I have a form in my ZF2 application with a select element. In ZF1, it would automatically add a validator to check that the user wasn't trying to post invalid values to it.
So just for kicks and giggles, I decided to see what would happen if I used Firebug to alter the value of one of the options and then submit it. Result: it passed with flying colours. Needless to say, this is not good.
Here's the relevant code for the select option:
$this->add(array (
'name' => 'role',
'type' => 'Select',
'attributes' => array (
'id' => 'role'
),
'options' => array (
'label' => 'Role:',
'value_options' => $roleOptions,
'column-size' => 'sm-6',
'label_attributes' => array('class' => 'col-sm-2'),
)
));
(Note: $roleOptions is passed as a parameter into the form)
Here's the relevant part of the validator code:
$inputFilter->add($factory->createInput(array (
'name' => 'role',
'filters' => array(),
'validators' => array(
$notEmpty
),
)));
(Obviously, $notEmpty is an instance of the NotEmpty validator)
What's going on here? Does ZF2 no longer add a validator to ensure that the value it receives is one that was originally part of the list of options? Do I have to manually add a validator to select options now?
EDIT: I checked the documentation, and it says that the select element automatically adds an in array validator. It should be working, but it's not. I even tried changing the value on the server side, with the same results--the validator is not picking up the invalid value.
And yes, I am checking if the form is valid.
EDIT #2: For clarity, here's the code for the form in its entirety
I overcame this issue by setting the value of the select options to numbers:
In the form constructor:
and then in my InputFilter I added the Between validator to my NotEmpty validator like so:
I also here its good practice to actually have an empty option because of the whole 0|NULL|'' issue:
There is also an InArray Validator which is just as useful for non consecutive units...like ids: