A Practical Tutorial Of Zend Framework(四)

Zend_InputFilter

The last component this tutorial covers is

Zend_InputFilter

. This class provides a simple but rigid approach to input filtering. You instantiate it by passing an array of data to be filtered:

<?php

$filterPost = new Zend_InputFilter($_POST);

?>

This sets the array (

$_POST

) to

NULL

, so direct access is no longer possible.

Zend_InputFilter

instead provides a small, focused collection of methods that filter data according to specific criteria. For example, if you want the alphabetic characters of

$_POST['name'

], you can use the

getAlpha()

method:

<?php

/* $_POST['name'] = 'John123Doe'; */

$filterPost = new Zend_InputFilter($_POST);

/* $_POST = NULL; */

$alphaName = $filterPost->getAlpha('name');

/* $alphaName = 'JohnDoe'; */

?>

The argument you pass each filtering method is the key that corresponds to the array element to be filtered. The object (

$filterPost

in this example) is a protected cage that contains the tainted data, making access to that data more controlled and consistent. Therefore, you should always use

Zend_InputFilter

when you need to access input.

Note:

Zend_Filter

provides static filtering methods that follow the same conventions as the

Zend_InputFilter

methods.

Building a News Management System

Although the preview release contains many more components (and even more are being developed), the components already discussed provide all you need to build a simple application. In the process, you should gain a clearer understanding of the framework's basic structure and design. Everyone develops applications a bit differently, and the Zend Framework tries to embrace diversity as much as possible. Similarly, this tutorial is subject to my preferences, so please adjust these to suite your own tastes. When I begin developing an application, I start with the interface. This doesn't mean I spend hours with markup, stylesheets, and images, but I do approach the problem from the perspective of a user. As such, I see an application as a collection of pages, where each page is a unique URL. This news management system consists of the following URLs:

/
/add/news
/add/comment
/admin
/admin/approve
/view/{id}

You want to immediately begin thinking of these URLs in terms of controllers. The

IndexController

lists the news, the

AddController

handles adding news and comments, the

AdminController

handles administrative actions such as approving news, and the

ViewController

handles viewing a specific news entry and its corresponding comments. Begin by removing

FooController.php

if it still exists, and modify

IndexController.php

to add the appropriate actions and some comments as placeholders for the business logic:

<?php

Zend::loadClass('Zend_Controller_Action');

class IndexController extends Zend_Controller_Action
{
public function indexAction()
{
/* List the news. */
}

public function noRouteAction()
{
$this->_redirect('/');
}
}

?>

Next, create

AddController.php

:

<?php

Zend::loadClass('Zend_Controller_Action');

class AddController extends Zend_Controller_Action
{
function indexAction()
{
$this->_redirect('/');
}

function commentAction()
{
/* Add a comment. */
}

function newsAction()
{
/* Add news. */
}

function __call($action, $arguments)
{
$this->_redirect('/');
}
}

?>

Note that the

indexAction()

method of

AddController

should never be called. This only happens when the requested path is

/add

. Because a user might explore the URLs manually, this is likely, so you can redirect the user to the front page, display an error, or take whatever action you feel is appropriate. Next, create

AdminController.php

:

<?php

Zend::loadClass('Zend_Controller_Action');

class AdminController extends Zend_Controller_Action
{
function indexAction()
{
/* Display admin interface. */
}

function approveAction()
{
/* Approve news. */
}

function __call($action, $arguments)
{
$this->_redirect('/');
}
}

?>

Finally, create

ViewController.php

:

<?php

Zend::loadClass('Zend_Controller_Action');

class ViewController extends Zend_Controller_Action
{
function indexAction()
{
$this->_redirect('/');
}

function __call($id, $arguments)
{
/* Display news and comments for $id. */
}
}

?>

As with

AddController

, the

index()

method should never be called, so you can take whatever action you feel is appropriate.

ViewController

is a bit different than the others, because you don't know what the valid actions are. In order to support URLs like

/view/23

, you must support dynamic actions with

__call()

.