How to use form validation in the model (MVC)?

Asked

Viewed 188 times

0

I need to use MVC on the system and I want to know if the validations there in the.php register with $_SESSION['token'] should be in Usermodel. Who can help... I don’t know much

php.

<?php
    $sessao = 'cadastro';
    session_name($sessao);
    session_start();
    // Segurança contra CSRF (formularios de login,etc)
    $_SESSION['token'] = (!isset($_SESSION['token'])) ? hash('sha512', rand(100, 1000)) : $_SESSION['token'];
?>
<!DOCTYPE html>
<html lang="br">
<head>
<title>Cadastro</title>
<meta charset="utf-8">
<meta name="robots" content="noindex, nofollow">
<meta name="robots" content="nofollow">
<meta name="googlebot" content="noindex">
<meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no">
<meta name="apple-mobile-web-app-capable" content="yes">
<link href="www/cliente/css/bootstrap.min.css" rel="stylesheet" type="text/css" />
<link href="www/cliente/css/bootstrap-responsive.min.css" rel="stylesheet" type="text/css" />
<link href="https://fonts.googleapis.com/css?family=Open+Sans:400italic,600italic,400,600" rel="stylesheet">
<link href="www/style.css" rel="stylesheet" type="text/css">
<link href="www/cliente/css/pages/signin.css" rel="stylesheet" type="text/css">
<script src="www/js/jquery.js"></script>
<link href="www/cliente/css/jquery-confirm.css" rel="stylesheet" type="text/css" />
<script type="text/javascript" src="www/js/jquery-confirm.js"></script>
<script type="text/javascript">
function verificaNumero(e){
    if (e.which != 8 && e.which != 0 && (e.which < 48 || e.which > 57)){
        return false;
    }
}
$(document).ready(function() {
    $("#cpf").keypress(verificaNumero);
});
function FormataCpf(evt){
    vr = (navigator.appName == 'Netscape') ?evt.target.value : evt.srcElement.value;
        if(vr.length == 3) vr = vr+".";
        if(vr.length == 7) vr = vr+".";
        if(vr.length == 11) vr = vr+"-";
    return vr;
}
</script>
<style>
h2 {
    font-family:"Helvetica Neue", Helvetica, Arial, sans-serif;
}
</style>
</head>
<body id="cadastroClientes">
<div class="main-inner">
<div class="container">
<?php
// USAR VALIDAÇÕES NO UserModel
if(isset($_POST['cadastro']) && $_POST['cadastro'] != $_SESSION['token']){
    echo "<script type='text/javascript'>
          $.alert({
          theme: 'black',
          title: 'Detectado uso de token inválido, a página será atualizada!',
          content: '',
          icon: '',
          confirmButton: 'OK',
          confirmButtonClass: 'btn-primary',
          animation: 'scale',
          animationClose: 'top',
          opacity: 0.5,
          confirm: function () {
            location.href='index.php';
          }
          });
          </script>";
}
if(isset($_POST['cadastro']) && $_POST['cadastro'] == $_SESSION['token']){
    $nome = strip_tags(filter_input(INPUT_POST, 'nome'));
    $cpf = html_entity_decode(strip_tags(filter_input(INPUT_POST, 'cpf')), ENT_QUOTES);
    $cpf2 = preg_replace('/[^0-9]/', '', $cpf);
    $login = strip_tags(filter_input(INPUT_POST, 'login'));
    $senhaAtual = strip_tags(filter_input(INPUT_POST, 'senhaAtual'));
    $atual = sha1(md5($senhaAtual));

    $senha = strip_tags(filter_input(INPUT_POST, 'senha'));
    $pass = sha1(md5($senha));

    $conta_caracteres_nome = strlen($nome);
    $conta_caracteres_login = strlen($login);
    $conta_caracteres_senha = strlen($atual);

    $val->set($cpf2, 'CPF')->isCpf();

    $verificarUsuarioLogin = BD::conn()->prepare("SELECT id_cliente FROM `loja_clientes` WHERE login = ?");
    $verificarUsuarioLogin->execute(array($login));

    $verificarUsuarioCPF = BD::conn()->prepare("SELECT id_cliente FROM `loja_clientes` WHERE cpf = ?");
    $verificarUsuarioCPF->execute(array($cpf2));   

