We have moved our forum to GitHub Discussions. For questions about Phalcon v3/v4/v5 you can visit here and for Phalcon v6 here.
  1. Home
  2. Beginners

Controller Prevalidation & Token checking

Hello!

I have started using Phalcon since CodeIgniter's developers don't want to tell us what is gonna happen with their framework. So I came across with form validation which is something that's the easiest thing in previously mentioned framework. The problem which I encountred is prevalidation - I need to validate password length before I save it into database. I could do that with validation function in specific model but I already encrypt the password in controller. I also found out the filter, but that's not something which would be useful in my case.

The second thing is token checking. I added this code to view:

{{ hidden_field('id': 'register', 'name': security.getTokenKey(), 'value': security.getToken()) }}

{{ submit_button('Register') }}

And that's how I'm checking token in controller:

if ($this->request->isPost() && $this->security->checkToken()) {

...

}

Is that way right?

Thank you for help!

1


58.4k
Accepted
answer


2.8k

Nice one! I have already seen that, but I wasn't sure that this is really neccessary and now I'm completely excited that this way is easier as ever before (on CI).

What about CSRF - it's already included into form itself, but do I need any other code to confirm right CSRF token or this is already done in form?

Thank you again!



58.4k


2.8k

Just one more question... It is possible to remove value of password if some other field in form is not correctly entered?