As challenged by a tweet, this library extracts validation
rules and filters from a html form and validates submitted user data against it.
It’s pretty crazy what you have to do to get a form build in frameworks. Create a lot of php classes for elements,
validation, etc. So why not build a html form and use the standard element attributes to extract the validation rules
and filters. Together with some powerful html compliant data attributes you can create forms, customize validation
rules and filters in one place.
Installation
1
$ composer require xtreamwayz/html-form-validator
How does it work?
1. Build the form
Create the form from html. Nothing fancy here. Create the form with the form
factory from a html form and optionally default values. Only the first
<form></form> element is processed. Following form elements or html code
outside the first form element is ignored.
The FormFactory creates and returns a Form instance with a new Laminas\InputFilter\Factory and
Laminas\InputFilter\InputFilter.
The Form automatically creates default validators and filters for all input elements.
The Form extracts additional custom validation rules and filters from the form.
The Form optionally injects default data into the form input elements.
2. Validate the form
The easiest way is to use a framework that uses PSR-7 requests.
1
2
3
// Validate PSR-7 request and return a ValidationResponseInterface
// It should only start validation if it was a post and if there are submitted values
$validationResult=$form->validateRequest($request);
Submitted data should be valid if it was a post and there are no validation messages set.
1
2
3
4
5
6
7
8
9
// It should be valid if it was a post and if there are no validation messages
if($validationResult->isValid()){// Get filter submitted values
$data=$validationResult->getValues();// Process data
returnnewRedirectResponse('/');}
If PSR-7 request methods are not available, you might can check for a valid
post method yourself.
Last step is rendering the form and injecting the submitted values and validation messages.
1
2
3
4
// Render the form
returnnewHtmlResponse($this->template->render('app::edit',['form'=>$form->asString($validationResult),]));
If you don’t want the values and messages injected for you, just leave out the validation result.
1
echo$form->asString();
Before rendering, the FormFactory removes any data validation attributes used to instantiate custom validation
(e.g. data-validators, data-filters). This also removes possible sensitive data that was used to setup
the validators.
The $validationResult is optional and triggers the following tasks:
The FormFactory injects filtered submitted data into the input elements.
The FormFactory adds error messages next to the input elements.
The FormFactory sets the aria-invalid="true" attribute for invalid input elements.
The FormFactory adds the bootstrap has-danger css class to the parent element.
Submit button detection
Who doesn’t want to know which button is clicked? For this to work the submit button must have a name attribute set.