Web lists-archives.com

A new data validation library




Hi all,

Existing validation libraries aren't suitable for OWASP TOP 10 A:10 compliance.
 i.e. Validate _all_ inputs including all headers and $_GET.

Validate for PHP is suitable for 
 - full input data validation
 - DbC data validation
 - business logic data validation


Basic Design
 - Framework - "Validate" is framework, not an out of box library by itself. Provides easy, yet flexible input data validations.
 - Secure - No insecure defaults. Everything has to be specified explicitly. i.e. White list.
 - Fast & Simple - Define data validation rules and use them. No code execution for building validation rules.
 - Easy to use - Simple PHP array rule specification. Plain PHP code for complex inputs.
 - Native type - Returns natively typed data by default. Eliminates type conversions and helps faster PHP code execution with type hints.

It is planned to write this in C for better performance.
Feedbacks are welcomed!

Regards,

--
Yasuo Ohgaki
yohgaki@xxxxxxxxxx