cakephp 2.x include userExists in validating login - validation

I'm new to CakePhp, I'm using CakePhp 2.x.
I am probably going about solving the problem below the wrong way. And I just know I'm overlooked something real simple but,.....
I'm validating login details based on 'Between 5 to 15 characters' they are retuning errors as expected.
[The MODEL]
public $validate = array(
'username' => array(
'between' => array(
'rule' => array('between', 5, 15),
'message' => 'Between 5 to 15 characters'
)
),
'password' => array(
'rule' => array('minLength', '8'),
'message' => 'Minimum 8 characters long'
)
);
[The CONTROLLER]
public function login() {
if ($this->request->data) {
$this->User->set($this->request->data);
if ($this->User->validates() && $this->Auth->login()) {
if ($user = $this->Auth->user()) {
$this->render($this->Auth->redirect());
}else{
//??
}
}else{
$this->User->create();
pr($this->User->invalidFields());
$errors = $this->User->validationErrors;
$data = compact('errors');
$this->set('errors', $data);
$this->set('_serialize', array('errors'));
$this->Session->setFlash('Your username/password combination was incorrect');
}
}
}
So, the problem is, if the fields follow the rules in the model above even if the login details (the user) doesn't exist, no errors will be returned (no good). Would it be correct to add an other validation for this, adding another rule to check if that user actually exists? If so how!?
Or, do I work this into the controllers login function checking if the user exists? I'm a little confused now. Maybe I've been looking at the screen for too long.
Thanks.

Would it be correct to add an other validation for this, adding
another rule to check if that user actually exists? If so how!?
You can add as many rules as you want. In this case you want the rule "unique". Read this section of the book about data validation.
Or, do I work this into the controllers login function checking if the
user exists?
All data manipulation and validation should happen in the model layer of the MVC stack. So put everything into a model method and pass the post data to it and validate it there. You can put all logic into the controller to but that's stupid in terms of not following the MVC pattern. Models can be shared between shells and controllers for example, a controller not. Again you could instantiate a controller in a shell but doing all of this negates any benefit and idea the MVC pattern has. Also a model is competitively easy to test. And yes, you should unit test your code. Check how our users plugin is doing it for example.

You can specify multiple rules per field...
Follow this link to learn more about it...
http://book.cakephp.org/2.0/en/models/data-validation.html#multiple-rules-per-field
a sample code is given below
<?php
[IN The MODEL]
//the following code checks if the username is notempty, is a valid email and is it already taken or not...
public $validate = array(
'username' => array(
'notempty' => array(
'rule' => array('notempty'),
'message' => 'Please enter a valid email.',
),
'email' => array(
'rule' => array('email'),
'message' => 'Please enter a valid email.',
),
'isUnique' => array(
'rule' => 'isUnique',
'message' => 'This username has already been taken.'
)
)
);
?>

Related

How to validate HTML response in post array in codeigniter

I am using tinymce for to add user cover letter related to the application.
This what my post array look like:
Array
(
[cover_letter] => <p>Test Cover Letter</p>
<ol>
<li>Need to save this data</li>
</ol>
<p><strong>Thanks</strong></p>
)
Simply I have used the require validation rule for this.
'candidate_cover_letter' => array(
array(
'field' => 'cover_letter',
'label' => 'Cover Letter',
'rules' => 'required'
)
)
I get the validation error regarding this like Cover Letter require.
I have two main problem:
How to validate HTML post array data
Is this best practice to save data like this? if no then how should i save this data?
First of all, in Codeigniter if we want to do form validations we need to go like this :
$config = array(
array(
'field' => 'username',
'label' => 'Username',
'rules' => 'required'
),
array(
'field' => 'password',
'label' => 'Password',
'rules' => 'required',
'errors' => array(
'required' => 'You must provide a %s.',
),
)
);
$this->form_validation->set_rules($config);
You can refer here
so, your code here should be like this in the controller:
$config =array(
array(
'field' => 'cover_letter',
'label' => 'Cover Letter',
'rules' => 'required'
)
);
$this->form_validation->set_rules($config);
You can add extra fields in the $config like the example above.
Another thing that you asked, "How you should save the data ?"
I would suggest you to use a field in the database table with type "TEXT" and it should be okay for you.
After you hit submit you get redirected back to your controller somewhere. One way to utilize CI form validation is:
//look to see if you have post data
if($this->input->post('submit')){
//points to applications/config/form_validation.php (look at next chucnk to set form_validation.php)
if($this->_validate('cover_letter')){
//rest of your post logic
//get data to upload to database
$data = [
'cover_letter'=>$this->input->post('cover_letter'),
'user_id'=>$this->input->post('user_id')
];
//save data to database ..also this should be moved to a model
$this->db->insert('name of table to insert into', $data);
}
//if you post doesnt not get validated you will fall here and if you have this chucnk of code in the same place were you have the logic to set up the cover letter you will see a pink message that says what ever error message you set up
}
Set up form validation.php
<?php
$config = [
//set up cover letter validation
//$this->_validate('cover_letter') maps to here and checks this array
'cover_letter' => [
[
'field'=>'cover_letter',
'label'=>'Cover Letter Required',//error message to return back to user
'rules'=>'required'//field is required
],
//example to add additional fields to check
[
'field'=>'observations',
'label'=>'Observations',
'rules'=>'required'
],
],
]

