Symfony 5 form sanitise user text input by stripping chars

Question

I have a form in symfony 5:

$builder
            ->add('name',TextType::class,[
                'label'=>'Character Name',
                'constraints'=>[
                    new Regex('/[\w\s]+/')
                ],
                'required'=>false,
                'attr'=>[
                    'class'=>'form-control'
                ],
                'label_attr'=>[
                    'class'=>'form-label'
                ]
            ])->add('gender',ChoiceType::class,[
                'label'=>'Gender',
                'required'=>false,
                'choices'=>[
                    'Any'=>'',
                    'Male'=>'Male',
                    'Female'=>'Female',
                    'Genderless'=>'Genderless',
                    'Unknown'=>'Unknown'
                ],
                'attr'=>[
                    'class'=>'form-control'
                ],
                'label_attr'=>[
                    'class'=>'form-label'
                ]
            ])->add('status',ChoiceType::class,[
                'label'=>'Status',
                'required'=>false,
                'choices'=>[
                    'Any'=>'',
                    'Alive'=>'Alive',
                    'Dead'=>'Dead',
                    'Unknown'=>'unknown'
                ],
                'attr'=>[
                    'class'=>'form-control'
                ],
                'label_attr'=>[
                    'class'=>'form-label'
                ]
            ])->add('species',ChoiceType::class,[
                'label'=>'Species',
                'required'=>false,
                'choices'=>[
                    'Any'=>'',
                    'Human'=>'Human',
                    'Alien'=>'Alien'
                ],
                'attr'=>[
                    'class'=>'form-control'
                ],
                'label_attr'=>[
                    'class'=>'form-label'
                ]
            ])->add('submit',SubmitType::class,[
                'label'=>'Filter Results',
                'attr'=>[
                    'class'=>'btn btn-primary'
                ]
            ]);

What i want to do if possible is use regex to strip special characters from the "name" field after it's submitted so the resulting field value only contains alphanumeric and spaces, so i want to run this on it:

preg_replace('/[^\w\s]/','',$name);

The closest thing i can find to do this is a model transformer but that doesn't really suit this situation as it's just a one way action.

Answer 1

You could use an EventSubscriber, just like Symfony does internally to trim the value in their TextType field (see https://github.com/symfony/symfony/blob/9045ad4bf2837e302e7cdbe41c38f1af33cbe854/src/Symfony/Component/Form/Extension/Core/EventListener/TrimListener.php ):

<?php

namespace App\Form\EventListener;

use Symfony\Component\EventDispatcher\EventSubscriberInterface;
use Symfony\Component\Form\FormEvent;
use Symfony\Component\Form\FormEvents;

class SanitizeListener implements EventSubscriberInterface
{
    public function preSubmit(FormEvent $event)
    {
        $data = $event->getData();

        if (!\is_string($data)) {
            return;
        }

        $event->setData(preg_replace('/[^\w\s]/','',$data));
    }

    public static function getSubscribedEvents(): array
    {
        return [FormEvents::PRE_SUBMIT => 'preSubmit'];
    }
}

Attach the listener to your name field like this:

$builder->get('name')->addEventSubscriber(new SanitizeListener());