'filter' extension: Initial thoughts

Not for 'how-to' coding questions but PHP theory instead, this forum is here for those of us who wish to learn about design aspects of programming with PHP.

Moderator: General Moderators

Post Reply
User avatar
Ambush Commander
DevNet Master
Posts: 3698
Joined: Mon Oct 25, 2004 9:29 pm
Location: New Jersey, US

'filter' extension: Initial thoughts

Post by Ambush Commander »

First of all, filter is beta software and as such should not be relied on. Second of all, it's only of PHP 5.2.0, so if you want your application to be portable, avoid filter. Finally, the documentation is woefully inadequate, so I'm going off what the tutorial here says.

First of all: filter_has_var() has to be one of the most useless functions ever created. isset($_POST['key']) clocks at 20 characters while filter_has_var(INPUT_POST,'key') has 32 characters, but they do exactly the same thing. I'll reconsider when you allow this syntax: filter_has_var_all(INPUT_POST, 'key1', 'key2', 'key3', 'key4'); I can perhaps see why you'd want to use this for uniformity, but... once again, not convinced of utility.

Second of all: the lack of documentation is a real killer, because how am I supposed to know exactly how the "email" filter works? What kind of emails does it allow? Is it well tested or a haphazard implementation? Does it go RFC or practical?

Third of all: it does have potential. The tutorial doesn't precisely do a very good job of showing us why you'd want to use filter, just how. I expect that a comparison between pre-filter and post-filter code would enlighten us more. __pierre alludes to getting rid of "the isset or is_numeric mess," but the filter syntax seems very verbose as well.
matthijs
DevNet Master
Posts: 3360
Joined: Thu Oct 06, 2005 3:57 pm

Post by matthijs »

Indeed it looks promising. Input filtering is something so basic and necessary in each script that it's quite logical to have a standard, solid solution for that in php (or extension) itself.

But doesn't the fact that it's still in development mean "we" (meaning people like you) can still influence the process/outcome by giving feedback? I sure do hope it's going to be a useful extension.
User avatar
johno
Forum Commoner
Posts: 36
Joined: Fri May 05, 2006 6:54 am
Location: Bratislava/Slovakia
Contact:

Post by johno »

Filter does not provide any object oriented interface. The current API is flexible enough to add any kind of filters, support unicode (more on this topic in another article) or to integrate into your favorite framework or MVC application.
This is a reason not to make it object oriented? IMHO the proposed syntax is horrible, it just tries to mimic OO design that would do much better job and will be much more self-explanatory. Not to mention it mixes two concepts. Validation rules and filters. An example of a filter is trim function. A rule example is email validation.

It also makes you write validation on 2 different places. Suppose you want to have 2 rules on one field. For example a number regex and that the number must be between 1 and 20. You want some nice error messages in your form script. So you create two validation callback function for that. Now you want to validate input '23'. The validation fails and you get a FALSE value. So now tell me which one of those failed. You don't know! You have to make validation again to figure out which one failed and print out correct error message.

Now wouldn't OO really do a better job? Something really simple like:

Code: Select all

$defs = new InputValidation();
$defs->addFilter('number', new TrimFilter()); // trim whitespaces
$defs->addRule('number', new RegexRule('/^[0-9]+$/', 'Input "%s" in not a number!'));
$defs->addRule('number', new RangeRule(1, 20, 'Number %d is not between %d and %d!'));

$results = $defs->validate(array('number' => '  aa  '));
$results['number']['value'] == false;
$results['number']['errors'] == array('Input "aa" in not a number!');

$results = $defs->validate(array('number' => ' 30 '));
$results['number']['value'] == false;
$results['number']['errors'] == array('Number 30 is not between 1 and 20!');

$results = $defs->validate(array('number' => ' 16 '));
$results['number']['value'] == '16';
$results['number']['errors'] == false;
I think that the proposed filtering API is horribly wrong.
Post Reply