"Lester Caine" wrote in message
news:fe222876-6875-3f07-e25b-aea2cbbed...@lsces.co.uk...
On 14/08/16 09:50, Tony Marston wrote:
If you are still writing code to perform primary validation on each
field then your coding style is way behind the times.
At some point you need to know the rules that wrap each field you are
working with.
My automatic validation routine has the following method signatures:
a) $fieldarray = $valiationObj->validateInsert($fieldarray, $fieldspecs);
b) $fieldarray = $valiationObj->validateUpdate($fieldarray, $fieldspecs);
$fieldarray is an associative array of 'name=value' pairs, such as supplied
in the $_POST array.
$fieldspecs is a multi-level array in the form 'name=specs' where 'specs' is
an array of specifications for that particular field/column. The specs
provide values for type (string, number, date, time, datetime), size, and
nullable. Numbers may also have values for minvalue, maxvalue, precision and
scale.
The operation of each of these two methods is very simple - it iterates
through the two arrays and checks that each value matches its
specifications. Any error messages are added to the $this->errors array, not
thrown as exceptions.
The origins of $fieldarray should be obvious. The $fieldspecs array is
constructed from data which is originally extracted from the database
schema, imported into my Data Dictionary, then exported into a PHP script
which is then included when the table's class is instantiated.
This means that I never have to write code to perform such validation as my
validation routine does everything that is necessary. I can even change the
structure of a table without having to change any code - after changing the
structure I simply re-import the table into my Data Dictionary and re-export
the PHP script. I have been doing it this way for over a decade, so when I
see people still writing reams of code for such a common function I just
have to question their ability as programmers. Even worse are those who
don't have the ability to write a standard validation routine so they want
to change the language so that it performs the validation for them.
The sort of forms I work with have individual rules for
probably 90% of them. I'd dropped browser side checks from some site
upgrades simply to speed getting the code over and the old js/flash
solutions are no longer PC, so I'm looking to a new standard to restore
what the sites did 15 years ago! Clients like when the browser says not
valid rather than hving to press submit and wait for the new page ...
If you want the language to change to perform this validation for you I
would strongly suggest that you first learn how to write a standard
validation function in userland code - which I did over 10 years ago -
instead of trying to make the language more complicated just to cover up
your own shortcomings.
My 'complaint' if anything is that EVERYBODY does that now and there is
no problem with that, EXCEPT every solution has it's own style of
working and coding
As validation code has to be written by the developer then of course there
will be differences in the code produced by different developers. That is a
fact of life. The efficacy of the solution is down to the skill of the
individual developer, and it is another fact of life that some developers
have more sills than others.
so there is no 'standard' way of passing the key
annotation that all of these systems use. Everything is built around a
set of variables? There are so many different database abstraction
layers even built on top of PDO that people simply hack them to their
own purpose rather than more effort being put into producing a base that
we can all put effort towards improving. And where PHP does not have a
style people like they go off and produce a new language.
Data validation should never be performed in the data access layer. It
should be performed in the business layer so that only valid data is passed
to the data access layer.
I'm not against all of the different styles of working, just looking to
improving the common standards of the base set of variables they are
built on top of. So I have some reason to change the remaining legacy
sites which are just working fine as long as you babysit them.
Data validation has to be performed in userland code, so there will never be
a "standard" method. Some methods are better than others, and IMHO the
method which requires the least amount of effort on the part of the
developer is the best method.
--
Tony Marston
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