    if(!$val->validar()){
        $erros = $val->getErro();
        echo '<div class="erros">'.$erros[0].'</div>';
    }elseif(empty($_POST["nome"]) || empty($_POST["email"]) || empty($_POST["cpf"]) || empty($_POST["login"]) || empty($_POST["senhaAtual"])){
        echo "<script type='text/javascript'>
              $.alert({
              theme: 'black',
              title: 'Preencha todos os campos!',
              content: '',
              icon: '',
              confirmButton: 'OK',
              confirmButtonClass: 'btn-primary',
              animation: 'scale',
              animationClose: 'top',
              opacity: 0.5,
              });
              </script>";
    }elseif(empty($_POST["senha"])){
        echo "<script type='text/javascript'>
              $.alert({
              theme: 'black',
              title: 'Repita a senha!',
              content: '',
              icon: '',
              confirmButton: 'OK',
              confirmButtonClass: 'btn-primary',
              animation: 'scale',
              animationClose: 'top',
              opacity: 0.5,
              });
              </script>";
    }elseif(!is_numeric($cpf2)){
        echo "<script type='text/javascript'>
              $.alert({
              theme: 'black',
              title: 'O campo CPF deve conter apenas números!',
              content: '',
              icon: '',
              confirmButton: 'OK',
              confirmButtonClass: 'btn-primary',
              animation: 'scale',
              animationClose: 'top',
              opacity: 0.5,
              });
              </script>";
    }elseif($verificarUsuarioLogin->rowCount() > 0){
        echo "<script type='text/javascript'>
              $.alert({
              theme: 'black',
              title: 'Já existe um cliente com este nome de usuário!',
              content: '',
              icon: '',
              confirmButton: 'OK',
              confirmButtonClass: 'btn-primary',
              animation: 'scale',
              animationClose: 'top',
              opacity: 0.5,
              });
              </script>";
    }elseif($verificarUsuarioCPF->rowCount() > 0){
        echo "<script type='text/javascript'>
              $.alert({
              theme: 'black',
              title: 'Já existe um cliente com este CPF!',
              content: '',
              icon: '',
              confirmButton: 'OK',
              confirmButtonClass: 'btn-primary',
              animation: 'scale',
              animationClose: 'top',
              opacity: 0.5,
              });
              </script>";
    }elseif($conta_caracteres_nome < 10){
        echo "<script type='text/javascript'>
              $.alert({
              theme: 'black',
              title: 'Informe o seu nome completo!',
              content: '',
              icon: '',
              confirmButton: 'OK',
              confirmButtonClass: 'btn-primary',
              animation: 'scale',
              animationClose: 'top',
              opacity: 0.5,
              });
              </script>";
    }elseif($conta_caracteres_login < 5){
        echo "<script type='text/javascript'>
              $.alert({
              theme: 'black',
              title: 'O nome de usuário informado é muito curto!',
              content: '',
              icon: '',
              confirmButton: 'OK',
              confirmButtonClass: 'btn-primary',
              animation: 'scale',
              animationClose: 'top',
              opacity: 0.5,
              });
              </script>";
    }elseif($conta_caracteres_senha < 8){
        echo "<script type='text/javascript'>
              $.alert({
              theme: 'black',
              title: 'A senha deve conter no mínimo 8 caracteres. Utilize letras, números e símbolos!',
              content: '',
              icon: '',
              confirmButton: 'OK',
              confirmButtonClass: 'btn-primary',
              animation: 'scale',
              animationClose: 'top',
              opacity: 0.5,
              });
              </script>";
    }else{
        if($atual == $pass){
            $dados3 = array($nome, $cpf2, $login, $pass);
            if($site->cadastrarCliente($dados3)){
                $_SESSION['token'] = hash('sha512', rand(100, 1000));
                    echo "<script type='text/javascript'>
                          $.alert({
                          theme: 'black',
                          title: 'Cadastrado com sucesso!',
                          icon: '',
                          confirmButton: 'OK',
                          confirmButtonClass: 'btn-primary',
                          animation: 'scale',
                          animationClose: 'top',
                          opacity: 0.5,
                          confirm: function (){
                            location.href='index.php';
                          }
                          });
                          </script>";
                    die();
            }else{
                echo '<div class="alert alert-danger" style="padding:8px 14px 8px 14px; border-radius:0px;">
                      <strong><h3>Erro ao cadastrar!</h3></strong>
                      </div>';
            }
        }else{
            echo "<script type='text/javascript'>
                  $.alert({
                  theme: 'black',
                  title: 'Informe a mesma senha nos campos: Senha e Repita a senha!',
                  content: '',
                  icon: '',
                  confirmButton: 'OK',
                  confirmButtonClass: 'btn-primary',
                  animation: 'scale',
                  animationClose: 'top',
                  opacity: 0.5,
                  });
                  </script>";
        }  
    }
}

Usermodel.php

<?php
    namespace Application\Models;
    use Application\Models\Model;

    class UserModel extends Model
    {
        public static function cadastrar(array $dados)
        {
            $sql = "INSERT INTO `loja_clientes` (nome, cpf, email, login, senha) VALUES (:nome, :cpf, :email, :login, :senha)";
            $stmt = $pdo->prepare($sql);
            $stmt->bindParam(':nome', $nome);
            $stmt->bindParam(':cpf', $cpf);
            $stmt->bindParam(':login', $login);
            $stmt->bindParam(':senha', $senha);

            if ($stmt->execute())
            {
                return true;
            } else {
                echo "Erro ao cadastrar";
                return false;
            }
        }
    }

1 answer

2

From my point of view, you could take this part of the validation and create a Viewmodel, leaving it to you to take this responsibility and more what happens with this data before they are used.

Leave the Model only responsible for the domain.

View<->Viewmodel <-Controller-> Model(Domain).

I know you’re using PHP as a language, but study what the Eduardo Pires this explaining about the Viewmodel Standard, served to apply in any language, after all the important are the concepts.

Grateful.

Browser other questions tagged

You are not signed in. Login or sign up in order to post.