The most common validations for uploaded data seem to be JPG and PNG—just enough to make sure that the image really is one of the two, and won't crash horribly in the main application when being parsed. Given that kvalid_string(3) only covers common types, how do we handle custom validation? Let's consider all three types, using the common libgd library to abstract image handling.
We could parse directly using libpng and so on, but for the sake of our example, this is a bit easier. Our mission is to make sure that a JPG or PNG file is readable. In our example, we'll create validation functions, register them with a named input field, then access the parsed data in our web application.
To do so, we override the validator as described in khttp_parse(3) (scan down to
It notes that the
KPAIR_DOUBLE are provided for
validators that set the
parsed field of
However, if our validator sets
KPAIR__MAX, we don't use the
parsed field at all.
The return code of the function will tell whether to bucket the pair in
fieldmap (success) or
The web application will then need to
know to use the
valsz if the validated pair
instead of the parsed fields.
To wit, we'll need to create the following functions, with the given header file:
Now we need to hook these into validations.
Let's assume that our HTML inputs are called
png, for simplicity.
Now, our application logic can simply check for the existence of KEY_JPEG or KEY_PNG in the
fieldmap table of
struct kreq, and be guaranteed that the results will be usable (at least by libgd).
valid interface can do all sorts of more complicated things—for example, we could have converted JPEGs,
TIFFs, and other formats all into PNG files during validation by reading into a
gdImagePtr, then writing the
gdImagePngPtr into the
These would then be written into the validated data, and all of our images would then be PNG.