Safe usage of validator in Yii

Source: Internet
Author: User

Safe usage of validator in Yii

When I started using yii, I had never understood safe in the validation rules. I tested it today and figured out the meaning of safe. I always thought that safe is the framework that will filter the input content, such as SQL injection and Other filters. Actually, it is not, the main difference between safe and unsafe is that $ model-> attributes = $ _ POST ['user']. This method of value Assignment is called Massive Assignment in yii ), when all the attributes in the model are safe, the $ _ POST ['user'] value submitted by the form can be assigned to $ model-> attributes, and then saved to the database. However, once a property is not set to safe, for example, username, after the user name is modified and submitted, you will find that the user name value is not updated, because username is unsafe, therefore, the value of the new username cannot be assigned to the model in the Massive Assignment.

The following is the explanation of the master:

Safe attributes refers to the attributes entered by the user and to be verified. If an attribute appears in a verification rule and the applicable scenario of the verification rule is consistent with the current scenario of the model, the attribute is safe and can be assigned in batches. In yii 1.1, the safeAttributes () function has been canceled. All attributes are declared safe by verification rules.

See: http://www.yiiframework.com/wiki/161/understanding-safe-validation-rules/ for details

Articles you may be interested in
  • Yii framework Yiiapp ()
  • How to configure the default controller and action in the yii framework
  • Summary of using database transactions in Yii
  • Module Development and Analysis of Yii framework
  • Yii rules common verification rules memo
  • Convert the result of yii object to an array
  • Yii database addition, modification, and deletion operations Summary
  • Yii controller action parameter binding

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.