maybe a bug on forms Form::MAX_LENGTH rule

leonardoap

ok i will try to explain as much as posible becouse i am a spanish language mother speaker.

On forms rules i add a Form::MAX_LENGTH rule it works fine on client side (browser) validating with java script, but as you know you can edit the client code with chrome tools. i did with them eliminating the validation and adding more characters to max length html tag, when i press the submit, the server side does not find any error on the fields jumping the Form::MAX_LENGTH rule.

this on 2.2.7

here the code

$this->form->addText('username', 'Username')
     ->setRequired('This field is required')
     ->addRule(Form::MAX_LENGTH, 'The max lenght allowed is %d',10)
     ->addRule(Form::PATTERN, 'Use only lowercase letters and numbers','[a-z0-9]+');

Jan Endel

Hi, can you past whole form? Did you use onSucces or onSubmit event for handling sent form?

leonardoap

hi jan here you have

public function signUp()
    {
        $this->form->addText('username', 'Username')
            ->setRequired('Username field is required')
            ->addRule(Form::MAX_LENGTH, 'The max length allowed is %d',10)
            ->addRule(Form::PATTERN, 'Use only lowercase letters and numbers','[a-z0-9]+');

        $this->form->addText('email', 'Email')
            ->setRequired('Email field is required')
            ->addRule(Form::MAX_LENGTH, 'The max length allowed is %d',200)
            ->addRule(Form::EMAIL, 'Please write a valid email address');

        $this->form->addPassword('password', 'Password')
            ->setRequired('Password field is required')
            ->addRule(Form::MAX_LENGTH, 'The max length allowed is %d',200)
            ->addRule(Form::PATTERN, 'the next characters are allowed @#%!*','[a-zA-Z0-9@#%!*]+');


        $this->form->addSubmit('send', 'Signup');

        $this->form->onSuccess[] = callback($this, 'processSignUp');
        return $this->form;
    }

    public function processSignUp()
    {
        if($this->form->isValid())
        {
			dump($this->form->getErrors(),$this);
        }

Jan Endel

Why $this->form? It`s not necessary to be object property.

What about this way?

protected function createComponentForm()
    {
		$form = new \Nette\Application\UI\Form;

        $form->addText('username', 'Username')
            ->setRequired('Username field is required')
            ->addRule(Form::MAX_LENGTH, 'The max length allowed is %d',10)
            ->addRule(Form::PATTERN, 'Use only lowercase letters and numbers','[a-z0-9]+');

        $form->addText('email', 'Email')
            ->setRequired('Email field is required')
            ->addRule(Form::MAX_LENGTH, 'The max length allowed is %d',200)
            ->addRule(Form::EMAIL, 'Please write a valid email address');

        $form->addPassword('password', 'Password')
            ->setRequired('Password field is required')
            ->addRule(Form::MAX_LENGTH, 'The max length allowed is %d',200)
            ->addRule(Form::PATTERN, 'the next characters are allowed @#%!*','[a-zA-Z0-9@#%!*]+');


        $form->addSubmit('send', 'Signup');

        $form->onSuccess[] = callback($this, 'processSignUp');
        return $form;
    }

    public function processSignUp()
    {
            dump($this->form->getErrors(),$this);
	}

Btw, invalid form does not launch success event – $this->form->isValid() is unnecessary.

Last edited by Jan Endel (2015-02-04 13:37)

leonardoap

hi jan, im using the forms outside from presenters. All is working good, except Form::MAX_LENGTH server side validation witch does not validate. mmmm i will share you the code, but ONLY the MAX_LENGTH does NOT WORK on server side

BaseForm.php

<?php namespace App\Common\Forms;
/**
 * @author Leonardo Allende <leonardoap@yandex.com> 2015
 */
use \Nette\Object,
    Nette\Application\UI\Form;

abstract class BaseForm extends Object{

    protected $form;

    public function __construct()
    {
        $this->form = new Form;
        $this->form->addProtection('Form token expired');
    }

}

signUpForm.php

<?php namespace App\Common\Forms\Src;
/**
 * @author Leonardo Allende <leonardoap@yandex.com> 2015
 */
use \Nette\Application\UI\Form;
use App\Common\Forms\BaseForm;

class SignUpForm extends BaseForm{

    public function signUp()
    {
        $this->form->addText('username', 'Username')
            ->setRequired('Username field is required')
            ->addRule(Form::MAX_LENGTH, 'The max length allowed is %d',10)
            ->addRule(Form::PATTERN, 'Use only lowercase letters and numbers','[a-z0-9]+');

        $this->form->addText('email', 'Email')
            ->setRequired('Email field is required')
            ->addRule(Form::MAX_LENGTH, 'The max length allowed is %d',200)
            ->addRule(Form::EMAIL, 'Please write a valid email address');

        $this->form->addPassword('password', 'Password')
            ->setRequired('Password field is required')
            ->addRule(Form::MAX_LENGTH, 'The max length allowed is %d',200)
            ->addRule(Form::PATTERN, 'the next characters are allowed @#%!*','[a-zA-Z0-9@#%!*]+');


        $this->form->addSubmit('send', 'Signup');

        $this->form->onSuccess[] = callback($this, 'processSignUp');
        return $this->form;
    }

    public function processSignUp()
    {
        if($this->form->isValid())
        {
            $values = $this->form->getValues();
            $new_sign_up = $this->form->getPresenter()->context->models->getService('users');
            $values['created_at'] = $new_sign_up->timestamp();
            $values['updated_at'] = $new_sign_up->timestamp();
            //$values['password_hash'] = $new_sign_up;
            dump($this->form->getErrors(),$this); // here does not show FORM::MAX_LENGTH validate if this has been altered. by example editing  html whit chrome tools changing username length field from 10 to 20 and sending 20 characters pressing the submit Button
        }

    }

}

just in case here you have the serviceFActory and FormsContainer

serviceFactory

<?php namespace App\Common\Classes;
/**
 * @author Leonardo Allende <leonardoap@yandex.com> 2015
 */
use \Nette\DI\Container;
use \App\Common\Classes\ModelsContainer;
use \App\Common\Classes\FormsContainer;
/**
 * Factory of services
 */
class ServiceFactory {

    public static function serviceModels(Container $container)
    {
        $models = new ModelsContainer();
	    $models->addService('container', $container);
	    return $models;
    }

    public static function serviceForms(Container $container)
    {
        $forms = new FormsContainer();
        $forms->addService('container', $container);
        return $forms;
    }
}

formsContainer

<?php namespace App\Common\Classes;
/**
 * @author Leonardo Allende <leonardoap@yandex.com> 2015
 */
use \Nette\DI\Container;
use App\Common\Forms\Src\SignUpForm;

/**
 * Container to find all forms
 */
class FormsContainer extends Container{

    protected function createServiceSignUp()
    {
        //$presenter = $this->getService('container')->getService('application')->getPresenter()->getPresenter();
        return new SignUpForm();
    }
}

and finally here the presenter calling

protected function createComponentSignUp()
 {
     $signUpForm = $this->context->forms->getService('signUp');
     //$signUpForm->signUp()->setTranslator($this->translator);
     return $signUpForm->signUp();
 }

regards

Last edited by leonardoap (2015-02-05 04:43)

Majkl578

Can you dump $_POST (and check length manually) to see what data actually reach the server? Also check contents of $form->getValues().

David Grudl

It is ok, MAX_LENGTH silently truncates string, without error message.

leonardoap

David Grudl wrote:

It is ok, MAX_LENGTH silently truncates string, without error message.

I didnt do that test. but i I assumed it would have to show an error like the other rules.

David Grudl

It was changed in master.