Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Leonid Mamchenkov:
Validating JSON against schema in PHP
Mar 13, 2017 @ 11:13:53

In this new post to his site Leonid Mamchenkov talks about validating JSON content sent to your application to ensure it matches a JSON schema definition.

GitHub was rather slow yesterday, which affected the speed of installing composer dependencies (since most of them are hosted on GitHub anyway). Staring at a slowly scrolling list of installed dependencies, I noticed something interesting.

Of course, I’ve heard of the seld/jsonlint before. It’s a port of zaach/jsonlint JavaScript tool to PHP, written by Jordi Boggiano, aka Seldaek, the genius who brought us composer dependency manager and packagist.org repository.

But JSON schema? What’s that?

From there he gets into a high level definition of what JSON schema is and the similarities it has to XML's structure. He then links to a PHP package that can help with the validation and how to use it (defining a simple JSON file, a schema and the code to perform the evaluation).

tagged: json schema validation package composer tutorial

Link: http://mamchenkov.net/wordpress/2017/03/11/validating-json-against-schema-in-php/http://mamchenkov.net/wordpress/2017/03/11/validating-json-against-schema-in-php/

Full Stack Radio:
59: Jonathan Reinink - Form Hell Part 2: Complex Validation
Feb 27, 2017 @ 09:49:24

On the Full Stack Radio podcast host Adam Wathan is joined once again by Jonathan Reinink to follow up their previous show and talk more about complex validation.

In this episode, Adam and Jonathan continue their discussion about forms from episode 54, this time focusing on the complexities of validation.

Topics mentioned include form requests in Laravel, a forum post about a possible bypass of CVC and ZIP checks with Stripe and HTML5 form validation. You can listen to this latest show either through the in-page audio player or by downloading the mp3 directly. If you enjoy the episode, be sure to subscribe to their feed and follow them on Twitter for updates on when new shows are released.

tagged: fullstackradio jonathanreinink validation complex podcast ep59 adamwathan

Link: http://www.fullstackradio.com/59

Mohammed Said:
Conditional Validation Rules
Jan 17, 2017 @ 09:46:46

Mohammed Said has a new post to his site sharing how you can add validators conditionally in Laravel based on different requirements using the "sometimes" method.

Laravel's validation library is very powerful and easy to use, using a few keystrokes you can build a strong defence around your application, preventing invalid user input from corrupting the application flow and potentially introducing bugs.

In this post I'd like to highlight a trick related to conditionally adding validation rules, this trick is specially important since I've seen many people on Laravel's GitHub repository opening issues complaining about an un-expected validator behaviour.

He sets up a simple scenario where the "subject" value is required allowing for a custom value but validating the length if custom is selected. He then shows how to modify things to use the "sometimes" method for conditional checks for the same "custom" checking. He also shows how to pass in multiple fields and how to evaluate a "model exists" for a user.

tagged: conditional validation rules laravel tutorial sometimes

Link: http://themsaid.com/laravel-advanced-validation-conditionally-adding-rules-20170110/

Laravel News:
Learn how to change Laravel’s login validation
Oct 27, 2016 @ 09:42:34

On the Laravel News site there's a quick post looking at Laravel's login validation and how you can make updates to its handling (and where the changes should be made).

Laravel’s included auth system is a great way of scaffolding out a basic flow for authenticating users through a complete registration, login, logout, and forgot password system.

When it’s all setup the login and password reset validation is stored in an AuthenticatesUsers and ResetsPasswords trait. Even though it’s a little hidden away it’s still easy to adjust this to your needs. Let’s take a look at how to adjust this.

The post then breaks each of these down, showing where in the framework source the code lives and how you can update or override the current handling. The login validation lives in the default "AuthenticatesUsers" trait and the password reset verification is in "ResetsPasswords". These can each be overridden in your own controllers as they're just methods included via traits.

tagged: laravel login validation trait tutorial password

Link: https://laravel-news.com/2016/10/login-validation/

Laravel News:
Improvements to the Laravel unique and exists validation rules
Oct 12, 2016 @ 09:36:42

On the Laravel News site there's a new post sharing some improvements with "unique" and "exists" validation that will be a part of the framework starting in version 5.3.18.

Validating requests in Laravel is simple with its ValidatesRequests trait that is automatically included through the BaseController.

It’s powerful and provides a lot of useful rules for common use cases. Two rules, exists() and unique(), are used to validate against data stored in your database. [...] The style of this is not the easiest to remember and it’s something you almost always have to consult the docs on.

Starting with Laravel v5.3.18 both of these rules have been simplified with an introduction of a new Rule class.

They include some code examples of using this new Rule class and how to use it right along side the current validation rule format for more complex validation needs. There's also a mention of an extra "bonus" that comes with the functionality: a conversion method for translating new rules back into strings.

tagged: laravel improvement unique exists validation rule

Link: https://laravel-news.com/2016/10/unique-and-exists-validation/

Matt Stauffer:
Image dimension validation rules in Laravel 5.3
Jul 26, 2016 @ 09:09:18

Continuing his series looking at the features coming in Laravel 5.3, Matt Stauffer has posted his latest article in the series covering some of the image validation rules that the update will include.

