waavi / sanitizer Goto Github PK
View Code? Open in Web Editor NEWData sanitizer and form request input sanitation for Laravel 5.
License: MIT License
Data sanitizer and form request input sanitation for Laravel 5.
License: MIT License
The packages needs bump for this.
I am using the trait on one of my requests but noticed that the input remains untouched when using request('input_name');.
Lets say the input is "<h1>Hi there</h1>"
and the filter is strip_tags.
public function update(CreateReviewRequest $request)
{
$message = request('message');
}
$message = "<h1>Hi there</h1>"
public function update(CreateReviewRequest $request)
{
$message = $request->get('message');
}
$message = "Hi there"
I'm using with Laravel
$filters = [
'company_name_en' => 'trim|escape|capitalize',
'company_name_kh' => 'trim|escape|capitalize',
];
$sanitizer = new Sanitizer($input, $filters);
$input = $sanitizer->sanitize();
When i'm dd($input);
it not show text that i'm input. It show like this
company_name_en => "Ážÿáÿšáž¸ážÿáÿšáž¸"
I'm try many way. But still not work.
Thanks for your answer.
Hi
I want to define filter which given array and sanitize all item in array ('*' => 'trim|escape|capitalize').
Please guide me
Thanks,
I think is interesting add a filter to check "sometimes" laravel rule and just apply the filter if the field isset, because this way if field is not set raise the error that the field is required.
I can not get the filter to work in the FormRequest. I must be missing something.
Added
use Waavi\Sanitizer\Laravel\SanitizesInput;
and
use SanitizesInput;
And simple function
public function filters() {
return [
'name' => 'trim|strip_tags|escape|uppercase',
'headline' => 'trim|strip_tags|escape|uppercase',
];
}
Any input in the form for these fields remains untouched.
Must be something missing.
The sanitizer applies the filter on inputs even if they are not present in the request which breaks the validation logic. There can be a workaround but I think the default behavior should be only applying filters on the present attributes and maybe add an extra filter that fills the nonexistent attributes if needed (e.g. defaul:{value}
)
I'd expect the library to be able to strip tags as I used to do wiith zend framework (https://framework.zend.com/manual/2.4/en/modules/zend.filter.strip-tags.html). What do you think ?
PHP Fatal error: Class 'Illuminate\Validation\ValidationRuleParser' not found
Will this package be compatible with the new Laravel 6?
Thank you.
Will it be possible to add Laravel 8 support?
Please update the package in Packagist the latest release is not available.
Great Idea! It would be nice to add ability to sanitize arrays the way Laravel validator does it, with rules like 'array.*.key' => 'trim|capitalize'
, so it will go through array and sanitize each item.
https://github.com/Waavi/Sanitizer/blob/master/src/Waavi/Sanitizer/Laravel/FormRequest.php
Using that file greatly restricts things, it would be far better to use a trait imo (as an additional option). I am going to be making my own to use instead of extending your class as we already have our own base request class.
Found this package yesterday and tried to use the example as shown in the readme.
Now I am running into a problem.
When validation succeeds I still get the raw data from the input fields ( not filtered ).
Not sure if this is intentional but it was not what I expected.
I managed to solve this by creating a private function in the form request where I call the sanitizer myself. ( and merge the result of the sanitizer over the request that is coming in ).
Using laravel 5.6.*
One of the changes in Laravel 5.6 breaks the package https://laravel.com/docs/5.6/upgrade
The validate method of the ValidatesWhenResolved interface / trait has been renamed to validateResolved in order to avoid conflicts with the $request->validate() method.
Therefore the package needs to include a composer constraint to prevent using it with Laravel 5.6.
I think that would be better to use is_null to verify if the input is "empty" on the applyField method.
Like this:
/**
* Apply the given filter by its name
* @param $name
* @return Filter
*/
protected function applyFilter($name, $value, $options = [])
{
// If the filter does not exist, throw an Exception:
if (!isset($this->filters[$name])) {
throw new InvalidArgumentException("No filter found by the name of $name");
}
// If the given value is null, skip the sanitizer
if (is_null($value)) {
return $value;
}
$filter = $this->filters[$name];
if ($filter instanceof Closure) {
return call_user_func_array($filter, [$value, $options]);
} else {
$filter = new $filter;
return $filter->apply($value, $options);
}
}
I want use a filter that trim empty fields to null instead of leaving just an empty string.
If you accept it I can make a pull request with the feature.
I really like the package and would be very nice to contribute with you guys! There are some features that you need some help to implement? I have some in mind...
Laravel validation has a required_if:field,value... Is there any option like that for the filters?
(The use case here has to do with postal codes. I want to run a custom ZIP validator I wrote only if the country = 'USA', but I can't think of a way to do this.
If there is no option for something like this, is there a way to pass another field to a custom filter? Then I could pass the country and just do an if there...
I have created an updated version for Laravel 5.6. Here is the PR #16
Thanks
ErrorException
Illegal string offset 'name'
I am not sure if someone checked properly before merging to the master branch. Even the Travis also failing that latest change. Developers should have tested the breakdown issues before merging the commit.
Also, there should have some changelog information if any new options were added or removed.
Hello. it is possible to do this?
This is my Request class:
`namespace App\Http\Requests\API;
use App\Models\Concept;
use InfyOm\Generator\Request\APIRequest;
use Waavi\Sanitizer\Laravel\SanitizesInput;
class CreateConceptAPIRequest extends APIRequest
{
use SanitizesInput;
public function filters() {
return [
'name' => 'trim|strip_tags|escape|lowercase',
];
}
/**
* Determine if the user is authorized to make this request.
*
* @return bool
*/
public function authorize()
{
return true;
}
/**
* Get the validation rules that apply to the request.
*
* @return array
*/
public function rules()
{
return Concept::$rules;
}
}`
Installing Sanitizer via composer [composer require waavi/sanitizer ~1.0 --dev] or [composer require waavi/sanitizer --dev] the Digit class is not included.
I can include it manually but it beats the purpose! :)
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.