Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:95559
Return-Path: <lester@lsces.co.uk>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 95427 invoked from network); 2 Sep 2016 10:58:12 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 2 Sep 2016 10:58:12 -0000
Authentication-Results: pb1.pair.com header.from=lester@lsces.co.uk; sender-id=unknown
Authentication-Results: pb1.pair.com smtp.mail=lester@lsces.co.uk; spf=permerror; sender-id=unknown
Received-SPF: error (pb1.pair.com: domain lsces.co.uk from 217.147.176.214 cause and error)
X-PHP-List-Original-Sender: lester@lsces.co.uk
X-Host-Fingerprint: 217.147.176.214 mail4-2.serversure.net Linux 2.6
Received: from [217.147.176.214] ([217.147.176.214:58152] helo=mail4.serversure.net)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id B9/54-19490-14B59C75 for <internals@lists.php.net>; Fri, 02 Sep 2016 06:58:11 -0400
Received: (qmail 9324 invoked by uid 89); 2 Sep 2016 10:58:06 -0000
Received: by simscan 1.3.1 ppid: 9317, pid: 9320, t: 0.1702s
         scanners: attach: 1.3.1 clamav: 0.96/m:52/d:10677
Received: from unknown (HELO ?10.0.0.7?) (lester@rainbowdigitalmedia.org.uk@81.138.11.136)
  by mail4.serversure.net with ESMTPA; 2 Sep 2016 10:58:06 -0000
To: internals@lists.php.net
References: <CAGa2bXarw2jTj0yhXpywWNQOJLR2pdhfaqSdwj_btT2giEL15Q@mail.gmail.com>
 <CAGa2bXaA+uvh_wpRAHeiv+Xb-JOrTAkyoe3jzq3FVCEbfja_5w@mail.gmail.com>
 <232F1604-2211-4351-B830-EDC958A25D6D@strojny.net>
 <CAGa2bXb2y4afY28rwdcjgxUEkr41ZPMMdj4dUtMDVtJLBONAbA@mail.gmail.com>
 <2de35db0-9974-cc96-83dd-3d2dbd48f7f8@lsces.co.uk>
 <CAGa2bXYG1Or9+SGf3Rm4Yi5KUQ1mwnffTSSzuwARpy4bFfXB=w@mail.gmail.com>
 <5b72e9da-068a-bc79-82c2-f36f723f42bb@gmail.com>
Message-ID: <819abe3a-5bfc-773a-025d-edfe92961a3a@lsces.co.uk>
Date: Fri, 2 Sep 2016 11:58:05 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101
 Thunderbird/45.2
MIME-Version: 1.0
In-Reply-To: <5b72e9da-068a-bc79-82c2-f36f723f42bb@gmail.com>
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
Subject: Re: [PHP-DEV] [RFC][VOTE] Add validation functions to filter module
From: lester@lsces.co.uk (Lester Caine)

On 02/09/16 11:37, Rowan Collins wrote:
> If somebody's *not* using a library to build the form (e.g. they're
> laying out the HTML by hand), are they likely to set up the complex
> validation settings needed by the filter_* functions?

The main problem is the lack of well built libraries that also take care
of validation. Form Builders don't often include a good validation
model. I've been going through those hoops for the last couple of years.

If we have a set of validated parameters coming in from that form then
as you say do the rules then exist to build a filter array, while I'm
looking to those rules simply to be applied when I save each parameter
to it's internal variable.

A filter of "is this string corrupted with an injection attempt" seems
rather more difficult to define than "email"? And applying the first in
general on every string when there are as set of simple filters that can
be used ... as an alternative to the more difficult to define ones?

-- 
Lester Caine - G8HFL
-----------------------------
Contact - http://lsces.co.uk/wiki/?page=contact
L.S.Caine Electronic Services - http://lsces.co.uk
EnquirySolve - http://enquirysolve.com/
Model Engineers Digital Workshop - http://medw.co.uk
Rainbow Digital Media - http://rainbowdigitalmedia.co.uk