In Laravel 5.3, we have a new validation option: image dimensions for image uploads. The validation rule is called dimensions, and you can pass the following parameters to it: min_width, max_width, min_height, max_height, width, height and ratio.

This provides a simplified version of many of these checks you might have been doing manually in the past (and fits in with the Laravel validation structure). He gives a few examples of verifying images from a basic form submission. The validations are put on the "avatar" field and work much like the other validation definitions with the checks "stacked" and separated by the pipe character ("|").

tagged: laravel v53 feature image dimension validation rules

Link: https://mattstauffer.co/blog/image-dimension-validation-rules-in-laravel-5-3

SitePoint PHP Blog:
Drupal 8 Entity Validation and Typed Data Explained
Mar 30, 2016 @ 12:18:28

The SitePoint PHP blog has posted another in its series looking at Drupal 8 functionality today. In this latest post author Daniel Sipos looks at entity validation and typed data and what functionality the project provides over what was offered in previous versions (built on top of the Symfony validation component).

Data validation is a very important part of any application. Drupal 7 has a great Form API that can handle complex validation of submitted data, which can then be turned into entities. However, form level validation is problematic. [...] With the introduction of subsystems such as the REST API, Drupal 8 needed something better to handle this problem. [...] In this article, and its followup, we will explore the Drupal 8 Entity Validation API, see how it works, and how it can be extended.

He starts by looking at typed data and the consistency it provides in working with the metadata on objects. He includes a few examples of defining a string data type with a maximum length. He then applies this to content entities and enforcing the constraints provided by the types. In the next part of this series he'll look at the validation itself and how it works with these types/constraints.

tagged: drupal8 validation entity typed data tutorial introduction

Link: http://www.sitepoint.com/drupal-8-entity-validation-and-typed-data-explained/

SitePoint PHP Blog:
More Tips for Defensive Programming in PHP
Jan 25, 2016 @ 12:07:48

The SitePoint PHP blog has posted a tutorial continuing on from some previous advice with even more defensive programming practices you can use in your PHP applications.

Many people argue against defensive programming, but this is often because of the types of methods they have seen espoused by some as defensive programming. Defensive programming should not be viewed as a way to avoid test driven development or as a way to simply compensate for failures and move on. [...] What are these methods, if not ways to anticipate that your program may fail, and either prevent those, or else ways in which to handle those failures appropriately?

They go on to talk about the ideas of "failing fast" when errors happen in your application with an extra suggestion added on - "fail loud" too. The tutorial then looks at four different places where more defensive programming techniques can be applied (and how):

  • Input validation
  • Preventing Accidental Assignment in Comparisons
  • Dealing with Try/Catch and Exceptions
  • Transactions

They end with a recommendation that, while you should fail fast and loud when issues come up, be sure it's not to the determent of the overall user experience or sharing messages with users that may just confuse them.

tagged: tutorial series defensive programming tips failfast input validation assignment trycatch transaction

Link: http://www.sitepoint.com/more-tips-for-defensive-programming-in-php/

Matt Stauffer:
Form array validation in Laravel 5.2
Dec 17, 2015 @ 11:23:35

Matt Stauffer has kicked off a new series on his blog about some of the new features in Laravel 5.2 and how to use them effectively. In this first part of the series he looks at form array validation and using it on more complex form submissions.

Form array validation simplifies the process of validating the somewhat abnormal shape of data HTML forms pass in when the array syntax is used. If you're not familiar with it, a common use case is when you allow a user to add multiple instances of the same type on one form.

[...] But how do we validate this? Prior to 5.2, it's a bunch of manual work. Now, Laravel understands this nesting structure and can validate against it uniquely.

He compares the new validation handling with a standard validator (for a single text string) and shows how a "dot" (period) notation can be used to define the more complex rules. You can even use asterisks for wildcard making at any level. Definitely a nice addition to the validation handling in the framework.

tagged: form validation array laravel5.2 version wildcard complex tutorial series part1

Link: https://mattstauffer.co/blog/form-array-validation-in-laravel-5-2

ThePHP.cc:
How to Validate Data
Nov 10, 2015 @ 10:18:52

In this post to thePHP.cc site Sebastian Bergmann looks at validation data, both in the sense of user input and the contents of objects you're application is currently working with.

Validating data seems to be one of the most important tasks of an application. After all, you cannot trust data from external sources. So let us have a look at how to efficiently implement data validation.

He gives an example of a user profile with requirements on the data it should contain. He focuses on the email address property as it's one of the easier options to validate (or is it). He walks through the usual progression from controller injection to setter injection of the value but wonders when the validation should happen to keep the Profile object from becoming invalid. He points out that simply having a validate method perform the checks isn't enough as it may not always be called correctly, leading to potentially invalid objects. Instead he recommends an alternative - using a validator object/tool in the setters of your object instance as the values are set. This prevents the object from getting into an unknown state and provides immediate feedback to the developer when something's wrong.

tagged: data validation object recommendation setter business rules

Link: https://thephp.cc/news/2015/11/how-to-validate-data