Reputation: 490143
Where should form validation occur in a MVC project?
I'm using Kohana, but I think this question is more general.
I have been doing form validation in the controller, and it has worked well so far. But lately, I've ran into a problem.
I have a comments model, and I send comments from a few different controllers to it. Instead of having a validator in every controller, I placed it in the model.
This is great because
- Only one place to change/add validation rules (DRY)
This sucks because
- I obviously need to return a success or failure to the controller, and Kohana's validation library returns errors as an array. So my return looks like this
ON SUCCESS
array('success' => true);
ON FAIL
array('success' => false, $errors);
I can't help but think this is wrong. It feels wrong.
If I do it in the controller, I can simply do
if ($post->validate()) {
doWhatever();
} else {
$this->template->formErrors = $post->errors('form_errors');
}
Which seems better (to me).
Is there a better way to do this? Should I validate in the controller or method? Am I going crazy?
Upvotes: 8
Views: 1547
Answers (6)
Reputation: 13302
I don't think all validation rules can go inside the model. Validation is all about the form (or the API). The fact is that when you are validating your data, most of the things depend on the context.
For example, is this a logged-in user taking the action? You wouldn't couple your authentication layer with the model being validated. So, all the checks must go inside the controller. The model is context-agnostic; the form "belongs" to the controller and is context-aware.
I think that having per-form validation rules plus basic in-model checks for well-formed data is the way to go. If you're calling Auth::instance() or Session::instance() inside your model's validate() function, then you're doing it wrong.
Upvotes: 6
Reputation: 1
I do validation in the model too. Most modeling libs like ORM, Auto_Modeler etc. also support validation. BTW it's faster if you ask on the #kohana channel on FreeNode (irc.freenode.net). We (usually) don't bite :)
Upvotes: 0
Reputation: 2139
Fat models. Small controllers. That's the way I always did it. Validation to me is at the data layer. The data layer (to me, at least) is the model. I normally use CakePHP as my MVC framework... Maybe that's why my validation is at the model. It's CakePHP's way.
Upvotes: 2
Reputation: 37126
You should always (if you can) validate on client (JS). And since that can be bypassed - you validate on server as well. And yes - putting your validation to some reusable form is great idea
Upvotes: 0
Reputation: 25295
I honestly don't see anything wrong with your method, alex. It seems like you're doing it properly. You're following the DRY principle, which for me is usually the yardstick to measure if I'm doing something right when it comes to MVC.
Upvotes: 4
Reputation: 9160
I prefer to not repeat myself over feelings, do the method. Besides the array is handy since you can show the errors from the array in a view if you wanted. I have not used kohana, but the validation method I have been using in ASP.NET MVC provides me with a similar list and I can then show the user what precisely is wrong.
Upvotes: 0
Related Questions
- MVC validation: where to validate?
- Best Place for Validation in Model/View/Controller Model?
- Where does input validation belong in an MVC application?
- Where to put validation logic in MVC software architecture
- MVC Question: Should I put form validation rules in the controller or model?
- Where should validation take place?
- Where to validate and process form submission in MVC website
- What's the recommended place to perform validation: ViewModel, Model or Controller?
- Where does input validation happen in MVC?
- MVC - where to implement form validation (server-side)?