Reputation: 2236
Kohana 3.2 ORM validation and form validations
Since last one year, I worked on a maintenance project in Kohan 3.0.7. While I was looking to the latest version (3.2), I came across ORM validation which I had not noticed while I worked with Kohana 3.0.7. In my project, I used form validation and validated all the forms in model. While reading, http://kohanaframework.org/3.2/guide/orm/examples/validation, I found that validation rule for extra field "Confirm Password" is being added in the controller itself. So, I want to know -
Can we move the ORM validation rules to model files completely ? if we can then how it can be done ?
Does the values method take care of sql injections ?
Upvotes: 0
Views: 872
Answers (1)
Reputation: 17725
You can't and shouldn't move model validation to the controller.
In the example you provided they used so called "extra validation".
Take a look at the save method API - it takes optional Validation argument that is used later on in check method to validate additional logic (like e.g. passwords matching).
The reason is that you don't have a field in your model called "password_matching" (then you could just write this rule in rules function ;)), so you need to use external validation for such case.
Another example of using external validation would be uploading a file and, based on the upload result, doing operations on your ORM model.
Yes, ORM is SQL injection safe as it uses Query Builder which is also safe (except of DB::expr which should be used with extra care).
Upvotes: 1
Related Questions
- Kohana 3 - get orm validation errors
- Kohana ORM and Validation, having problems
- Skipping ORM validation in Kohana 3.3
- Kohana 3.3 & Kostache - Unable to display ORM Validation Errors in Form
- How to validate email using Kohana 3.1 ORM
- Kohana validation 3.3
- Validate optional fields using Kohana 3.2 ORM
- Kohana 3: Example of model with validation
- kohana 3.1 orm validation on updating user details
- Kohana 3: ORM Validation messages