NAME
Mojolicious::Plugin::Vparam - Mojolicious plugin validator for GET/POST data.
DESCRIPTION
Features:
Simple syntax or full featured
Many predefined types
Filters complementary types
Support arrays of values
Support HTML checkbox as bool
Simple JSON values extraction and validation using JSON Pointer from Mojo::JSON::Pointer.
Simple XML values extraction and validation using CSS selector engine from Mojo::DOM::CSS.
Validate all parameters at once and get hash to simple use in any Model
Manage validation errors
Full Mojolicious::Validator::Validation integration
This module use simple parameters types str, int, email, bool, etc. to validate. Instead of many other modules you mostly not need add specific validation subs or rules. Just set parameter type. But if you want sub or regexp you can do it too.
SYNOPSIS
# Add plugin in startup
$self->plugin('Vparam');
# Use in controller
$login = $self->vparam(login => 'str');
$passw = $self->vparam(password => 'password', size => [8, 100]);
$email = $self->vparam(email => 'email', optional => 1);
METHODS
vparam
Get one parameter. By default parameter is required.
# Simple get one parameter
$param1 = $self->vparam(date => 'datetime');
# Or more syntax
$param2 = $self->vparam(count => {type => 'int', default => 1});
# Or more simple syntax
$param2 = $self->vparam(count => 'int', default => 1);
vparams
Get many parameters as hash. By default all parameters are required.
%params = $self->vparams(
# Simple syntax
name => 'str',
password => qr{^\w{,32}$},
myparam => sub { $_[1] && $_[1] eq 'ok' ? 1 : 0 } },
someone => ['one', 'two', 'tree'],
# More syntax
from => { type => 'date', default => '' },
to => { type => 'date', default => '' },
id => { type => 'int' },
money => { regexp => qr{^\d+(?:\.\d{2})?$} },
myparam => { post => sub { $_[1] && $_[1] eq 'ok' ? 1 : 0 } },
# Checkbox
isa => { type => 'bool', default => 0 },
);
vsort
Like vparams but add some keys to simple use with tables. Example:
# HTML - table with controls and filters
Order by:
<select name="oby">
<option value="0">Name</option>
<option value="1">Date</option>
</select>
Order direction:
<select name="ods">
<option value="asc">Low to High</option>
<option value="desc">High to Low</option>
</select>
Count per page:
<select name="rws">
<option value="10">10</option>
<option value="100">100</option>
</select>
Filter by name:
<input type="text" name="name" value="">
Any other filters ...
# Controller
%params = $self->vsort(
-sort => ['name', 'date', ...],
# next as vparams
name => 'text',
...
);
- page
-
Page number. Default: 1.
You can set different name by vsort_page config parameter. If you set undef then parameter is not apply.
- rws
-
Rows on page. Default: 25.
You can set different name by vsort_rws config parameter. You can set different default by vsort_rows config parameter. If you set undef then parameter is not apply.
- oby
-
Column number for sorting. Default: 1 - in many cases first database column is primary key.
You can set different name by vsort_oby config parameter. If you set undef then parameter is not apply.
Value of oby The value will be automatically mapped to the column name using the "-sort" attribute. Also, the value will be checked for proper mapping. So you do not need to worry about it.
- ods
-
Sort order ASC|DESC. Default: ASC.
You can set different name by vsort_ods config parameter. If you set undef then parameter is not apply.
verror $name
Get parameter error string. Return 0 if no error.
# Get error
print $self->verror('myparam') || 'Ok';
# Set error
$self->verror('myparam', {message => 'Error message'})
vclass $name, @classes
Get classes for invalid input. Return empty string if no error.
# Form example
<input name="myparam" class="<%= vclass 'myparam' %>">
# Return next code for invalid I<myparam>:
# <input name="myparam" class="field-with-error">
You can set additional @classes to set if field invalid.
vvalue $name, $default
Get raw input value after validation. Return $default value or empty string before validation.
# Form example:
<input name="myparam" value="<%= vvalue 'myparam' %>">
# Return next code if user just open form without submit and validation:
# <input name="myparam" value="">
# Then user submit form and you validate id. For example user submit "abc":
# <input name="myparam" value="abc">
verrors
Return erorrs count in scalar context. In list context return erorrs hash.
# List context get hash
my %errors = $self->verrors;
# Scalar context get count
die 'Errors!' if $self->verrors;
vtype $name, %opts
Set new type $name if defined %opts. Else return type $name definition.
# Get type
$self->vtype('mytype');
# Set type
# pre - get int
# valid - check for not empty
# post - force number
$self->vtype('mytype',
pre => sub {
my ($self, $param) = @_;
return int $param // '';
},
valid => sub {
my ($self, $param) = @_;
return length $param ? 0 : 'Invalid'
},
post => sub {
my ($self, $param) = @_;
return 0 + $param;
}
);
vfilter $name, &sub
Set new filter $name if defined %opts. Else return filter $name definition.
