Another question: How do array variables get registered with the sanitizer? Do I "register" each sub-variable name? Is there a sanitizer group to define an array variable?
Printable View
Another question: How do array variables get registered with the sanitizer? Do I "register" each sub-variable name? Is there a sanitizer group to define an array variable?
Hi
So yes there is hope :)
I would forget about changing id -> attr_info, especially if it is likely to break other code.
The new version of the adminSanitizer class i'm currently working on. will allow you to override sanitization on a per page basis. So even if we give a
general sanitizer for the id parameter, you will be able to override that for edit orders.
So at the moment there is no way of defining sanitization except at a top level basis,
so I can't add sanitizers at a sub level at the moment
However again, I'm currently working on a MUTLI_DIMENSIONAL sanitizer that allows you to define something like
PHP Code:
$group = array(
'id' => array('sanitizerType' => 'MULTI_DIMENSIONAL',
'method' => 'post', 'pages' => array('edit_orders'), 'params' => array('id'=>'CONVERT_INT', 'name'=>'WORDS_AND_SYMBOLS_REGEX')));
at the moment this still doesn't let you recurse even deeper.
so if you look at edit orders it creates a post array
PHP Code:
[update_products] => Array
(
[13] => Array
(
[qty] => 1
[name] => Microsoft IntelliMouse Explorer
[onetime_charges] => 0.0000
[attr] => Array
(
[3] => Array
(
[value] => 11
[type] => 0
)
)
[model] => MSIMEXP
[tax] => 0
[final_price] => 70.95
and MULTI_DIMENSIONAL doesn't allow you to define a deep sanitizer for [attr]
what I want to happen is to allow you to define MUTLI_DIMENSIONAL within an outer MUTLI_DIMENSIONAL, but as you can imagine, that involves
some wonderful recursive structures/code.
Oh boy! Recursion! That's always fun ... especially to debug.
It also reminds me of one of my favorites (seen in a tongue-in-cheek document index):
Recursion: See recursion.
:D
Hoping to finish the code for this tonight.
The data structure for defining the sanitization would be
It should be noted that you don't necessarily have to go to this level of sanitizing, but I feel it should be available.PHP Code:
$group = array(
'update_products' => array(
'sanitizerType' => 'MULTI_DIMENSIONAL',
'method' => 'post',
'pages' => array('edit_orders'),
'params' => array(
'update_products' => array('sanitizerType' => 'CONVERT_INT'),
'qty' => array('sanitizerType' => 'CONVERT_INT'),
'name' => array('sanitizerType' => 'WORDS_AND_SYMBOLS_REGEX'),
'onetime_charges' => array('sanitizerType' => 'SIMPLE_ALPHANUM_PLUS'),
'attr' => array(
'sanitizerType' => 'MULTI_DIMENSIONAL',
'params' => array(
'attr' => array('sanitizerType' => 'CONVERT_INT'),
'value' => array('sanitizerType' => 'CONVERT_INT'),
'type' => array('sanitizerType' => 'CONVERT_INT')
)
),
'model' => array('sanitizerType' => 'WORDS_AND_SYMBOLS_REGEX'),
'tax' => array('sanitizerType' => 'SIMPLE_ALPHANUM_PLUS'),
'final_price' => array('sanitizerType' => 'SIMPLE_ALPHANUM_PLUS'),
)
)
);
My most recent changes are here
https://github.com/zcwilt/zc-v1-seri...9ff41070bab641
however that doesn't yet have code to do the MULTI_DIMENSIONAL recursion.
Looks good, wilt; that's how I was envisioning the configuration. I'll watch for your updates.
So I think I am close to a finished solution now
https://github.com/zcwilt/zc-v1-seri...aee0cdd95199cb
Just a couple of things left to do
Add some more unit tests
and update the Documentation for the Admin Sanitizer
It's looking good, so far! I'll keep at it and let you know if I come across anything.
I'm working on updated documentation, and probably some expanded tests.
Will post here once done.