CodeIgniter v2.1.2
I have a very simple CodeIgniter shopping cart page setup as per the CodeIgniter documentation.
This Cart page shows however many products are in the shopping cart and the input elements for editing the quantity of each have name attributes assigned as follows: 1[qty], 2[qty], 3[qty], 4[qty], 5[qty], etc.
<input name="1[qty]" type="text" ...
<input name="2[qty]" type="text" ...
<input name="3[qty]" type="text" ...
<input name="4[qty]" type="text" ...
<input name="5[qty]" type="text" ...
....
This is the scheme as per the CodeIgniter documentation and it seems to work well because the POST array is automatically in the correct format for easily updating the cart.
$this->cart->update( $this->input->post() );
It seems that the cart->update() will ignore any invalid input. In other words, the cart only updates when the quantities are numeric values. However, I think I need to apply CodeIgniter form validation to the cart page. Maybe I don't need it and interested in your thoughts on this too.
In my Controller, where I would normally set the rules by field name using set_rules, I have no idea what goes in the field name parameter when I have an unknown number of fields.
The documentation says I can declare validation on arrays, but I cannot get the following code to work for me. I've tried [qty], [][qty] and a few others. By not working, I mean there are no validation errors on the quantity fields on the Cart page when they contain invalid data and it always passes validation and hits the update() function.
$this->load->library('form_validation');
$this->form_validation->set_rules('[][qty]', 'Quantity', 'numeric|strip_tags|xss_clean');
if ($this->form_validation->run() === TRUE) // passed validation -> submission
{
// update the cart
$this->cart->update( $this->input->post() );
....
}
else
{
// display validation errors
....
}
How can I apply validation to the cart page when the number of fields is dynamic and naming is as described above?
Do I even need validation of the quantity fields? The cart data is temporarily stored in the session, and when it's passed into the cart->update() function, invalid data seems to be stripped out automatically.
Since I could not figure out how to declare validation on an array, I used a for loop to declare the rule on every "QTY" field based on the number of unique line items in the cart as per the value of count($this->cart->contents()). (As opposed to $this->cart->total_items() which counts everything including multiples of a single line item.)
In the Controller...
$this->load->library('form_validation');
for ($i = 1; $i <= count($this->cart->contents()); $i++)
{
$this->form_validation->set_rules($i . '[qty]', 'Item #' . $i . ' quantity', 'numeric|strip_tags|xss_clean');
}
I still cannot confirm if form validation is needed in this case. Typically, server-side validation is required to protect the database from bad data or for security. In this case, the cart->update() function seems to reject invalid entries automatically.