A Practical Tutorial Of Zend Framework(四)

Zend_InputFilter

The last component this tutorial covers is Zend_InputFilter. This class provides a simple but rigid approach to input filtering. You instantiate it by passing an array of data to be filtered:

<?php

$filterPost = new Zend_InputFilter($_POST);

?>

This sets the array ($_POST) to NULL, so direct access is no longer possible. Zend_InputFilter instead provides a small, focused collection of methods that filter data according to specific criteria. For example, if you want the alphabetic characters of $_POST['name'], you can use the getAlpha() method:

<?php

/* $_POST['name'] = 'John123Doe'; */

$filterPost = new Zend_InputFilter($_POST);

/* $_POST = NULL; */

$alphaName = $filterPost->getAlpha('name');

/* $alphaName = 'JohnDoe'; */

?>

The argument you pass each filtering method is the key that corresponds to the array element to be filtered. The object ($filterPost in this example) is a protected cage that contains the tainted data, making access to that data more controlled and consistent. Therefore, you should always use Zend_InputFilter when you need to access input.

Note: Zend_Filter provides static filtering methods that follow the same conventions as the Zend_InputFilter methods.

Building a News Management System

Although the preview release contains many more components (and even more are being developed), the components already discussed provide all you need to build a simple application. In the process, you should gain a clearer understanding of the framework's basic structure and design. Everyone develops applications a bit differently, and the Zend Framework tries to embrace diversity as much as possible. Similarly, this tutorial is subject to my preferences, so please adjust these to suite your own tastes. When I begin developing an application, I start with the interface. This doesn't mean I spend hours with markup, stylesheets, and images, but I do approach the problem from the perspective of a user. As such, I see an application as a collection of pages, where each page is a unique URL. This news management system consists of the following URLs:

/
/add/news
/add/comment
/admin
/admin/approve
/view/{id}

You want to immediately begin thinking of these URLs in terms of controllers. The IndexController lists the news, the AddController handles adding news and comments, the AdminController handles administrative actions such as approving news, and the ViewController handles viewing a specific news entry and its corresponding comments. Begin by removing FooController.php if it still exists, and modify IndexController.php to add the appropriate actions and some comments as placeholders for the business logic:

<?php

Zend::loadClass('Zend_Controller_Action');

class IndexController extends Zend_Controller_Action 
{
    public function indexAction()
    {
        /* List the news. */
    }

    public function noRouteAction()
    {
        $this->_redirect('/');
    }
}

?>

Next, create AddController.php:

<?php

Zend::loadClass('Zend_Controller_Action');

class AddController extends Zend_Controller_Action
{
    function indexAction()
    {
        $this->_redirect('/');
    }

    function commentAction()
    {
        /* Add a comment. */
    }

    function newsAction()
    {
        /* Add news. */
    }

    function __call($action, $arguments)
    {
        $this->_redirect('/');
    }
}

?>

Note that the indexAction() method of AddController should never be called. This only happens when the requested path is /add. Because a user might explore the URLs manually, this is likely, so you can redirect the user to the front page, display an error, or take whatever action you feel is appropriate. Next, create AdminController.php:

<?php

Zend::loadClass('Zend_Controller_Action');

class AdminController extends Zend_Controller_Action
{
    function indexAction()
    {
        /* Display admin interface. */
    }

    function approveAction()
    {
        /* Approve news. */
    }

    function __call($action, $arguments)
    {
        $this->_redirect('/');
    }
}

?>

Finally, create ViewController.php:

<?php

Zend::loadClass('Zend_Controller_Action');

class ViewController extends Zend_Controller_Action
{
    function indexAction()
    {
        $this->_redirect('/');
    }

    function __call($id, $arguments)
    {
        /* Display news and comments for $id. */
    }
}

?>

As with AddController, the index() method should never be called, so you can take whatever action you feel is appropriate. ViewController is a bit different than the others, because you don't know what the valid actions are. In order to support URLs like /view/23, you must support dynamic actions with __call().