Fri Apr 18, 2014, 12:14 am
Showing 1 to 5 of 5 entries.

The file is Chronoforms_V4_RC1.6\admin\form_actions\auto_serverside_validation\auto_serverside_validation.php and the same file in RC1.5 at least is wrong as well.

Just look at the signature of any of the validation functions, e.g.

Code: Select all
 function validate_digit($str, $form){
  return preg_match('/^[-+]?[0-9]+$/', $str);
 }

and how these functions are called:
Code: Select all
   $fields_string = trim($params->get($rule, ''));
...
    $fields = explode(",", $fields_string);
    foreach($fields as $field){
     $function = 'validate_'.$rule;
     $result = $this->$function(trim($field), $form);

Obviously these functions are passed two parameters, the name of the field and the form object, so all these validation functions are actually checking if the name of the field is valid...

I fixed the implementation as follows:

Code: Select all
Line 26:
$field = trim($field);
$good = $this->$function($field, $form, $form->data[$field]);

Function signatures:
function validate_aaaa($field, $form, $str)

Also the way validate_not_empty is programmed is quite strange. I've changed it to
 
 function validate_not_empty($field, $form, $str){
  return !empty($str);
 }

1
Mon Mar 21, 2011, 9:15 pm

Yes, the Auto Server-Side Validation is still no use.
Like in all previous versions of Chronoforms / Chronoengine,
they are still denying the importance of Server-Side Validation, which is unbelievable.
Sice many many ( many )peaple using that extensions have no clues of scription, they are really leaving those ppl alone with potentiol danger.
It's just like giving lil children grenades to play with, and then saying: well , it's ure fault if u cannot handle it right.

I really don't understand that attitude. As if it was that mich to do.

So also this time, we have no Serverside-Validation , ince the so called one, implemented script does not work in any ways. It obviously was NEVER EVER tested !

But actually the errors are quite quick to correct, since it's ALMOST working.
Basically and incidentially one lil mistake makes the code useless and blocking normal functionality, which is quite easy to correct.

OK, right ahead to the solutions:

they implemented the regex-tests like this ( example avalidation of alphanumeric ):

Code: Select all
 function validate_alphanumeric($str, $form){
  return preg_match('/^[a-z0-9 ._-]+$/i', $str);
 }

but they should actually look like that:

Code: Select all
 function validate_alphanumeric($str, $form){
  return preg_match('/^[a-z0-9 ._-]+$/i', $form->data[$str]);
 }

Easyest way to make all those validations to work:
Search-and-Replace all "$str)" with "$form->data[$str])".

Second issue is the validation of required and not-empty -fields.

I've changed my code FROM:

Code: Select all
 function validate_required($str, $form){
  if(!isset($form->data[$str])){
   return false;
  }else{
   return true;
  }
 }
 
 function validate_not_empty($str, $form){
  return preg_match('/[^.*]/', $str);
 }

TO:

Code: Select all
 function validate_required($str, $form){
  
  if(!isset($form->data[$str]) || empty($form->data[$str]) || trim($form->data[$str]) == '' ){
   return false;
  }else{
   return true;
  }
 }
 
 function validate_not_empty($str, $form){
  
  return (!isset($str) || empty($str) || trim($str) == '' ) ? false : true;
 }

u may have better solutions.

the Last thing i just happend to sumble upon is a problem with the logic with error-message-output:

A field might be validated by several rules sequentially, for example: first check if empty, then check if correct format.

But the logic over-rides the output of the previous test. This might leads to errormessages that might for a user seem sensless and confusing ( depending of course on what u've set ass error-messages in the backend ):

For instance: textfield , validation-rules: 1.not-empty, 2.required, 3.alphanumeric-chars-only
Case: user has left field empty, your errormessage for not-alpha "No special Characters here please!"

So in this case, the user didn't do imput, but the system tells him now " no special-chars here!", since it's the output for the last failing test for that field.

So as a solution for this, i've changed my code FROM ( line 26 ):

Code: Select all
     if(!$result){
      $this->events['fail'] = 1;
      $form->validation_errors[trim($field)] = $params->get($rule.'_error');
      //return false;
     }

TO:

Code: Select all
     if(!$result){
      $this->events['fail'] = 1;
      
      // set error message for field ( but only if not yet set 4 that field ) :
      if(
       !isset($form->validation_errors[trim($field)]) || 
       empty($form->validation_errors[trim($field)]) ||
       trim($form->validation_errors[trim($field)]) == '' ){
        
       $form->validation_errors[trim($field)] = $params->get($rule.'_error');
       //return false;
      }
     }

Hope that helps sum of you.
cheers :D

P.S.: I hardly ever re-ready my comments, although i almost know there's sum load of typos innit.
It's just: as long it's not in the code per se, i just don't care !! :S It should still very well be readable 4 ppl with normal IQ.

And thanx Dennis! (my swiss webdesign guru http://lab5.ch) 4 helping me out on this quite a bit.

6
Sat Jan 23, 2010, 1:10 am

Thanks guys, the bug is fixed in the coming release! :)

It supports now multiple errors though, so you will get a list of all errors below the field. (but this may be changed, I'm thinking about adding some setting to switch: show all errors OR only show the first one.

Regards,
Max


If your main question got answered then please select the answer using the GREEN button!

admin
Moderator
10214
Mon Aug 14, 2006, 1:29 am

Wed Mar 30, 2011, 1:59 pm

Hello to all,
I'm using version V4 RC 1.7 of Chronoforms but i'm not able to use the Auto Server Side Validation.
For example I fill the checkbox "REQUIRED" for a field I use in my form. After that i go in Edit in Advanced Wizard, I add AUTO SERVER SIDE VALIDATION in ON SUBMIT then I fill the field REQUIRED with the field that correspond in my data array to check the REQUIRED rule, but when i've done my settings and I try to view my form the page is empty.Why? I also add other fields like SAVE DB or CONFIGURE EMAIL, but no results...
I've also activated JS Validation with classic style and Italian Language...

It's better thaT I return to older version of Chronoforms in which validation seems to work properly?

10
Sat Mar 6, 2010, 7:07 pm

Hi Markeston,

To be able to see your form, you need a "Show HTML" action inside the "OnLoad" event, there is a post here with tutorials about how to set up a basic form in the advanced mode.

Regards,
Max


If your main question got answered then please select the answer using the GREEN button!

admin
Moderator
10214
Mon Aug 14, 2006, 1:29 am
Showing 1 to 5 of 5 entries.

Powered by ChronoForums - ChronoEngine.com

ChronoForms Book

The ChronoForms Book, written for ChronoForms v3 contains 350 pages of invaluable ChronoForms How-tos hints and tips.

Note: many of the ideas can be used in ChronoForms v4 but the admin interface is very different and code examples may need to be modified.

SSL

Members Login

 

2CheckOut.com Inc. (Ohio, USA) is an authorized retailer for
goods and services provided by ChronoEngine.com