Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
When baking models in CakePHP, should I add validation criteria only to the data which are user input? Or to everything? Or to some specific data? The database consists mostly of things which will be added by admins. There’s only 1 user-related table. I’m not sure about this. Thanks.
Validate everything!:
Validation to everything. There’s no reason not to add validation to everything. If an admin knows what they’re doing, and is inserting data per the requirements, they won’t see any of the validation errors anyway. But – if they have a moment of insanity, or just don’t know what’s allowed/not, then having the validation is a great fallback.
We’ve all done it (or… NOT done it):
It’s understandable for a small/simple project to not want to spend the time adding validation – we’ve probably all done it… but when asked “SHOULD you add validation to everything?”, I think the answer has to be “yes!”.
Validation – not just for user-generated content:
Validation is overall great – not just for user-entered data, but also for scraped, code-generated data, admin-entered data, and everything in between.
Can be slightly lax… if you must
If most of your data isn’t user-generated, you could always think about making the validation slightly more lax than it would be otherwise, but – having it is still better than not.