CODEWITHSUNDEEP
phpcodeigniter
Saugat Thapa
Saugat Thapa

Reputation: 382

form validation is not working because of xss_clean

  public function add_creation()
{
    $images = $this->do_imgupload();
    $this->form_validation->set_rules('title','title','trim|xss_clean');
    $this->form_validation->set_rules('instrument_used','instrument_used','trim|xss_clean');
    $this->form_validation->set_rules('genre','genre','trim|xss_clean');
    $this->form_validation->set_rules('courtesy','courtesy','trim|xss_clean');
    $this->form_validation->set_rules('image_link','image_link','trim|xss_clean');
    $this->form_validation->set_rules('song_link','song_link','trim|xss_clean');
    $this->form_validation->set_rules('comment_request','comment_request','trim|xss_clean');

    if($this->input->post('upload')){
        if($this->form_validation->run()==FALSE){

               redirect('creations');
        }
        else
        {
            //based on input field the data will be inserted
            if ($this->input->post('image_link')) {
                    $time=date('Y-m-d');
            $data1=array(
            'title'=>$this->input->post('title'),
            'instrument_used' =>$this->input->post('instrument_used'),
            'genre' =>$this->input->post('genre'),
            'art_form_id' =>$this->input->post('art_form_id'),
            'courtesy' =>$this->input->post('courtesy'),
            'image_link'=>$images['file_name'],
            'artist_id'=>1,
            'published_date'=>$time,
            'comment_request' => $this->input->post('comment_request')

            );
            $query=$this->hbmodel->md_add_creation($data1);


            } 




            if ($query) 
            {


                redirect('profile');    
            }
            else
            {

               redirect('creations');
            }
    }
}
  }


        <form   role="form" id="#publish_creation" action="<?php echo base_url();?>creations/add_creation" method="post" enctype="multipart/form-data">
                <input type="submit" value="Publish" name="upload" class="btn th-btn-pri1blue">
    <input class="btn btn-default btn-sm" type="file"  name="image_link" id="image_upload">


          <input placeholder="Title: Numb Cover" name="title" id="title" type="text" required >
          <select class="form-control" id="my_select" name="art_form_id">
          <option value="1">Music</option>
          <option value="2">Photography</option>
          <option value="3">Painting</option>
          <option value="4">Fashion</option>
          <option value="5">Modelling</option>
          </select> 


        <input  placeholder="Genre: Alternative Rock" name="genre" id="genre"  type="text" >

        <input  placeholder="Instrument Used: Yamaha Piano" name="instrument_used" id="instrument_used" type="text" >

        <input  placeholder="Courtesy: Linkin Park" name="courtesy" id="courtesy"  type="text" >

        <input  placeholder="Comment Request: Be critical or interpret!" name="comment_request" id="comment"  type="text" >
    </form>

I am getting redirected to the same upload page when i submit the form and not getting any error. but i am trying to provide the values to the controller that will later take to model page. YOu can create the database from the controller and insert it in model. I am sure there is nothing wrong in model.

Upvotes: 1

Views: 1589

Answers (3)

Saugat Thapa
Saugat Thapa

Reputation: 382

I found out that you have to change global_xss_filtering to true in the config.php in config folder. Then put 

$this->load->helper('security');

to the controller. Then the validation will work. This problem occured in CI 3.0.0

Upvotes: 4

enido
enido

Reputation: 44

I think your action link is not right. you have forgotten to add /index.php after base_url(), or you can use site_url()

action="/index.php/creations/add_creation"

Upvotes: 1

Pradeep
Pradeep

Reputation: 9717

Your validation should be like(song_link field is missing in form) :

   $this->form_validation->set_rules('title','title','trim|xss_clean');
   $this->form_validation->set_rules('instrument_used','instrument_used','trim|xss_clean');
   $this->form_validation->set_rules('genre','genre','trim|xss_clean');
   $this->form_validation->set_rules('courtesy','courtesy','trim|xss_clean');
   $this->form_validation->set_rules('image_link','image_link','trim|xss_clean');

 // should not include song_link as it is missing 

  $this->form_validation->set_rules('comment_request','comment_request','trim|xss_clean');

Upvotes: 1

Related Questions