kenjis/secure-validator

Secure input validation library.

dev-master / 1.0.x-dev 2015-07-16 01:23 UTC

This package is auto-updated.

Last update: 2024-11-23 13:34:44 UTC


README

Latest Stable Version Total Downloads Latest Unstable Version License

Scrutinizer Code Quality Coverage Status Build Status

Secure Validator is a library for input validation. It is based on Sirius Validation.

Requirements

  • PHP 5.4.0 or later

Features

Default Rules

Secure Validator promotes strict validation. It sets default validation rules to all fields.

  • ValidUtf8 checks if value is valid UTF-8 character encoding
  • IsString checks if value is string
  • NoControl checks if value does not have control characters (except for tab and newline)

And

  • adds MaxLength 1 letter

That is you have to set (overwrite) max length rule to all fields. You don't forget it.

If a field does not match the default rules, you can remove the rules.

$validator->remove('field', 'ValidUtf8');

Fatal Rules

You can set a validation rule as fatal to detect abnormal input like an attack.

$validator->add('field', 'maxlength', ['max' => 60, 'fatal' => true]);

If a fatal rule fails, exception FatalValidationError will be thrown immediately.

Validated Data

You can get validated data only with $validator->getValidated().

How to Use

See example.php and Sirius Validation Documentation.

$validator = new \Kenjis\Validation\Validator;
$validator->add('field', 'required | maxlength(max=60)');
if ($validator->validate($_POST)) {
    // validation passed
} else {
    // validation failed
}

See Built-in validation rules.

Added Method

Validator::filter()

Add filtering rule of Sirius\Filtration. See Built-in filters.

Validator will apply filters before validation.

$validator->filter('field', 'StringTrim');

Validator::getValidated()

Get validated values.

$allData = $validator->getValidated();

$field = $validator->getValidated('field');

Validator::getInputValue()

Get input value after filtering of specific field.

$field = $validator->getInputValue('field');

Tips

When you set required, if a rule fails, Sirius Validation will not apply any more rules to that field.