Safe usage of validator in Yii_PHP tutorial

How to use safe in validator in Yii

When I started using yii, I didn’t quite understand the safe in the verification rules. I tested it today and I finally figured out the safe connotation. I always thought that safe means that the framework will filter the input content, such as SQL injection and other filters. In fact, it is not the case. The difference between safe or unsafe mainly lies in $model->attributes=$_POST['User']; This method of assignment is called Massive Assignment in Yii. When all attributes in the model are safe, all the values ​​of $_POST['User'] submitted by the form can be assigned to $model->attributes. Then save and enter the database. But once there is an attribute that is not set to safe, such as username, when the username is modified and submitted, you will find that the value of the username is not updated because username is unsafe, so the new username cannot be added to Massive Assignment. The value is assigned to the model.

The following is the master’s explanation:

Safe attributes refer to attributes entered by the user and need to be verified. If an attribute appears in a validation rule, and the applicable scenario of the validation rule is consistent with the current scenario of the model, then the attribute is safe and can accept batch assignment. In Yii 1.1, the safeAttributes() function has been cancelled. All properties are declared safe through validation rules.

For details, please refer to: http://www.yiiframework.com/wiki/161/understanding-safe-validation-rules/

Articles you may be interested in

• Understanding of Yiiapp() in Yii framework
• How to configure the default controller and action in yii framework
• A summary of how to use database transactions in Yii
• Module development analysis of Yii framework
• Yii rules common verification rules memo
• Methods to convert yii object results into arrays
• Yii database addition, modification, deletion related operations summary
• Yii Controller action parameter binding processing