Safe usage of validator in Yii

Safe usage of validator in Yii

When I started using yii, I had never understood safe in the validation rules. I tested it today and figured out the meaning of safe. I always thought that safe is the framework that will filter the input content, such as SQL injection and Other filters. Actually, it is not, the main difference between safe and unsafe is that $ model-> attributes = $ _ POST ['user']. This method of value Assignment is called Massive Assignment in yii ), when all the attributes in the model are safe, the $ _ POST ['user'] value submitted by the form can be assigned to $ model-> attributes, and then saved to the database. However, once a property is not set to safe, for example, username, after the user name is modified and submitted, you will find that the user name value is not updated, because username is unsafe, therefore, the value of the new username cannot be assigned to the model in the Massive Assignment.

The following is the explanation of the master:

Safe attributes refers to the attributes entered by the user and to be verified. If an attribute appears in a verification rule and the applicable scenario of the verification rule is consistent with the current scenario of the model, the attribute is safe and can be assigned in batches. In yii 1.1, the safeAttributes () function has been canceled. All attributes are declared safe by verification rules.

See: http://www.yiiframework.com/wiki/161/understanding-safe-validation-rules/ for details

Articles you may be interested in

• Yii framework Yiiapp ()
• How to configure the default controller and action in the yii framework
• Summary of using database transactions in Yii
• Module Development and Analysis of Yii framework
• Yii rules common verification rules memo
• Convert the result of yii object to an array
• Yii database addition, modification, and deletion operations Summary
• Yii controller action parameter binding