Client and Server Side validation (passing data from server to client)

[NotionCommotion]

I wish to create validation rules once which are used both on the client and on the server.

 

For instance, I will start off with the following PHP object:

stdClass Object
(
    [rules] => stdClass Object
        (
            [email] => stdClass Object
                (
                    [required] => 1
                    [email] => 1
                    [remote] => stdClass Object
                        (
                            [url] => check-email.php
                            [type] => post
                            [data] => stdClass Object
                                (
                                    [username] => function() {return $( '#username' ).val();}
                                )
                        )
                )
        )

    [messages] => stdClass Object
        (
            [email] => stdClass Object
                (
                    [required] => an email is required
                )
        )
)

When the edit page is downloaded to the client, I will include this object in some format suitable to the client.

 

The client will then use the jQuery Validation plugin (http://jqueryvalidation.org/) along with the validation object, and client side validate the page.

 

When the form passes client side validation and is uploaded, PHP will use the same validation object to serverside validate the form (I have this part working as desired).

 

My question is how should I pass this data to the client?  Originally, I would just use PHP to write some JavaScript.

exit('var myObj='.json_encode($myObj));

Note that when I json_encode the object, the value of $myObj->rules->email->remote->data->username is a string with quotes around it, however, I can easily use PHP to strip these tags before sending it to the client.

 

As Jacques1 pointed out in http://forums.phpfreaks.com/topic/291241-how-best-to-send-php-data-to-a-javascript-client/, I should never ever use PHP to generate JavaScript, and should use AJAX to download the JSON directly.  I tried doing the later, but found that a callback function could not be included in the JSON.

 

 

Please advise on the best way to accomplish this.

 

Thank you

[NotionCommotion]

Hi again,

 

Anyone?

 

I am just trying to utilize server generated client script the "right" way.  Really the same question asked in http://forums.phpfreaks.com/topic/291241-how-best-to-send-php-data-to-a-javascript-client/, however, that post did not give any context, and thus the recommended solutions do not work as I indicate in this post (cannot include callbacks in JSON retrieved using Ajax).

 

Thanks

[Jacques1]

I find the whole approach rather weird.

 

Where does this strange PHP object come from? The jQuery validation plugin is written specifically for JavaScript. You cannot store the rules as JSON, because JSON is a general-purpose data format which isn't bound to one particular language. Sure, you could use hacks like embedding JavaScript code within strings (which you appearently do). But that's a very poor solution.

 

You'll need three rulesets:

• simple rules that can be shared between JavaScript and PHP (for example: whether a field is required, the minimum length, the maximum length)
• JavaScript-specific rules (callbacks, remote validators)
• PHP-specific rules (validation functions written in PHP)

The shared rules are language-independent, so you can store them as JSON, XML or whatever. The language-specific rules need to be added within the particular language. For example, in JavaScript you would load the shared rules with Ajax and then add the callbacks, remote validators etc.

[NotionCommotion]

I don't want three rule sets, I only want one.  I've had a difficult time keeping my client side and server side rules in sync, and wanted only to define them only once and have them apply to both.  Is this not a common need, or am I unique?

 

I therefore created a PHP class which accepts a valid JSON file which describes rules, messages, and sanitizing requirements.  It has one public method which will create the object required for the jQuery validation plugin (rules and messages only), and a second public method which will server-side sanitize and validate the data, and provide any error messages if applicable.  It also has a bunch of private methods which mimic the jQuery validation plugins methods.

 

When the page is displayed, the controller will use the class to get the object required by the jQuery validation plugin, and send it to the client.

 

When the form is submitted, the controller will use the class to sanitize the data and validate it per the rules, and get any error messages.  It obviously deals which the rules with callbacks differently as needed.

 

It works as intended.

 

In regards to using "hacks like embedding JavaScript code within strings (which you appearently do). But that's a very poor solution.", okay I can accept that I should be doing something differently.

 

My dilemma is how should I do so?