Filtering URL input in Zend Framework

Question

What is the best way to filter URL input (the $_GET container) in Zend Framework?

Here's my current implementation: I have a BookController with an indexAction that takes a page, order and dir parameter. First, I fetch these parameters and specify their default values with _getParam().

For each of those parameters I create a method in my Service layer that validates and filters the particular parameter. If the input is valid, the filtered value of it gets returned, otherwise it returns FALSE.

In the Controller:

class BookController extends Zend_Controller_Action
{
    public function indexAction()
    {
        // Fetch params and define default values
        $page   = $this->getParam('page', 1);
        $order  = $this->getParam('order', 'id');
        $dir    = $this->getParam('dir', 'asc');

        // Instantiate service layer and validate individual parameters
        $service = new Service_Book;
        $page   = $bookService->validatePageFromUrl($page);
        $order  = $bookService->validateOrderFromUrl($order);
        $dir    = $bookService->validateDirFromUrl($dir);

        if ($page && $order && $dir)
        {
            // We're okay
        }
        else
        {
            // Redirect
        }
    }
}

In the Service layer

class Service_Book
{
    public function validatePageFromUrl($page)
    {
        $filters = array(
            'page' => array(
                'HtmlEntities',
                'StripTags',
                'StringTrim'
                )
            );

        $validators = array(
            'page' => array(
                'int'
                )
            );

        $data['page'] = $page;

        $input = new Zend_Filter_Input($filters, $validators, $data);

        if ($input->isValid())
        {
            return $input->page;
        }
        else
        {
            return FALSE;
        }
    }

    public function validateOrderFromUrl($order)
    {
        $filters = array(
            'order' => array(
                'HtmlEntities',
                'StripTags',
                'StringTrim'
                )
            );

        $validators = array(
            'order' => array(
                array('InArray', 'haystack'  => $this->getColumnNames())
            )
        );

        $data['order'] = $order;

        $input = new Zend_Filter_Input($filters, $validators, $data);

        if ($input->isValid())
        {
            return $input->order;
        }
        else
        {
            return FALSE;
        }
    }

    public function validateDirFromUrl($dir)
    {
        $filters = array(
            'dir' => array(
                'HtmlEntities',
                'StripTags',
                'StringTrim'
                )
            );

        $validators = array(
            'dir' => array(
                array('InArray', 'haystack'  => array('asc', 'desc'))
            )
        );

        $data['dir'] = $dir;

        $input = new Zend_Filter_Input($filters, $validators, $data);

        if ($input->isValid())
        {
            return $input->dir;
        }
        else
        {
            return FALSE;
        }
    }
}

Answer 1

I think that page is always int value. So you can use Zend_Filter_Int. For order I want to use InArray too. Your code is little hard.