validate new conference data

sethjohnson1 / conflist5

Conflist cakePHP5

1 stars 0 forks source link

validate new conference data #15

Closed nilesjohnson closed 2 months ago

nilesjohnson commented 2 months ago

I accidentally submitted an announcement with the contact email as 'none' and, it worked!

nilesjohnson commented 2 months ago

I thought this would be easy to fix, but I didn't follow what's going on here at all. Do I need to add something from there to src/Model/Entity/Conference.php, or is it somewhere else?

Oh, maybe there just any validation yet? The homepage doesn't seem to be validated as a url.

sethjohnson1 commented 2 months ago

Check src/Model/Table/ConferencesTable.php - it just has basic baked rules right now, but the notEmptyString is what adds the required class to each of the input containers. I could not get it to work for Tags, something with the HABTM validation eludes me.

For the email, you're right, but check it now! after d9ca4e3

FWIW, one way to tell which fields are being impacted by the validator by inspecting them:

sethjohnson1 commented 2 months ago

For the URL validation, I suppose it depends how deep you want to go. We should probably at least check for the presence of "http(s)://" and append if necessary - or we could use cURL to fetch the page and make sure it gets something

nilesjohnson commented 2 months ago

I don't think we need to do anything like that for url validation; just the most basic thing to catch typos will be fine. The current setup is almost good enough, but is there a way to add http:// if it's missing? Or, require it to be present? Right now a homepage entry like none.com, will pass validation, and the href for that announcement will be set without http. So, the browser interprets it as https://test.mathmeetings.net/none.com :/

Apparently beforeValidate was in 4.x, but not 5.x. Is beforeRules the thing to use now? I can't really tell how to use it.

sethjohnson1 commented 2 months ago

Hmm... Lots of ways to skin the cat.. I am leaning toward this:

Use JQuery onchange to add the protocol if necessary in real-time
Use urlWithProtocol validator

This will keep the controller, table, validators straightforward. No JS will work with the validation error hinting at the problem

sethjohnson1 commented 2 months ago

NOTE I think the only "backdoor" with this is that with JS disabled, someone could submit a URL with any protocol, such as ftp:// gopher://, etc - if it becomes an issue we could do something on the PHP side

nilesjohnson commented 2 months ago

this looks like it's working just fine