PhoenixApiToolkit.Ecto.Validators.validate_ilike_safe
You're seeing just the function
validate_ilike_safe
, go back to PhoenixApiToolkit.Ecto.Validators module for more information.
Specs
validate_ilike_safe(Ecto.Changeset.t(), atom() | [atom()]) :: Ecto.Changeset.t()
Validates that field
is a suitable parameter for an (i)like query.
User input for (i)like queries should not contain metacharacters because this creates a denial-of-service attack vector: introducing a lot of metacharacters rapidly increases the performance costs of such queries. The metacharacters for (i)like queries are '_', '%' and the escape character of the database, which defaults to '\'.
Examples
For the implementation of changeset/1
, see Elixir.PhoenixApiToolkit.Ecto.Validators
.
iex> changeset(%{first_name: "Peter", last_name: "Pan"}) |> validate_ilike_safe([:first_name, :last_name])
#Ecto.Changeset<action: nil, changes: %{first_name: "Peter", last_name: "Pan"}, errors: [], data: %{}, valid?: true>
iex> changeset(%{first_name: "Peter%"}) |> validate_ilike_safe(:first_name)
#Ecto.Changeset<action: nil, changes: %{first_name: "Peter%"}, errors: [first_name: {"may not contain _ % or \\", [validation: :format]}], data: %{}, valid?: false>
iex> changeset(%{first_name: "Pet_er"}) |> validate_ilike_safe(:first_name)
#Ecto.Changeset<action: nil, changes: %{first_name: "Pet_er"}, errors: [first_name: {"may not contain _ % or \\", [validation: :format]}], data: %{}, valid?: false>
iex> changeset(%{first_name: "Pet\\er"}) |> validate_ilike_safe(:first_name)
#Ecto.Changeset<action: nil, changes: %{first_name: "Pet\\er"}, errors: [first_name: {"may not contain _ % or \\", [validation: :format]}], data: %{}, valid?: false>