cakephp saveAssociated and validation foreign_key fails

I have two models that we're going to name Model and RelatedModel. Model has many RelatedModel. So if I add foreign key validation on validation array like:
public $validate = array(
'foreignKey' => array(
'rule' => 'numeric',
'required' => true,
'message' => 'The id of relatedmodel should be a number'
)
)
After I create a add() function to save new registers and in this function I use saveAssociated with validation true, this one fails throwing an error 'The id of relatedmodel should be a number'.
I'm debugging the code and saveAssociated checks validation of both models at the same time and before save Model.
Is this an issue?
I think what this function should do is to validate Model, save it, add foreignKey of RelatedModel and then validate it before save.
I came into this issue only recently. It's not an issue, saveAssociated() is designed to work this way unfortunately.
What you can do is alter the required => true on the fly using the model validator. Check out the book for more information.
http://book.cakephp.org/2.0/en/models/data-validation.html#dynamically-change-validation-rules
This is working as would be expected with your given rule. required in Cake means it expects the value of foreignKey to be set in the save data prior to saving. All the validation will happen before Cake saves the data (and therefore before foreignKey is generated).
You shouldn't need to validate that it is numeric if you are allowing Cake to generate this for you behind the scenes. If you want to check that it is being passed in the data for an UPDATE you could modify the required to be only for an update like this:-
public $validate = array(
'foreignKey' => array(
'rule' => 'numeric',
'required' => 'update',
'message' => 'The id of relatedmodel should be a number'
)
)
Personally I wouldn't bother validating foreign keys unless a user is setting them rather than Cake.
Update:
To validate the foreignKey if it exists in a form submission you can drop the required option from the validation rule:-
public $validate = array(
'foreignKey' => array(
'rule' => 'numeric',
'message' => 'The id of relatedmodel should be a number'
)
);
This will allow you to pass data where the foreignKey is not present without throwing a validation error whilst validating it if it is.

Elimiating the need to check for the user in controller

To the point, I'm trying to tighten up my code and stop repeating myself. It's a constant struggle, haha
In both my views and my controllers I am checking to see if the user is signed in. That is fine, but I would like to only have to check to see if the user is in the view and then display the right content.
Originally, in my controller, I'm seeing if the user is there and then if it is I load the same views with different varables. It seems a bit repetative.
public function recentStories(){
//This pulls back all the recent stories
if (empty($this->user)) {
$this->load->view('header_view', array(
'title' => 'Recent Stories',
));
$this->load->view('storyList_view', array(
'query' => $this->data_model->pullAllStories(),
));
$this->load->view('footer_view');
}else{
$this->load->view('header_view',array(
'user' => $this->users_model->getUser($this->user->user_id),
'title' => 'Recent Stories',
));
$this->load->view('storyList_view', array(
'query' => $this->data_model->pullAllStories(),
'admin' => $this->admin_model->pulladminRecent(),
'user' => $this->users_model->getUser($this->user->user_id),
));
$this->load->view('footer_view');
}
}
Ultimitly, I would like to reduce that chunk down to something like this.
public function recentStories(){
//This pulls back all the recent stories
$this->load->view('header_view',array(
'title' => 'Recent Stories',
));
$this->load->view('storyList_view', array(
'query' => $this->data_model->pullAllStories(),
'admin' => $this->admin_model->pulladminRecent(),
'user' => $this->users_model->getUser($this->user->user_id),
));
$this->load->view('footer_view');
}
but when I do reduce that code and take out the part that checks the user I am getting back an error saying that I'm trying to get property of a non-object. Obviously, that is talking about the user.
To try and fix this I have tried both
<?if(isset($user)){
user header code in here
}else{
non-user header code in here
}?>
and
<?if(!empty($user)){
user header code in here
}else{
non-user header code in here
}?>
both have returned back "Trying to get property of non-object" Any ideas would be much welcomed. I really don't like having excess code.
public function recentStories(){
// default values
$header_data = array('title' => 'Recent Stories');
$storyList_data = array('query' => $this->data_model->pullAllStories());
// extended data for logged user
if (!empty($this->user)) {
$header_data['user'] = $this->users_model->getUser($this->user->user_id);
$storyList_data['admin'] = $this->admin_model->pulladminRecent();
$storyList_data['user'] = $this->users_model->getUser($this->user->user_id);
}
// load your views
$this->load->view('header_view', $header_data);
$this->load->view('storyList_view', $storyList_data);
$this->load->view('footer_view');
}
then in your views check "if (isset($user)) {" etc.

