Henry Weismann's Personal Blog

Url Segment Validation Helper Function For CodeIgniter

by on Feb.22, 2011, under Web Development

Here is a snippet for validating url segments.  I wanted something similar to form validation for validating url segments.  Basically to be able to use any form validation function, helper, php or callback functions to validate passed data.  I have seen countless programmers not check data passed via the url and leading to broken CI pages…for example if they don’t check that they actually got a database result when using an id passed via the url that is not what was expected or they don’t check a passed argument is non zero number.  For example it’s also handy for things like checking that a passed user id is the current logged in user too.  Any function you want to use you can…you can even use the 2nd argument like match[1].  You can also pass FALSE as the site url and it will return the FALSE or TRUE result if fails or passes validation.

In this example I immediately redirect with an error if one of the checks fails but it uses my set_message() function.  So just take that out or add your own function for setting the user message. You can redirect to an error page to show the message or a pretty oops error page.

This could be further enhanced to use the validation language capabilities and maybe added to the url class and allow you to save rules in a config file but here goes a barebone helper function:

/** 
* Validates data passed via the url by segment number. 
* Redirects on fail to specified site url or returns result
* if the passed $site_url param is bool FALSE.  Returns the segment 
* data on success or returns the formatted data if a prepping function was used.
* @param string 
* @param string 
* @param string 
* @return bool or data 
*/ 
 
function validate_segment($segment, $rules, $site_url = TRUE)
{
        $CI = &get;_instance();    
        $CI->load->library('form_validation');
        $data = $CI ->uri->segment($segment);
        
        $rules = explode('|',$rules);
        
        if(!in_array('required', $rules) && $data == '')
        {
            return $data;
        }        
    
        if (in_array('required', $rules) AND $data == '')
        {
            set_message('The url has missing data.','error');
                
            if($site_url)
            {
                $site_url = is_string($site_url) ? $site_url : '';
                redirect($site_url);
            }
        }
        // --------------------------------------------------------------------
        // Cycle through each rule and run it
        foreach ($rules As $rule)
        {
            if($rule == 'required')
            {
                continue;
            }
            
            // Is the rule a callback?            
            $callback = FALSE;
            if (substr($rule, 0, 9) == 'callback_')
            {
                $rule = substr($rule, 9);
                $callback = TRUE;
            }
            
            // Strip the parameter (if exists) from the rule
            // Rules can contain a parameter: max_length[5]
            $param = FALSE;
            if (preg_match("/(.*?)\[(.*?)\]/", $rule, $match))
            {
                $rule    = $match[1];
                $param    = $match[2];
            }
            
            // Call the function that corresponds to the rule
            if ($callback === TRUE)
            {
                if ( ! method_exists($CI, $rule))
                {         
                    $validates = FALSE;
                }
                
                if($param)
                {
                    $result = $CI->$rule($data, $param);    
                }                        
                else
                {
                    $result = $CI->$rule($data);
                }
    
            }
            else
            {                
                if ( ! method_exists($CI->form_validation, $rule))
                {
                    // If our own wrapper function doesn't exist we see if a native PHP function does. 
                    // Users can use any native PHP function call that has one param.
                    if (function_exists($rule))
                    {
                        if($param)
                        {
                            $result = $rule($data, $param);    
                        }                        
                        else
                        {
                            $result = $rule($data);    
                        }
                    }
                    
                }
                else
                {
                    if($param)
                    {
                        $result = $CI->form_validation->$rule($data, $param);
                    }
                    else
                    {
                        $result = $CI->form_validation->$rule($data);
                    }
                    
                }
            }
            
            //is it a bool or did the function change the data and send it back
            $data = (is_bool($result)) ? $data : $result;
            
            // Did the rule test negatively?  If so, grab the error.    
            if(is_bool($result) && $result === FALSE)
            {
                if($site_url)
                {
                    $site_url = is_string($site_url) ? $site_url : '';
                    set_message('The url has incorrect data.','error');
                    redirect($site_url);
                }
                
                return $data;                
            }
    
        }
        
    return $data;
}  

Usage:

$id = validate_segment('3', 'required|is_natural_no_zero');
$user_id = validate_segment('4', 'required|is_natural_no_zero|is_admin|is_current_user');
$page_name = validate_segment('5', 'alpha_dash');  

That’s 3 short lines of code to run 7 validation functions and redirect with a message if any of the passed data is not what you wanted.

Let me know if anyone finds it useful.


Leave a Reply

Looking for something?

Use the form below to search the site:

Still not finding what you're looking for? Drop a comment on a post or contact us so we can take care of it!

Blogroll

A few highly recommended websites...

    Archives

    All entries, chronologically...