Jump to content

Search the Community

Showing results for tags 'sanitizing'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Welcome to ProcessWire
    • News & Announcements
    • Showcase
    • Wishlist & Roadmap
  • Community Support
    • Getting Started
    • Tutorials
    • FAQs
    • General Support
    • API & Templates
    • Modules/Plugins
    • Themes and Profiles
    • Multi-Language Support
    • Security
    • Jobs
  • Off Topic
    • Pub
    • Dev Talk

Product Groups

  • Form Builder
  • ProFields
  • ProCache
  • ProMailer
  • Login Register Pro
  • ProDrafts
  • ListerPro
  • ProDevTools
  • Likes
  • Custom Development

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Skype


Location


Interests

Found 1 result

  1. Hello processwire community, this is my very first post, I am newbie in php - trying to test a simple search form which allow frontend user to search and filter data. Macro steps are as follow: 1) Create the form with options as checkboxes, allowing the user to choose multiple values selection within multiple checkbox groups; 2) Create the pw process code in order to revert back the selected items (as a result of multiple checkbox filter combination), allowing pagination as some results may be more than 50 items; --- Here some of the most related topics I've found over PW forum: https://processwire.com/talk/topic/7282-paging-issue-with-html-form-check-boxes/ https://processwire.com/talk/topic/3472-enable-pagination-for-search-results/#comment-38214 https://processwire.com/talk/topic/1883-how-to-use-input-whitelist-with-checkboxes-or-any-array/ https://processwire.com/talk/topic/1547-getting-multiple-checkbox-values-within-processwire/ https://processwire.com/talk/topic/1034-search-form-with-multiple-fields/ https://processwire.com/talk/topic/10193-multiselect-search/ --- Now, the html form works just fine (code below), it brings all checked values to the url string. Essentially I have four different groups of checkboxes: cb_sectors[] (multiple pages as categories); cb_expertise[] (multiple pages as categories); cb_status[] (multiple pages as categories); cb_year[] (integer). The user may select multiple values within the above four checkbox groups, thus creating even quite complex combination. <form name='search' id='search-works' method='get' role='form' action='<?php echo $pages->get('/search/')->url; ?>'> <div class="collapsible-header">Sector</div> <?php foreach($pages->get("/sectors")->children as $sec) echo " <p class='checkbox'> <input type='checkbox' name='cb_sectors[]' value='{$sec->name}' id='{$sec->name}'/> <label for='{$sec->name}'>{$sec->title}</label> </p> " ?> <div class="collapsible-header">Status</div> <?php foreach($pages->get("/taxonomy/Status")->children as $st) echo " <p class='checkbox'> <input type='checkbox' name='cb_status[]' value='{$st->name}' id='{$st->name}' /> <label for='{$st->name}'>{$st->title}</label> </p> " ?> <div class="collapsible-header no-padding">Expertise</div> <?php foreach($pages->get("/expertise")->children as $cb_expertise) $checked = $cb_expertise->name == $input->whitelist->cb_expertise ? " selected='selected' " : ''; echo " <p class='checkbox'> <input type='checkbox' name='cb_expertise[]' value='{$cb_expertise->name}' id='{$cb_expertise->name}' $checked/> <label for='{$cb_expertise->name}'>{$cb_expertise->title}</label> </p> " ?> <div class="collapsible-header no-padding">Year</div> <?php // generate a range of years from '09 to '17, or maybe better doing it via pages as years? for($year = 2009; $year <= 2017; $year += 1){ echo " <p class='checkbox'> <input type='checkbox' name='cb_year[]' value='$year' id='$year' /> <label for='$year'>{$year}</label> </p> "; } ?> <input class="no-class" type="submit" id="search-submit" name="submit" value="Search"> </form> The question is then mostly focusing on the second step, the pw process code: As some previous posts on this topic say - I should (in sequence) sanitize, whitelist and validate the results before pass them to the final output (correct me if I'm wrong). The thing is that I cannot find a way to get all values in a array and sanitize/whitelist/validate them -> some post suggest to use arraytoCSV as a way to let PW remember the filtered items while moving through pagination. Is arraytoCSV the best way to sanitize and whitelist the user input combination? The following code simply get selected values coming from the above form. As you can see, no sanitize nor whitelist nor validation is in place, as without the array the sanitizing function gives back only the last selected value (not the full combination for every group of checkboxes). Can you please help me implementing an array within the following code and the way to sanitize - whitelist - validate "get" values? I know for most of you is just as simple as drinking coffe, but would be great if you could drive me in the right direction. Thank you in advance! <?php namespace ProcessWire; if(count($input->get)) { if($input->get->cb_expertise) { foreach ($input->get->cb_expertise as $expertise) { // here we are just ensuring submitted products are in fact valid echo $expertise; } } if($input->get->cb_sectors) { foreach($input->get->cb_sectors as $sector) { // here we are just ensuring submitted products are in fact valid echo $sector; } } if($input->get->cb_status) { foreach($input->get->cb_status as $status) { // here we are just ensuring submitted products are in fact valid echo $status; } } if($input->get->cb_year) { foreach($input->get->cb_year as $year) { // here we are just ensuring submitted products are in fact valid echo $year; } } } ?>
×
×
  • Create New...