Timeline for OOP PHP form builder with validation
Current License: CC BY-SA 4.0
6 events
| when toggle format | what | by | license | comment | |
|---|---|---|---|---|---|
| Jun 17, 2022 at 9:33 | vote | accept | PRobert | ||
| Jun 14, 2022 at 15:46 | comment | added | KIKO Software |
@PRobert Yes, you could do str_replace('"', '"', $value), or, more generally, use htmlspecialchars(). Be aware that in some very rare cases, changing the value this way, can have unwanted consequences. Overall it's much better to safeguard the HTML than to worry about the value.
|
|
| Jun 14, 2022 at 15:18 | comment | added | PRobert | First of all, thank you for your review, much appreciated! I do understand that is bad design choice, and separating validation from the form builder will make it more usable. 1. I was so eager to post and get some code review that i fogot to recheck. 2. Noted. 3. How could i mitigate that? Maybe implementing something with str_replace() ? 4. Noted. | |
| Jun 14, 2022 at 14:10 | comment | added | KIKO Software | @SᴀᴍOnᴇᴌᴀ You're right. I thought one method returned HTML, but it doesn't. Anyway, the general statement that it "is almost standard practice to never echo HTML inside a class" holds true. The reason for this is that it allows you to either process the HTML further, or to echo it, whereas, when you echo it inside the method, you don't have that choice. | |
| Jun 14, 2022 at 13:34 | comment | added | Sᴀᴍ Onᴇᴌᴀ♦ |
"Some of your methods return HTML, others echo HTML" which ones return HTML? It appears Input::attributesToString() returns a string which is used by the subclasses and other methods in that parent class return $this to support chaining.
|
|
| Jun 14, 2022 at 9:43 | history | answered | KIKO Software | CC BY-SA 4.0 |