Input Validation

Usage

Validation rules are passed as a pipe-delimited (|) string to methods in the Input module.

Some rules take an additional argument after a colon :.

// Integer, from 12 to 130.
$age = Input.get('age', 'i|min:12|max:130');

// String, 3 to 30 characters in length
$name = Input.get('name', 's|min:3|max:30');

Filters

By default, the validator applies these filters, unless overrided by a rule:

HTML tags removed.
Newlines removed.
Multiple spaces shrunk to 1 space.

Rules

Basic Type Rules

id	Description	Length or Range	Examples
b	boolean	--	'true', 'false'
i	integer	0 - any	1, 7, 1000
f	float	0 - any	1.0, 3.14
s	string	4 - 100	'abc123'

Built-In Rules

id	Length	Characters	Examples
id	1 - 100	a-z A-Z 0-9 -_.	'2234', 's63asg352', 'my-post'
username	3 - 20	a-z A-Z 0-9 -_	'abc123'
password	8 - 100	any	any non-weak password
email	4 - 60	___@____	me@mail.com
url	8 - 200	http(s)://____	http://asite.com
phone	6 - 30	0-9 ().-+ext	(123) 456-7890
accepted	1	1	'1'
body	10 - any	any	string with newlines e.g. forum posts

Modifier Rules

id	Description
optional	Field is not required.
min:n	Lowest string length or number value.
max:n	Highest string length or number value.
regex:pattern	Pattern, matched from start of string.
in:list	Must be in comma-delimited list. Ex: 'in:red,green,blue'
notIn:list	Must NOT be in comma-delimited list.
same:otherField	Must be same as value of other field. Ex: 'same:passwordConfirm'
notSame:otherField	Must NOT same as value of other field.
civilize	Apply String.civilize().
dangerDangerHtml	Do not strip HTML tags.

Other Rules

id	Length	Characters	Examples
json	1 - any	{...}	'{a:1,b:2,c:"three"}'
dangerDangerRaw	1 - any	any	--

Passwords

Any password field will be returned as a Password object, instead of a string.

This protects it from being leaked as plain text elsewhere in your app.