A new data validation library
- Date: Thu, 27 Sep 2018 07:06:12 +0900
- From: Yasuo Ohgaki <yohgaki@xxxxxxxxxx>
- Subject: A new data validation library
Existing validation libraries aren't suitable for OWASP TOP 10 A:10 compliance.
i.e. Validate _all_ inputs including all headers and $_GET.
Validate for PHP is suitable for
- full input data validation
- DbC data validation
- business logic data validation
- Framework - "Validate" is framework, not an out of box library by itself. Provides easy, yet flexible input data validations.
- Secure - No insecure defaults. Everything has to be specified explicitly. i.e. White list.
- Fast & Simple - Define data validation rules and use them. No code execution for building validation rules.
- Easy to use - Simple PHP array rule specification. Plain PHP code for complex inputs.
- Native type - Returns natively typed data by default. Eliminates type conversions and helps faster PHP code execution with type hints.
It is planned to write this in C for better performance.
Feedbacks are welcomed!