sfPropelValidatePlugin plugin

The sfPropelValidatePlugin is a symfony plugin that gives Propel objects access to symfony's native validation system. This plugin was formerly sfPropelValidateBehaviorPlugin.

Features

• Move your validation logic from the controller to the model, where it belongs
• Better security, better encapsulation
• Uses symfony's native validation system, with same features and same interface
• No longer requires using Propel behaviors.

Installation

• Install the plugin

      cd /path/to/your/symfony/project/plugins/
      tar -xzf /path/to/sfPropelValidateBehaviorPlugin-0.1.0.tgz

• Edit propel.ini to use sfValidateObjBuilder as the object builder:

      propel.builder.object.class = ${propel.output.dir}.plugins.sfPropelValidatePlugin.lib.SfValidateObjBuilder

• Rebuild the model

      symfony propel-build-model

• Create the config/validate_model/ directory

      mkdir config/validate_model

• Create validation files for your classes, exactly like you would for an action

      # config/validate_model/Article.yml
      # File name should match the Propel class name, only lowercase

      methods:
        post: [title]

      fillin:
        enabled: true

      validators:
        myValidator:
          class: sfRegexValidator
          param:
            pattern: /^[\w\s]*$/
            match_error: Invalid characters

      fields:
        title:
          required:
            msg:    Required
          myValidator:

Usage

The plugin changes the behavior of the Propel objects' save() method. Validation is performed at the beginning of the save() method, including a call the the object's own validate() method.

If validation succeeds, save() behaves in the normal way. If it fails,

• Nothing is submitted to the database
• $foobar->save() returns false
• The error variables are filled in, just like normal validation

$foobar->validate() will run the same validators, but does not save the object even if the validation is successful.

In addtion to safeguarding our database against invalid data, model validation can also do double duty and serve as form validation. Rather than repeating the data requirements for every form, we create a new model object and use it's validate() function to check the form data.

When you have form-specific requirements, such as the requirement for two password inputs to be identical, you need to use both symfony's form validation methods and the new model validation. Below is an exmple. We create a validateUpdate method in addition to the update.yml validation file (not shown). We call $article->validate() in validateUpdate to check for errors in the data, which automatically records error messages if any.

<?php
  class articleActions extends sfActions
  {
    public function executeUpdate()
    {
      // Set $article attributes

      if (!$article->save()) {
        $this->forward('article', 'edit'); // 'article' is the module and 'edit' is the action
      }
    }

    public function validateUpdate()
    {
      $article = new Article();
      
      // Set $article members
      
      $article->validate(); // this function inserts messages in $sf_request->getErrors() for display in your form
    }
  }

Note: In the interests of the DRY principle, you should always use the model to validate your data when possible. Using the techniques above, it is always possible to avoid validating the same data twice.