Ticket #515 (assigned enhancement)

Opened 5 months ago

Last modified 5 months ago

New Validation Plugin

Reported by: lmajano Assigned to: lmajano (accepted)
Priority: normal Milestone: 3.0.0
Component: Plugins General Version:
Severity: normal Keywords:
Cc:

Description (Last modified by lmajano)

This plugin idea comes thanks to Josh Giese. The idea behind the validation plugin is to be able to create rules to validate incoming data. You can define the rules in a simple structure that can be sent to the validation plugin for validation. The plugin would read the RC and validate against these rules, producing an results structure as each rule is validated. Rules can also be created as validation beans (cfc). Where you can share validation rules for certain criterias.

Example

rules["username"] = "required"
rules["password"] = "required"

Cascading rules

rules["username"] = "required|minlength[2]|maxlength[10]"
rules["date"] = "trim|required|valid_date"
rules["content"] = "trim|required|xssclean"

You are basically giving a set of commands to the rules key. The validation plugin will read this rule and create all the necessary rules for each incoming element.

Custom UDF Validation

You will be able to do custom UDF validation also by passing a UDF reference into the rule like "udf_isMyElementValid"

These UDF's must all accept an incoming string variable and return a boolean variable. 

<cffunction name="isMyElementValid" returntype="boolean" access="public">
<cfargument name="Str" type="string">
<cfscript>
if ( trim(str).length() gt 10  and trim(str) neq "whatever" ){
  return true;
}
else{
  return false;
}
</cfscript>
</cffunction>

Validation Rules

Here are some validation rules that could be used

  • required
  • matches-item[item] : the set element must match the parametered item
  • matches-string[string] : the set element must match the parametered string
  • matches-regex[regex pattern] : match a regex expression
  • min-length[x] : the element must have a min length of the param
  • max-length[x] : the element must have a max length of the param
  • exact-length[x] : the element must have an exact length of the param
  • alpha : An element that only has alphabetical chars
  • numeric : A numeric element only
  • alphanumeric : An element that has only alphanumeric chars
  • valid-email : A valid email (single or list)
  • valid-url : A valid url
  • valid-cfuuid : A valid cf uuid number

Cleanup/Setup Commands:

  • cmd-xssclean
  • cmd-striphtml
  • cmd-addhttp
  • cmd-hash[type] : A valid CF hash type

CF Commands:

Any cf udf that takes in a string parameter. Below are some useful ones

  • trim
  • urlEncodedFormat
  • htmlEditFormat
  • htmlCodeFormat
  • paragraphFormat
  • urldecode
  • binarydecode

Change History

08/12/08 18:15:42 changed by sullah

Additional supporting units

  • AntiSamy? for cross-site protection for HTML/CSS
  • SQL Injection Protection
  • Banned IP addresses
  • Client Side Validation by Spry
  • Client Side validation by jQuery

08/24/08 17:20:58 changed by lmajano

  • status changed from new to assigned.
  • description changed.

08/24/08 17:23:39 changed by lmajano

  • description changed.
Copyright 2006 ColdBox Framework by Luis Majano