Validating a single page post
Permalink
Is there a built in way to validate data submitted such as a blocks validate method?
I just need to ensure a few inputs have values before the single page gets posted.
Should I use javascript, or can I do this from a controller?
I just need to ensure a few inputs have values before the single page gets posted.
Should I use javascript, or can I do this from a controller?
If its a dashboard page, the $this->error([messages]) gets automatically reported as a list in a red box and is the preferred way to show an input error.
Hey MrK, Only dashboard.
javascript and input attributes ar fine as long as a cheated validation can't lead to a security breach.
Where cheated validation could lead to a security breach of failure beyond the page itself, then you need to vaidate on the server.
Where cheated validation could lead to a security breach of failure beyond the page itself, then you need to vaidate on the server.
can u provide me an example of the $this->error method? Currently my single page is posted via form method=post, action=controller function. If validation is done on the server, then the form must post an ajax request?
Currently I'm using javascript from the single page like this:
//Validate
$('.quick-events-add-event').submit(function(event) {
var dates = 0;
var errorMessage = '';
$('.start-selectors').each(function(index) {
var startDate = $(this).find('.quick-event-date-selector').val();
if ( startDate.length > 0 ) {
dates++;
} else {
var itemNumber = index + 1;
errorMessage = errorMessage + '<span>' + '<?=t('Please add start date to date entry')?> #' + itemNumber + '</span>';
}
});
var eventName = $('#eventName').val();
if ( eventName ) {Viewing 15 lines of 34 lines. View entire code block.
There are plenty of examples in core dashboard pages.
This is a quick (untested) trivial example I have just cooked up.
This is a quick (untested) trivial example I have just cooked up.
function save(){ if(!$this->post('my_text')){ $this->error->add(t("My Text is required. You cant leave it empty.")); } // // .... more validation // if (!$this->error->has()) { // actually save the post data // ... // and confirm success $this->set('success', t('It worked, your data has been saved')); // also works with 'message' } }
I think there is also a js equivalent ccm method that shows an error in the same way, but cant find an example or docs.
(Likely to be another case of everyone inventing their own way because the provided way isn't clearly documented)
(Likely to be another case of everyone inventing their own way because the provided way isn't clearly documented)
I ended up using Core::make('helper/validation/error") from a custom controller which passes the error list to the calling method or returns 1. Calling method then decides what to do with error.
Is this a single page available to the public or a dashboard single page? I ask because it may affect how you validate and sanitize the input.
It is common to see front end and back end validation used together. Front end validation using JavaScript should not be used in place of back end validation, due to it being easier to bypass - back end validation is always required.
In dashboard single pages, I believe you can use $this->error. It is made available for use in the DashboardPageController class using the validation/error helper service which creates an Concrete\Core\Error\Error object.
https://github.com/concrete5/concrete5/blob/develop/concrete/src/Pag...
With the error object, you can use methods like add(), has(), getList(), output().
In single pages, I believe you have to create your own error object.
5.7:
- import Application
use Concrete\Core\Support\Facade\Application;
- create and use your error object
In 5.8, I believe $this->app is available without importing Application:
There are many variations and ways to do this, this is just one.