unsafe attribute

Hello.

In my application.log I get warning: Failed to set unsafe attribute "vch_nav".

What can cause this warning?

Thanks.

You could have submitted a form with an input field for an attribute that is not defined as safe in the current scenario.

Make sure you do set as ‘safe’ the properties (attributes) in your model’s rules function.

Failing to do that, when you set an attribute and try to save it causes that error

Thank you guys.

Is there any code to show how the issue solved?

I wrote below code but still get warning message on user_city, user_state, when I save the data:




public function rules()

	{

		// NOTE: you should only define rules for those attributes that

		// will receive user inputs.

		return array(

			array('filename, user_email, user_firstname, user_lastname, user_employee_id, user_manager, user_signum, user_costcenter, user_region, user_position, emp_category', 'required'),


...

			// The following rule is used by search() and save().

			// Please remove those attributes that should not be searched.

			array('created, filename, user_email, user_firstname, user_lastname, user_nickname, user_employee_id, user_manager, user_signum, user_costcenter, user_phone_primary, user_phone_secondary, user_region, emp_category, user_city, user_state, user_zip, user_country', 'safe', 'on'=>'search|save'),

		);

	}




'on'=>'search|save'

by default there are scenarios: insert, update and search. there is no ‘save’ scenario if you did not specified it literally for object instance:




$model->setScenario('save');

$model->attributes = $_POST['Model']; //this must be done AFTER setting scenario so massive assignment will get proper safe attributes

$model->save();



Very nice, thanks buddy.

the log is said

04:24:19.273058 warning application

Failed to set unsafe attribute "username" of "User".

in D:\xampp\htdocs\2013819\shop\protected\controllers\UserController.php

(59)

in D:\xampp\htdocs\2013819\shop\index.php (16)

04:24:19.273178 warning application

Failed to set unsafe attribute "password" of "User".

in D:\xampp\htdocs\2013819\shop\protected\controllers\UserController.php

(59)

in D:\xampp\htdocs\2013819\shop\index.php (16)

04:24:19.273281 warning application

Failed to set unsafe attribute "user_email" of "User".

in D:\xampp\htdocs\2013819\shop\protected\controllers\UserController.php

(59)

in D:\xampp\htdocs\2013819\shop\index.php (16)

04:24:19.273381 warning application

Failed to set unsafe attribute "user_qq" of "User".

in D:\xampp\htdocs\2013819\shop\protected\controllers\UserController.php

(59)

in D:\xampp\htdocs\2013819\shop\index.php (16)

04:24:19.273478 warning application

Failed to set unsafe attribute "user_tel" of "User".

in D:\xampp\htdocs\2013819\shop\protected\controllers\UserController.php

(59)

in D:\xampp\htdocs\2013819\shop\index.php (16)

04:24:19.273572 warning application

Failed to set unsafe attribute "user_sex" of "User".

in D:\xampp\htdocs\2013819\shop\protected\controllers\UserController.php

(59)

in D:\xampp\htdocs\2013819\shop\index.php (16)

04:24:19.273665 warning application

Failed to set unsafe attribute "user_xueli" of "User".

in D:\xampp\htdocs\2013819\shop\protected\controllers\UserController.php

(59)

in D:\xampp\htdocs\2013819\shop\index.php (16)

04:24:19.273761 warning application

Failed to set unsafe attribute "user_hobby" of "User".

in D:\xampp\htdocs\2013819\shop\protected\controllers\UserController.php

(59)

in D:\xampp\htdocs\2013819\shop\index.php (16)

04:24:19.273855 warning application

Failed to set unsafe attribute "user_introduce" of "User".

in D:\xampp\htdocs\2013819\shop\protected\controllers\UserController.php

(59)

in D:\xampp\htdocs\2013819\shop\index.php (16)

function actionRegister(){

    //实例化数据模型对象user


    $user_model = new User();


    /**


     * renderPartial不渲染布局


     * render会渲染布局 


     */


    //$this ->renderPartial('register');


    


    //性别信息


    $sex[1] = "男";


    $sex[2] = "女";


    $sex[3] = "保密";


    


    //定义学历


    $xueli[1] = "-请选择-";


    $xueli[2] = "小学";


    $xueli[3] = "初中";


    $xueli[4] = "高中";


    $xueli[5] = "大学";


    


    //定义爱好信息


    $hobby[1] = "篮球";


    $hobby[2] = "足球";


    $hobby[3] = "排球";


    $hobby[4] = "棒球";


    


    //如果用户有注册表单


    if(isset($_POST['User'])){


        //给模型收集表单信息


        //foreach($_POST['User'] as $_k => $_v){


        //    $user_model -> $_k = $_v;


        //}


        


        //上边的foreach,在yii框架里边有优化,使用模型属性attributes来进行优化


        //attributes 属性已经把foreach集成好了,我们可以直接使用


        $user_model -> attributes = $_POST['User'];


        


        //实现信息存储


        if($user_model -> save())


            $this ->redirect ('./index.php');  //重定向到首页


    }


    


    $this -> render('register',array('user_model'=>$user_model,'sex'=>$sex,'xueli'=>$xueli,'hobby'=>$hobby));


}

<?php

/**

  • 用户模型model

  • 13-5-15 下午9:01 //时间通过netbeans快捷键 ctrl+j

  • 两个基本方法:

  • model

  • tableName

*/

class User extends CActiveRecord{

//获得数据模型方法


public static function model(&#036;className = __CLASS__) {


    return parent::model(&#036;className);


}





//定义数据表名字


public function tableName(){


    return &quot;{{user}}&quot;;


}





//设置标签名字与数据库字段对应


public function attributeLabels() {


    return array(


        'username'=&gt;'用户名',


        'password'=&gt;'密  码',


        'user_sex'=&gt;'性  别',


        'user_qq'=&gt;'qq号码',


        'user_hobby'=&gt;'爱  好',


        'user_xueli'=&gt;'学  历',


        'user_introduce'=&gt;'简  介',


        'user_email'=&gt;'邮  箱',


        'user_tel'=&gt;'手机号码',


    );


}





/*


 * 实现用户注册表单验证


 * 在模型里边设置一个方法,定义具体表单域验证规则


 */


 /*


public function rules() {


    return array(


        array('username','required','message'=&gt;'用户名必填'),


        array('password','required','message'=&gt;'密码必填'),


    );


}*/

}

试着加入以下代码到function rules()




array('user_sex,user_qq,user_hobby,user_xueli,user_introduce,user_email,user_tel', 'safe',),



see topic

http://www.yiiframework.com/forum/index.php/topic/16619-safe-and-unsafe-validators-rules/page__p__208330__fromsearch__1#entry208330