CodeIgniter custom validation errors for each rule per each field

I'm using CodeIngiter 2.1 and I wanna define custom validation errors for each rule per each field. The fields are as follows.
array(
'field' => 'firstname',
'rules' => 'required',
'error' => 'This field cannot be empty.'
),
array(
'field' => 'email',
'rules' => 'required',
'error' => 'The email cannot be empty.'
)
But In CodeIgniter only one error message is defined for one rule. So how to override that one and Please suggest some solutions for getting different errors for perticular field. The work is more appreciated.
Try using the CI function :
set_message();
All of the native error messages are located in the following language file:
language/english/form_validation_lang.php
To set your own custom message you can either edit that file, or use the following function:
$this->form_validation->set_message('rule', 'Error Message');
for more about set_message here
Hope it will help;
I recently made this custom error message option for my codeigniter 3.0-dev applicaiton. Hope this helps anyone out there.
https://gist.github.com/abdmaster/7287962
To use it (example),
$this->form_validation->set_rules('name','Name','required|alpha',array('required' => 'Please fill the field %s .');`
It will work with Base models like jamierumbelow's MY_Model. In your model, you do something like this:
public $validate = array(
'display_name' => array(
'field' => 'display_name',
'label' => 'Display Name',
'rules' => 'trim|required|xss_clean|valid_fullname|is_unique[users_model.display_name]',
'error_msg' => array(
'is_unique' => 'The name in %s is already being used by someone.',
),
),
);
Rest are how we are use normally. Hope these examples are enough.
I haven't tried in v2.1.x but hopefully this will work. Maybe have to do some minor adjustments.

cakePHP optional validation for file upload

How to make file uploading as optional with validation?
The code below validates even if i didn't selected any file.
I want to check the extension only if i selected the the file.
If i am not selecting any file it should not return any validation error.
class Catalog extends AppModel{
var $name = 'Catalog';
var $validate = array(
'name' => array(
'rule' => '/^[a-z0-9 ]{0,}$/i',
'allowEmpty' => false,
'message' => 'Invalid Catalog name'
),
'imageupload' => array(
'rule' => array('extension',array('jpeg','jpg','png','gif')),
'required' => false,
'allowEmpty' => true,
'message' => 'Invalid file'
),
);
}
thanks in advance
"I assign $this->data['Catalog']['image'] = $this->data['Catalog']['imageupload']['name'];"
So by the time you save your data array, it looks something like this I assume:
array(
'image' => 'foobar',
'imageupload' => array(
'name' => 'foobar',
'size' => 1234567,
'error' => 0,
...
)
)
Which means, the imageupload validation rule is trying to work on this data:
array(
'name' => 'foobar',
'size' => 1234567,
'error' => 0,
...
)
I.e. the value it's trying to validate is an array of stuff, not just a string. And that is unlikely to pass the specified validation rule. It's also probably never "empty".
Either you create a custom validation rule that can handle this array, or you need to do some more processing in the controller before you try to validate it.
Concept:
In Controller, before validating, or saving (which does validation automatically by default) check if any file is uploaded. If not uploaded, then unset validator for the file field.
Sample code:
Controller
// is any image uploaded?
$isNoFileUploaded = ($this->request->data['Model']['field_name']['error'] == UPLOAD_ERR_NO_FILE) ? true : false ;
if ($isNoFileUploaded) {
$this->Model->validator()->remove('field_name');
}
Notes:
This solution comes under preprocessing as one of the two alternative approaches (preprocessing in controller, custom validation in model) suggested by #deceze's answer

Resources