PHPackages                             vertilia/valid-array - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Search &amp; Filtering](/categories/search)
4. /
5. vertilia/valid-array

ActiveLibrary[Search &amp; Filtering](/categories/search)

vertilia/valid-array
====================

Object with automatic items validation based on standard filtering mechanism of php

v1.6.0(3y ago)01092BSD-2-ClausePHP &gt;=7.4

Since May 3Compare

[ Source](https://github.com/vertilia/valid-array)[ Packagist](https://packagist.org/packages/vertilia/valid-array)[ RSS](/packages/vertilia-valid-array/feed)WikiDiscussions Synced 2d ago

READMEChangelogDependencies (1)Versions (16)Used By (2)

valid-array
===========

[](#valid-array)

Data filtering mechanism based on native `php-filter` extension with additional capacities.

A `ValidArray` object receives on instantiation an associative array with elements names as keys and elements filters as values. These filters guarantee that when corresponding elements in this object are set, they will automatically get validated and their valid value will be stored. If an element does not pass validation, a default value may be used basing on filter parameters. Object may be used as a normal array to set elements and get elements values, validation is done on element modification.

`ValidArray` extends SPL `ArrayObject` and wraps the functionality of `php-filter` extension.

Introduction
------------

[](#introduction)

PHP native data validation mechanism using standard `php-filter` extension is a great way of working with data, to ensure user input correctness and to protect against several attack vectors. This extension is bundled with PHP and is available by default in most configurations, which makes it a natural choice for any project requiring data validation.

As a bundled extension, `php-filter` benefits from documentation coverage in [PHP manual](https://php.net/filter), performance gain of compiled-in module and quasi-absolute availability.

While being a de-facto standard for data validation in PHP, it still suffers from several questionable architectural decisions that were made at the early days and that may slow down the learning curve and development pace when implementing validation strategy in user land.

Some of these dubious decisions:

- 🤨 `default` value is implemented for limited number of filters, only to replace improperly formatted arguments that otherwise match defined filter flags, but not for cases when argument is not supplied or when flags mismatch is detected,
- 🤔 limited `FILTER_CALLBACK` functionality, when flags are ignored and validation callback cannot distinguish scalar data from array,
- 🧐 objects may be filtered, but only if they have a magic method `__toString()` defined (implement `Stringable` since v8.0), and only this value is kept as element value after validation.

Based on numerous strengths of `php-filter` extension, `ValidArray` class corrects (where possible) beforementioned flaws and implements `php-filter` functionality into a useful and predictable data structure with the following features:

- associative arrays with validation mechanism,
- validation is provided on array instantiation and item modification,
- filters are set at data object instantiation,
- useful for input / output parameters validation,
- minimal footprint,
- extending `ArrayObject` allows for natural array handling in user code,
- use of standard `php-filter` extension with enhanced handling of default values, callbacks and objects filtering.

Example
-------

[](#example)

Enough talks, let's see how it works.

We shall handle a login POST request with `email`, `password` and `uri` parameters that need validation.

The route `POST /api/login` will call `LoginController` and pass request parameters in an array which should have 3 fields: `email`, `password` and `uri`. All fields should have valid data, which is defined as follows:

- `email` is a string with valid email address or `false` if not valid,
- `password` is a string with hashed version of sent password (calculated during validation) or `false` if not valid; valid password is a string of at least 8 characters,
- `uri` is a string with a path for next page to redirect after login or `#member` by default.

We shall identify request parameters inside the corresponding controller, like in the following simplified code, where our goal will be to implement `withRequestVars()` method:

```
