Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:100434
Return-Path: <TonyMarston@hotmail.com>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 25088 invoked from network); 7 Sep 2017 08:40:07 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 7 Sep 2017 08:40:07 -0000
X-Host-Fingerprint: 62.31.75.76 76.75-31-62.static.virginmediabusiness.co.uk  
Received: from [62.31.75.76] ([62.31.75.76:9825] helo=localhost.localdomain)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id 3C/DD-10715-4E501B95 for <internals@lists.php.net>; Thu, 07 Sep 2017 04:40:06 -0400
Message-ID: <3C.DD.10715.4E501B95@pb1.pair.com>
To: internals@lists.php.net
References: <CAGa2bXafM0QgMdCuUfEnNcejHAi208=4tCqbi1APT20Z_jcvuQ@mail.gmail.com>   <CADyq6s+QpHB2iPb=T=M2NL1aUTS=Uuf07WpQR5j26kFKDCxzpg@mail.gmail.com> <0C7F986C-B0BC-4315-98ED-B4FD003B9399@gmail.com> <CAGa2bXa-6kN1yEbnVzbReLX3qH2gVJ5LTmfR31jOp_GwASbrrA@mail.gmail.com> <e14c1e6f-4677-6a87-ef30-e3e627c26270@lsces.co.uk> <c08cbbf5-fb27-7c50-3bcc-c89ccfbd6202@rhsoft.net> <2a4491b4-e6f5-4297-beec-363f373a93e6@lsces.co.uk> <3f8be7b1-0e59-21c6-4fe8-8299b2c05645@rhsoft.net> <6ba62d62-f1ab-9e7b-93f0-a1a9238c47a6@lsces.co.uk> <CAGa2bXYch8UJ70No=UvqtQ79pKbJ1MRtHN0QLk8kCSV+yhMNbg@mail.gmail.com> <f8959d0a-429f-4efc-8682-572680a075fa@lsces.co.uk> <E83D7E80-5DC8-49AC-9FA6-D6C1A42ADAE7@gmail.com> <0db9cfa3-2b31-ee41-713c-889b7cc06406@lsces.co.uk> <E9DCBF61-8B3D-41C3-9D09-61C6CC8810F3@gmail.com> <CA+kxMuSuB7xcMYXcsVj4NDZKwBZWq3sbt2h6s9J4QxzOcfCTHg@mail.gmail.com> <B234C70B-2012-443B-967D-C819D65C9C5B@gmail.com> <CA+kxMuSL1kEW60S7DFJb06+r2Q3rC1ueeWU1jAP78FY65aJoDg@mail.gmail.com>
In-Reply-To: <CA+kxMuSL1kEW60S7DFJb06+r2Q3rC1ueeWU1jAP78FY65aJoDg@mail.gmail.com>
Date: Thu, 7 Sep 2017 09:40:00 +0100
Lines: 6
MIME-Version: 1.0
Content-Type: text/plain;
	format=flowed;
	charset="utf-8";
	reply-type=original
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
Importance: Normal
X-Newsreader: Microsoft Windows Live Mail 16.4.3564.1216
X-MimeOLE: Produced By Microsoft MimeOLE V16.4.3564.1216
X-Posted-By: 62.31.75.76
Subject: Re: [PHP-DEV] A validator module for PHP7
From: TonyMarston@hotmail.com ("Tony Marston")

"Dan Ackroyd"  wrote in message 
news:CA+kxMuSL1kEW60S7DFJb06+r2Q3rC1ueeWU1jAP78FY65aJoDg@mail.gmail.com...
>
>On 6 September 2017 at 13:31, Rowan Collins <rowan.collins@gmail.com> 
>wrote:
>> I'm going to assume that the code you posted was something of a straw
>> man, and you're not actually advocating people copy 20 lines of code for
>> every variable they want to validate.
>
>You assume wrong. No it's not, and yes I am.
>
>I can point a junior developer at the function and they can understand it.
>
>If I ask that junior developer to add an extra rule that doesn't
>currently exist, they can without having to dive into a full library
>of validation code.
>
>If I need to modify the validation based on extra input (e.g whether
>the user has already made several purchases, or whether they're a
>brand new signup), it's trivial to add that to the function.
>
>This is one of the times where code re-use through copying and pasting
>is far superior to trying to make stuff "simple" by going through an
>array based 'specification'. It turns out that that doesn't save much
>time to begin with, and then becomes hard to manage when your
>requirements get more complication.

As a person who has been developing database applications for several 
decades and with PHP since 2003 I'd like to chip in with my 2 cent's worth. 
Firstly I agree with Dan's statement:

This type of library should be done in PHP, not in C.

Secondly, there is absolutely no way that you can construct a standard 
library which can execute all the possible validation rules that may exist. 
In my not inconsiderable experience there are two types of validation:
1) Primary validation, where each field is validated against the column 
specifications in the database to ensure that the value can be written to 
that column without causing an error. For example this checks that a number 
is a number, a data is a date, a required field is not null, etc.
2) Secondary validation, where additional validation/business rules are 
applied such as comparing the values from several fields. For example, to 
check that START_DATE is not later tyhan END_DATE.

Primary validation is easy to automate. I have a separate class for each 
database table, and each class contains an array of field specifications. 
This is never written by hand as it is produced by my Data Dictionary which 
imports data from the database schema then exports that data in the form of 
table class files and table structure files. When data is sent to a table 
class for inserting or updating in the database I have written a standard 
validation procedure which takes two arrays - an array of field=value pairs 
and a array of field=specifications - and then checks that each field 
conforms to its specifications. This validation procedure is built into the 
framework and executed automatically before any data is written to the 
database, so requires absolutely no intervention by the developer.

Secondary validation cannot be automated, so it requires additional code to 
be inserted into the relevant validation method. There are several of these 
which are defined in my abstract table class and which are executed 
automatically at a predetermined point in the processing cycle. These 
methods are defined in the abstract class but are empty. If specific code is 
required then the empty class can be copied from the abstract class to the 
concrete class where it can be filled with the necessary code.

If there are any developers out there who are still writing code to perform 
primary validation then you may learn something from my implementation.

If there are any developers out there who think that secondary validation 
can be automated I can only say "dream on".

-- 
Tony Marston