So much confusion... There are 3 (or more) types of validation in pretty much every web-app, so let's please stop calling it simply "validation".
1. frontend validation (unsafe/unreliable), prevents invalid data submission, makes things friendlier for the user 2. form validation, in the application layer (your mvc framework or your entry point php script): returns error messages to the client (in HTML or json or whatever you prefer). It is still not the source of truth 3. domain validation, in the core of your domain logic, throws exceptions and generally stops execution whenever invalid data is provided: no nice error messages required, except for logging/debugging purposes Other than that, the process of validation is a simple function, and not a magic box: validate :: value -> (bool, [string]) It receives a value (nested, if necessary) and tells us if it is valid or not, plus why (as a set of strings, usually). This is validation. Please do use separate terminology if you mean: * "frontend (client-side) validation" * "frontend (server-side) validation" * "domain validation" Even more specific if you are going with something different, please. On 13 Aug 2016 11:01, "Tony Marston" <tonymars...@hotmail.com> wrote: > "Niklas Keller" wrote in message news:CANUQDCjaXeJsCAjyE+q-UhXC > fjexwrywlkzmfwrqvdaewvb...@mail.gmail.com... > >> >> 2016-08-11 14:42 GMT+02:00 Lester Caine <les...@lsces.co.uk>: >> >> On 11/08/16 04:56, Michal Brzuchalski wrote: >>> > You want to stick such validation at runtime at any time with variable >>> and >>> > throwing \TypeError at any time constraint is broken - wouldn't it > >>> cause >>> of >>> > throwing much more unexpected exceptions during runtime? >>> > Imagine you'll be passing such variable with constraint into some > >>> object >>> > who operates on it and it should expect \TypeError at any time because >>> you >>> > newer know what sort of constraint and optional validation callback is >>> > sticked to variable! >>> >>> Now this is where the fundamental difference in styles comes in. >>> PERSONALLY I would not be looking to throw exceptions at all. The whole >>> point of validation is to handle any validation error ... and it is an >>> error not an exception. >>> >>> >> If not by using exceptions, how would you handle them if you assign such >> checks to variables and assign a wrong value? >> >> Regards, Niklas >> >> > I agree 100% with Lester. Data validation errors are NOT exceptions, they > are simple errors. Exceptions are supposed to be for exceptional or > unexpected events, usually pointing to a bug in the code which needs > fixing, whereas data validation errors are totally expected and regular > occurrences. > > I solved the data validation problem over a decade ago by writing a simple > validation function that has two input variables - an associative array of > field names and their values (such as the $_POST array), and a multi-level > array of field specifications which has a separate array of specifications > (type, size, etc) for each field in that table. The output is an array of > errors which can contain zero or more entries. I DO NOT use exceptions > because (a) they are errors and not exceptions, and (b) if I throw an > exception on the first error then further validation is stopped, and > everyone knows that there may be multiple errors in a single array of > values. > > If you are still writing code to perform such data validation then you are > behind the times. If you expect the language to perform the validation for > you then your expectations are unreasonable. > > -- > Tony Marston > > > > -- > PHP Internals - PHP Runtime Development Mailing List > To unsubscribe, visit: http://www.php.net/unsub.php > >
