SitePoint Sponsor

User Tag List

Results 1 to 2 of 2
  1. #1
    SitePoint Member
    Join Date
    Dec 2005
    Posts
    12
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Filtering data in class file or in external page?

    Do you feel it is better to handle data filtering and error reporting within the class file and object (user), or in page that makes the function request (index.php)?

    My current set up is as followed (simplified and commented)
    PHP Code:
    if(User::create($_REQUEST)) {
    //show success message
    }
    else {
    //redisplay form and print error messages

    Data filtering is handled by the class, that is it checks the parameters, validates email and passwords, and escapes strings. If an error occurs, it will return false. My problem is that if an error does occur, I do not know exactly what happened, and I can't report back to the user aside from a general "an error occurred while creating a new user", which is lame.

    If I approach data filtering from the page (index.php), then I am able to print out accurate error messages to the user. However, the code isn't reusable any where else on my site; that is, I'd have to copy and paste if I wanted to use the create user function somewhere else on the site.

  2. #2
    SitePoint Addict chestertondevelopment's Avatar
    Join Date
    Dec 2005
    Location
    Essex, UK
    Posts
    241
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I would suggest this logic should be in your model, the problem here is that you're using static methods. Why not do something like the following instead?
    PHP Code:
    $user = new User;
    if (
    $user->create($_REQUEST)) {
        
    // success
    } else {
        
    // failure
        
    $errors $user->getErrorMessages();

    Also, it's best to only pass the data to User::create that you need, not the whole request variable. So something like the following would be better.
    PHP Code:
    $array = array(
        
    'name' => $_POST['name'],
        
    'username' => $_POST['username'],
        .....
    );
    $user = new User;
    if (
    $user->create($array)) {
         ...... 
    You should nearly always use $_GET or $_POST instead of $_REQUEST.


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •