Validating the action input — mostly request parameters — is a repetitive and tedious task. Symfony offers a built-in request validation system, using methods of the action class.
Let's start with an example. When a user makes a request for myAction
, symfony always looks for a method called validateMyAction()
first. If it is found, then symfony executes it. The return value of this validation method determines the next method to be executed: if it returns true
, then executeMyAction()
is executed; otherwise, handleErrorMyAction()
is executed. And, if in the latter case, handleErrorMyAction() doesn't exist, symfony looks for a generic handleError() method. If that doesn't exist either, it simply returns sfView::ERROR
to render the myActionError. php
template. Figure 6-2 depicts this process.
So the key to validation is to respect the naming conventions for the action methods:
validateActionName
is the validation method, returningtrue
orfalse
. It is the first method looked for when the actionActionName
is requested. If it doesn't exist, the action method is executed directly.handleErrorActionName
is the method called when the validation method fails. If it doesn't exist, theError
template is displayed.executeActionName
is the action method. It must exist for all actions.
Listing 6-29 shows an example of an action class with validation methods. Whether the validation passes or fails in this example, the myActionSuccess.php
template will be executed, but not with the same parameters.
Listing 6-29 - Sample Validation Methods
class mymoduleActions extends sfActions { public function validateMyAction() { return ($this->getRequestParameter('id') > 0); } public function handleErrorMyAction() { $this->message = "Invalid parameters"; return sfView::SUCCESS; } public function executeMyAction() { $this->message = "The parameters are correct"; } }
You can put any code you want in the validate()
methods. Just make sure they return either true
or false
. As it is a method of the sfActions
class, it has access to the sfRequest
and sfUser
objects as well, which can be really useful for input and context validation.
You could use this mechanism to implement form validation (that is, control the values entered by the user in a form before processing it), but this is the type of repetitive task for which symfony provides automated tools, as described in Chapter 10.