don't trust your users
DESCRIPTION
TRANSCRIPT
![Page 2: Don't Trust Your Users](https://reader033.vdocuments.site/reader033/viewer/2022061206/5477a2aeb4af9f940e8b4711/html5/thumbnails/2.jpg)
Who are you and why are you in my house?
• Chris Tankersley• Doing PHP for 10 Years• Lots of projects no one uses, and a few that some do• TL;DR https://github.com/dragonmantank
NWO-PUG 2September 20, 2011
![Page 3: Don't Trust Your Users](https://reader033.vdocuments.site/reader033/viewer/2022061206/5477a2aeb4af9f940e8b4711/html5/thumbnails/3.jpg)
Everyone Loves a Story
http://northweststate.edu/about-nscc/
![Page 4: Don't Trust Your Users](https://reader033.vdocuments.site/reader033/viewer/2022061206/5477a2aeb4af9f940e8b4711/html5/thumbnails/4.jpg)
Programming Is Just Acronyms• DRY – Don’t Repeat Yourself• KISS – Keep It Simple Stupid• IPO – Input, Process, Output
![Page 5: Don't Trust Your Users](https://reader033.vdocuments.site/reader033/viewer/2022061206/5477a2aeb4af9f940e8b4711/html5/thumbnails/5.jpg)
GIGO – Garbage In, Garbage Out
![Page 6: Don't Trust Your Users](https://reader033.vdocuments.site/reader033/viewer/2022061206/5477a2aeb4af9f940e8b4711/html5/thumbnails/6.jpg)
Users Are a Nice Big Family
![Page 7: Don't Trust Your Users](https://reader033.vdocuments.site/reader033/viewer/2022061206/5477a2aeb4af9f940e8b4711/html5/thumbnails/7.jpg)
Some People Want To Watch The World Burn
![Page 8: Don't Trust Your Users](https://reader033.vdocuments.site/reader033/viewer/2022061206/5477a2aeb4af9f940e8b4711/html5/thumbnails/8.jpg)
We Love Contact Forms
![Page 9: Don't Trust Your Users](https://reader033.vdocuments.site/reader033/viewer/2022061206/5477a2aeb4af9f940e8b4711/html5/thumbnails/9.jpg)
Client Side Validation
![Page 10: Don't Trust Your Users](https://reader033.vdocuments.site/reader033/viewer/2022061206/5477a2aeb4af9f940e8b4711/html5/thumbnails/10.jpg)
HTML 5 Validation
![Page 11: Don't Trust Your Users](https://reader033.vdocuments.site/reader033/viewer/2022061206/5477a2aeb4af9f940e8b4711/html5/thumbnails/11.jpg)
Browsers Suck
http://caniuse.com/#search=required
![Page 12: Don't Trust Your Users](https://reader033.vdocuments.site/reader033/viewer/2022061206/5477a2aeb4af9f940e8b4711/html5/thumbnails/12.jpg)
Server Side Is Necessary
http://www.flickr.com/photos/pargon/2444943158/sizes/l/
![Page 13: Don't Trust Your Users](https://reader033.vdocuments.site/reader033/viewer/2022061206/5477a2aeb4af9f940e8b4711/html5/thumbnails/13.jpg)
PHP’s Filter Module
![Page 14: Don't Trust Your Users](https://reader033.vdocuments.site/reader033/viewer/2022061206/5477a2aeb4af9f940e8b4711/html5/thumbnails/14.jpg)
Some Background• Enabled by default since 5.2.0• Provides both Validation and Sanitization• Very easy to use to work with data• Exposed via the 7 basic functions
![Page 15: Don't Trust Your Users](https://reader033.vdocuments.site/reader033/viewer/2022061206/5477a2aeb4af9f940e8b4711/html5/thumbnails/15.jpg)
Filtering Is Easy And Fun
![Page 16: Don't Trust Your Users](https://reader033.vdocuments.site/reader033/viewer/2022061206/5477a2aeb4af9f940e8b4711/html5/thumbnails/16.jpg)
Basic Filtering Out Of The Box
![Page 17: Don't Trust Your Users](https://reader033.vdocuments.site/reader033/viewer/2022061206/5477a2aeb4af9f940e8b4711/html5/thumbnails/17.jpg)
We Can Clean Up Data As Well
![Page 18: Don't Trust Your Users](https://reader033.vdocuments.site/reader033/viewer/2022061206/5477a2aeb4af9f940e8b4711/html5/thumbnails/18.jpg)
What Sanitizers are Available?
![Page 19: Don't Trust Your Users](https://reader033.vdocuments.site/reader033/viewer/2022061206/5477a2aeb4af9f940e8b4711/html5/thumbnails/19.jpg)
What Sanitizers are Available?
![Page 20: Don't Trust Your Users](https://reader033.vdocuments.site/reader033/viewer/2022061206/5477a2aeb4af9f940e8b4711/html5/thumbnails/20.jpg)
Manual Filters
![Page 21: Don't Trust Your Users](https://reader033.vdocuments.site/reader033/viewer/2022061206/5477a2aeb4af9f940e8b4711/html5/thumbnails/21.jpg)
It Does Big Jobs As Well
![Page 22: Don't Trust Your Users](https://reader033.vdocuments.site/reader033/viewer/2022061206/5477a2aeb4af9f940e8b4711/html5/thumbnails/22.jpg)
Aura.Filter
![Page 23: Don't Trust Your Users](https://reader033.vdocuments.site/reader033/viewer/2022061206/5477a2aeb4af9f940e8b4711/html5/thumbnails/23.jpg)
Easy To Use
![Page 24: Don't Trust Your Users](https://reader033.vdocuments.site/reader033/viewer/2022061206/5477a2aeb4af9f940e8b4711/html5/thumbnails/24.jpg)
Rule Types• Soft Rules – Doesn’t Stop Validation Chain • Hard Rules – Stop Validation Chain For This Element• Stop Rules – Stop All Validation
![Page 25: Don't Trust Your Users](https://reader033.vdocuments.site/reader033/viewer/2022061206/5477a2aeb4af9f940e8b4711/html5/thumbnails/25.jpg)
Validation and Sanitization• RuleCollection::IS – Must match the rule• RuleCollection::IS_NOT – Must not match• RuleCollection::IS_BLANK_OR – Must be blank or match• RuleCollection::FIX – Sanitize The Data• RuleCollection::FIX_IS_BLANK_OR – Fix if not blank
![Page 26: Don't Trust Your Users](https://reader033.vdocuments.site/reader033/viewer/2022061206/5477a2aeb4af9f940e8b4711/html5/thumbnails/26.jpg)
Bundled Rules• Alnum• Alpha• Between• Blank• Bool• Credit Card• DateTime• Email
• Equal To Field• Equal To Value• Float• In Array Keys• In Array Values• Int• ipv4• Locale
• Max• Min• Regex• Strict Equals• String(length,min,
max)• Trim• Upload• Url
![Page 27: Don't Trust Your Users](https://reader033.vdocuments.site/reader033/viewer/2022061206/5477a2aeb4af9f940e8b4711/html5/thumbnails/27.jpg)
Custom Rules• Extend Aura\Filter\AbstractRule• Implement validate() and sanitize()• Add to the Rule Locator
![Page 28: Don't Trust Your Users](https://reader033.vdocuments.site/reader033/viewer/2022061206/5477a2aeb4af9f940e8b4711/html5/thumbnails/28.jpg)
Use Your Framework’s
![Page 29: Don't Trust Your Users](https://reader033.vdocuments.site/reader033/viewer/2022061206/5477a2aeb4af9f940e8b4711/html5/thumbnails/29.jpg)
Zend\Validator
![Page 30: Don't Trust Your Users](https://reader033.vdocuments.site/reader033/viewer/2022061206/5477a2aeb4af9f940e8b4711/html5/thumbnails/30.jpg)
![Page 31: Don't Trust Your Users](https://reader033.vdocuments.site/reader033/viewer/2022061206/5477a2aeb4af9f940e8b4711/html5/thumbnails/31.jpg)
![Page 32: Don't Trust Your Users](https://reader033.vdocuments.site/reader033/viewer/2022061206/5477a2aeb4af9f940e8b4711/html5/thumbnails/32.jpg)
Symfony2 Validator
![Page 33: Don't Trust Your Users](https://reader033.vdocuments.site/reader033/viewer/2022061206/5477a2aeb4af9f940e8b4711/html5/thumbnails/33.jpg)
Symfony2 Forms
![Page 34: Don't Trust Your Users](https://reader033.vdocuments.site/reader033/viewer/2022061206/5477a2aeb4af9f940e8b4711/html5/thumbnails/34.jpg)
Always Look First
![Page 35: Don't Trust Your Users](https://reader033.vdocuments.site/reader033/viewer/2022061206/5477a2aeb4af9f940e8b4711/html5/thumbnails/35.jpg)
One Final Note
![Page 36: Don't Trust Your Users](https://reader033.vdocuments.site/reader033/viewer/2022061206/5477a2aeb4af9f940e8b4711/html5/thumbnails/36.jpg)
Validation is Hard
![Page 37: Don't Trust Your Users](https://reader033.vdocuments.site/reader033/viewer/2022061206/5477a2aeb4af9f940e8b4711/html5/thumbnails/37.jpg)
Questions?
![Page 38: Don't Trust Your Users](https://reader033.vdocuments.site/reader033/viewer/2022061206/5477a2aeb4af9f940e8b4711/html5/thumbnails/38.jpg)
Thank You!• Please Rate on Joind.in - https://joind.in/10524• @dragonmantank• [email protected]