arondeparon/laravel-request-sanitizer
| Install | |
|---|---|
composer require arondeparon/laravel-request-sanitizer |
Laravel Request Sanitizer
The arondeparon/laravel-request-sanitizer package provides a fluent interface to sanitize form requests before validating them.
Why should I use this package?
Often, validating your request is not enough. The request sanitizer allows you to easily
manipulate your form data before passing it to the validator. You can start using it in a matter
of minutes and it is fully compatible with Laravel's FormRequest object.
Table of Contents
- How to use
- Installing
- Usage
- Predefined Sanitizers
- Writing your own Sanitizer
- Testing
- Credits
- License
How to use
Syntax is similar to the way rules are added to a Form Request.
class StoreCustomerInformationRequest extends FormRequest
{
use SanitizesInputs;
protected $sanitizers = [
'lastname' => [
Capitalize::class,
],
'mobile_phone' => [
RemoveNonNumeric::class
],
];
}
Installing
composer require arondeparon/laravel-request-sanitizer
Usage
Basic Usage
- Add the
SanitizesInputstrait to your form request. - Write your own sanitizers or use one of the supplied sanitizers and add them to the
$sanitizersproperty of your form request. - Your request data will now be sanitized before being validated.
Using Wildcards
The sanitizer supports wildcard patterns in your form keys, allowing you to apply sanitizers to multiple fields that match a pattern. This is particularly useful when dealing with arrays or nested data structures.
class StoreUsersRequest extends FormRequest
{
use SanitizesInputs;
protected $sanitizers = [
// Apply to all email fields in the users array
'users.*.email' => [
Lowercase::class,
TrimDuplicateSpaces::class
],
// Apply to all name fields in the users array
'users.*.name' => [
Capitalize::class
],
// Multiple wildcards for deeply nested structures
'departments.*.employees.*.email' => [
Lowercase::class
]
];
}
Example input:
$request = [
'users' => [
['email' => 'JOHN@EXAMPLE.COM', 'name' => 'john doe'],
['email' => 'JANE@EXAMPLE.COM', 'name' => 'jane smith']
],
'departments' => [
'sales' => [
'employees' => [
['email' => 'SALES@EXAMPLE.COM'],
['email' => 'SUPPORT@EXAMPLE.COM']
]
]
]
];
After sanitization:
$sanitized = [
'users' => [
['email' => 'john@example.com', 'name' => 'John Doe'],
['email' => 'jane@example.com', 'name' => 'Jane Smith']
],
'departments' => [
'sales' => [
'employees' => [
['email' => 'sales@example.com'],
['email' => 'support@example.com']
]
]
]
];
The wildcard pattern (*) will match any single segment in the dot notation path. You can use multiple wildcards to match nested structures at any depth.
Predefined Sanitizers
Trim- simple PHPtrim()implementationTrimDuplicateSpacesreplaces duplicate spaces with a single space.RemoveNonNumeric- removes any non numeric characterCapitalize- capitalizes the first character of a stringUppercase- converts a string to uppercaseLowercase- converts a string to lowercaseFilterVars- simple PHPfilter_varsanitizerCarbonDate- cast a string to a Carbon object- Contributions are appreciated!
FilterVars usage
The FilterVars sanitizer acts as a wrapper of the default PHP filter_var function.
It accepts the same (optional) parameters as the original function.
Both parameters can be either an array or string type:
{
protected $sanitizers = [
'last_name' => [
FilterVars::class => [
'filter' => FILTER_SANITIZE_STRING,
'options' => FILTER_FLAG_STRIP_BACKTICK
]
]
];
}
For more information on filter_vars please refer to https://www.php.net/manual/en/function.filter-var.php.
Writing your own Sanitizer
Writing your own sanitizer can be done by implementing the Sanitizer interface, which requires only
one method.
interface Sanitizer
{
public function sanitize($input);
}
Testing
$ composer test
Credits
License
The MIT License (MIT). Please see License File for more information.