# Get filter
$self->vfilter('myfilter');
# Set filter
$self->vfilter('myfilter', sub {
my ($self, $param, $expression) = @_;
return $param eq $expression ? 0 : 'Invalid';
});
Filter sub must return 0 if parameter value is valid. Or error string if not.
SIMPLE SYNTAX
You can use the simplified syntax instead of specifying the type, simply by using an expression instead.
- REGEXP
-
Apply as "regexp" filter. No type verification, just match.
$self->vparam(myparam => qr{^(abc|cde)$});
- CODE $mojo, $value
-
Apply as "post" function. You need manual verify and set error.
$self->vparam(myparam => sub { $_[1] && $_[1] eq 'good' ? 1 : 0 });
- ARRAY
-
Apply as "in" filter. No type verification, just match.
$self->vparam(myparam => [qw(abc cde)]);
CONFIGURATION
- class
-
CSS class for invalid parameters. Default: field-with-error.
- types
-
You can simple add you own types. Just set this parameters as HashRef with new types definition.
- filters
-
You can simple add you own filters. Just set this parameters as HashRef with new filters definition.
- vsort_page
-
Parameter name for current page number in vsort. Default: page.
- vsort_rws
-
Parameter name for current page rows count in vsort. Default: rws.
- rows
-
Default rows count for vsort_rws. Default: 25.
- vsort_oby
-
Parameter name for current order by vsort. Default: oby.
- vsort_ods
-
Parameter name for current order destination vsort. Default: ods.
- ods
-
Default order destination for vsort_rws. Default: ASC.
- phone_country
-
Phone country. Default: empty.
- phone_region
-
Phone region. Default: empty.
- date
-
Date format for strftime. Default: %F. if no format specified, return DateTime object.
- time
-
Time format for strftime. Default: %T. if no format specified, return DateTime object.
- datetime
-
Datetime format for strftime. Default: '%F %T %z'. if no format specified, return DateTime object.
- optional
-
By default all parameters are required. You can change this by set this parameter as true.
- address_secret
-
Secret for address:points signing. Format: "ADDRESS:LATITUDE,LONGITUDE[MD5]". MD5 ensures that the coordinates belong to address.
- password_min
-
Minimum password length. Default: 8.
- mojo_validator
-
Enable Mojolicious::Validator::Validation integration.
TYPES
List of supported types:
- int
-
Signed integer. Use "min" filter for unsigned.
- numeric or number
-
Signed number. Use "min" filter for unsigned.
- money
-
Get money. Use "min" filter for unsigned.
- percent
-
Unsigned number: 0 <= percent <= 100.
- str
-
Trimmed text. Must be non empty if required.
- text
-
Any text. No errors.
- password
-
String with minimum length from password_min. Must content characters and digits.
- uuid
-
Standart 32 length UUID. Return in lower case.
- date
-
Get date. Parsed from many formats. See date configuration parameter for result format. See DateTime::Format::DateParse and even more.
- time
-
Get time. Parsed from many formats. See time configuration parameter for result format. See DateTime::Format::DateParse and even more.
- datetime
-
Get full date and time. Parsed from many formats. See datetime configuration parameter for result format.
Input formats:
Timestamp.
Relative from now in format
[+-] DD HH:MM:SS
. First sign required.Minutes by default. Example:
+15
or-6
.Minutes and seconds. Example:
+15:44
.Hours. Example:
+3:15:44
.Days. Example:
+8 3:15:44
.
Values are given in arbitrary range. For example you can add 400 minutes and 300 seconds:
+400:300
.All that can be obtained DateTime::Format::DateParse.
Russian date format like
DD.MM.YYYY
- bool
-
Boolean value. Can be used to get value from checkbox or another sources.
HTML forms do not send checbox if it checked off. You need always set default value to supress error if checkbox not checked:
$self->vparam(mybox => 'bool', default => 0);
Valid values are:
TRUE can be 1, yes, true, ok
FALSE can be 0, no, false, fail
Other values get error.
-
Email adress.
- url
-
Get url as Mojo::Url object.
- phone
-
Phone in international format. Support wait, pause and additional.
You can set default country phone_country and region phone_country codes. Then you users can input shortest number. But this is not work if you site has i18n.
- json
-
JSON incapsulated as form parameter.
- address
-
Location address. Two forms are parsed: string and json. Can verify adress sign to trust source.
- lon
-
Longitude.
- lat
-
Latilude.
- inn
-
RU: Taxpayer Identification Number
- kpp
-
RU: Code of reason for registration
ATTRIBUTES
You can set a simple mode as in example or full mode. Full mode keys:
- default
-
Default value. Default: undef.
# Supress myparam to be undefined and error $self->vparam(myparam => 'str', default => '');
- pre $mojo, &sub
-
Incoming filter sub. Used for primary filtration: string length and trim, etc. Result will be used as new param value.
Usually, if you need this attribute, you need to create a new type.
- valid $mojo, &sub
-
Validation sub. Return 0 if valid, else string of error.
Usually, if you need this attribute, you need to create a new type.
- post $mojo, &sub
-
Out filter sub. Used to modify value for use in you program. Usually used to bless in some object. Result will be used as new param value.
- type
-
Parameter type. If set then some filters will be apply. See "TYPES".
$self->vparam(myparam => 'datetime');
After the application of the type used filters.
- array
-
Force value will array. Default: false.
You can force values will arrays by @ prefix or array[...].
# Arrays $param1 = $self->vparam(array1 => '@int'); $param2 = $self->vparam(array2 => 'array[int]'); $param3 = $self->vparam(array3 => 'int', array => 1); # The array will come if more than one value incoming # Example: http://mysite.us?array4=123&array4=456... $param4 = $self->vparam(array4 => 'int');
- optional
-
By default all parameters are required. You can change this for parameter by set optional. Then true and value is not passed validation don`t set verrors.
# Simple vparam # myparam is undef but no error. $param6 = $self->vparam(myparam => 'int', optional => 1); # Set one in vparams %params = $self->vparams( myparam => { type => 'int', optional => 1 }, ); # Set all in vparams %params = $self->vparams( -optional => 1, param1 => 'int', param2 => 'str', );
- skip
-
So as not to smear the validation code you can use the skip parameter to skip on the condition. This attribute is useful for controlling access to the form fields.
# This example don`t get param1 in production mode. # HTML % unless( $self->app->mode eq 'production' ) { %= number_field 'param1' % } # Simple flag $param1 = $self->vparam( param1 => 'int', skip => $self->app->mode eq 'production', ); # Same as by use sub. $param1 = $self->vparam( param1 => 'int', skip => sub { $_[0]->app->mode eq 'production' }, );
If you use sub then first parameter is controller.
- skipundef
-
By default all parameters are in output hash. You can skip parameter in result if it`s undefined by set skipundef.
# Simple vparam # myparam is undef. $param6 = $self->vparam(myparam => 'int', optional => 1, skipundef => 1); # Simple flag # The %params hash is empty if myparam value is not integer. %params = $self->vparams( myparam => { type => 'int', optional => 1, skipundef => 1 }, ); # Set all in vparams $ The %params hash is empty if all parameters are not valid. %params = $self->vparams( -skipundef => 1, param1 => 'int', param2 => 'str', );
Arrays always return as arrayref. But undefined values will be skipped.
- jpath
-
If you POST data not form but raw JSON you can user JSON Pointer selectors to get and validate parameters.
# POST data contains: # {"point":{"address":"some", "lon": 45.123456, "lat": 38.23452}} %opts = $self->vparams( address => { type => 'str', jpath => '/point/address' }, lon => { type => 'lon', jpath => '/point/lon' }, lat => { type => 'lat', jpath => '/point/lat' }, );
- cpath
-
Same as jpath but parse XML/HTML sing CSS selectors.
# POST data contains: # <Point> # <Address>some</Address> # <Lon>45.123456</Lon> # <Lat>38.23452</Lat> # </Point> %opts = $self->vparams( address => { type => 'str', jpath => 'Point > Address' }, lon => { type => 'lon', jpath => 'Point > Lon' }, lat => { type => 'lat', jpath => 'Point > Lat' }, );
RESERVED ATTRIBUTES
- -sort
-
List of column names for vsort. Usually not all columns visible for users and you need convert column numbers in names. This also protect you SQL queries from set too much or too low column number.
- -optional
-
Set default optional flag for all params in "vparams" and "vsort".
FILTERS
Filters are used in conjunction with types for additional verification.
- min
-
Check minimum parameter value.
# Error if myparam less than 10 $self->vparam(myparam => 'int', min => 10);
- max
-
Check maximum parameter value.
# Error if myparam greater than 100 $self->vparam(myparam => 'int', max => 100);
- range
-
Check parameter value to be in range.
# Error if myparam less than 10 or greater than 100 $self->vparam(myparam => 'int', range => [10, 100]);
- regexp
-
Check parameter to be match for regexp
# Error if myparam not equal "abc" or "cde" $self->vparam(myparam => 'str', regexp => qr{^(abc|cde)$});
- in
-
Check parameter value to be in list of defined values.
# Error if myparam not equal "abc" or "cde" $self->vparam(myparam => 'str', in => [qw(abc cde)]);
- size
-
Check maximum length in utf8.
# Error if value is an empty string $self->vparam(myparam => 'str', size => [1, 100]);
RESTRICTIONS
Version 1.0 invert valid behavior: now checker return 0 if no error or description string if has.
New errors keys: orig => in, pre => out
SEE ALSO
Mojolicious::Validator::Validation, Mojolicious::Plugin::Human.
AUTHORS
Dmitry E. Oboukhov <unera@debian.org>, Roman V. Nikolaev <rshadow@rambler.ru>
COPYRIGHT
Copyright (C) 2011 Dmitry E. Oboukhov <unera@debian.org> Copyright (C) 2011 Roman V. Nikolaev <rshadow@rambler.ru>
This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself, either Perl version 5.8.8 or, at your option, any later version of Perl 5 you may have available.