Where do I manipulate and sanitize data from database in MVC PHP? -
let's have model user_model
get_all_users()
function:
class user_model { function get_all_users() { $query = $this->db->query("select * users"); return $query->result(); // returns array data } }
where in application sanitize data output? until have done in get_all_users()
looping through result , returning array holding santizied , manipulated data. problem comes here: let's have date field in database table want me formatted in different ways depending on page user on. or have data need run htmlspecialchars()
on.
the first idea comes mind sanitizing , formatting data in views, doesn't feel right. should have kinda of layer between view , model job? how work in case? or should taken care of way else?
i strongly disagree blaine.
the view right place it. , explicitly only place it.
only view knows data going. how transform data dependant on data going - , specifics of how different html (htmlspecialchars()), url string (urlencode()), javascript string (addslashes() or preferably json_encode()) , email (quoted_printable_encode())....
let's have date field...to me formatted in different ways
that's not issue of sanitization, it's issue of presentation - still lies in domain of view.
Comments
Post a Comment