeric'
]);

Setting rules from array.

<?php
$rules = [
    'name' => 'required|max(10)|alphanumeric',
    'age' => 'required|integer|min(2)|max(3)',
    'email' => 'required|email',
];

$errorMessages = [
    'name' => [
        'required' => 'Error message for required',
        'max' => 'Error message for max_length',
        'alphanumeric' => 'Error message for alphanumeric'
    ],
    'email' => [
        'required' => 'The email field is required.',
        'email' => 'The email address [value] is not valid.'
    ],
    'age' => [
        'required' => 'The age field is required.',
        'integer' => 'The age must be an integer.',
        'min' => 'The age minimum length must 2.',
        'max' => 'The age maximum length must 3.'
    ]
];

$this->validate->setRules($rules, $errorMessages);

If you didn't specify the array of error messages on setRules, it will use a default error message.

Additionally rules and errors can be set in a public variable $this->validate->rules and $this->validate->errors.

Input Validation Controller

This simple controller examples shows how you can validate user entries using validator class.

<?php
namespace App\Controllers;

use \Luminova\Base\BaseController;

class UserController extends BaseController
{
    public function userLogin(): void 
    {
        $this->validate->rules = [
            'email' => 'required|email',
            'password' => 'required|min(6)',
        ];

        $this->validate->messages = [
            'email' => [
                'required' => 'Email must not be empty',
                'email' => 'Email address must be a valid email.'
            ],
            'password' => [
                'required' => 'Password must not be empty',
                'min' => 'Password must not be less than 6 characters'
            ],
        ];

        if($this->validate->validate($this->request->getBody())){
            echo "Validation passed";
        }else{
            echo 'Validation failed';
            echo $this->validate->getError();
        }
    }
}

Callback

Defining your own callback validation.

You can define your validation rule in your dev global helper file located in /app/Utils/Global.php.

<?php 
function id_is_integer(mixed $value, string $field): bool
{
    if($field === 'my-user-id'){
         return is_integer($value);
     }

     return true;
}

$this->validate->rules = [
     'my-user-id' => 'required|callback(id_is_integer)'
];